Open okin opened 3 years ago
/health
doesn't need auth. You can check other if other API works.
confirm with @wy65701436 , robot account doesn't support call /statistics
now
So far, by design, robot account cannot support get statistics as it's not a kind of resource in Harbor. The access mode of robot is resource based.
@bitsf thanks for the hints about unnecessary authentication. I will update the swagger config so others are made aware of it.
@wy65701436 I see. My search for resources did not yield anything for statistics so I assumed that having access to all ressources might allow this. It would be great to have the possibility tho.
Yes i have tried the same. I tried to use an robot account (or something like a read-only user) to receive information for monitoring system (and a bit of statistics). With admin credentials everything works fine, but when i use robot account some information are missing.
It would be helpful when there is an option to create an read only admin account or set up a system wirde robot account with some read-only monitoring privileges.
Here my usage:
/api/v2.0/health (ok)
/api/v2.0/systeminfo (ok)
/api/v2.0/systeminfo/volumes (works only with admin credentials)
/api/v2.0/statistics (works also only with admin credentials and partly with robot account)
Statistics told me with Robot Account 3 public projects but 0 total projects. The "all projects setting" allow robot account to see all private projects, but will not be shown in statistics.
Harbor Version v.2.4.0 Robot Account generated in system, with all projects and for test purposes all privileges.
This issue is being marked stale due to a period of inactivity. If this issue is still relevant, please comment or remove the stale label. Otherwise, this issue will close in 30 days.
As a system admin I want to use robot accounts to access the harbor API in order to retrieve data for our monitoring systems.
While I am able to create a system level robot account with permissions to all ressources it can not access the
/statistics
API endpoint. When I try to access the route I am getting anunauthorized
error.Other endpoints, for example
/health
, are working with the same set of credentials. I am able to access the mentioned routes when using my personal account. That account has administrator privileges.JSON payload for my robot creation looks like this:
The harbor version in use is 2.3.0.