Open jessehu opened 11 months ago
Thanks @jessehu
It is an by designed behavior, as mentioned at https://goharbor.io/docs/2.8.0/working-with-projects/working-with-images/create-tag-immutability-rules/. Immutability rules use OR logic, so if you set multiple rules and a tag is matched by any of those rules, it is marked as immutable.
So how to archieve the goal for set all repos as immutable and excluding some repos ? This should be a common use case.
You can set specific rules to protect the repositories or tags that you want to safeguard.
By using the OR logic, you ensure that the immutable repositories remain unaffected by other rules. Like, if admin A wants to protect repo A, but admin B has excluded repo A without admin A's knowledge, employing the OR logic prevents any interference with repo A.
If you are reporting a problem, please make sure the following information are provided:
Expected behavior and actual behavior: It's not able to deny all tags as immutable with some exception tags.
Steps to reproduce the problem:
With the above rules, all tags are immutable, the 2nd excluding rule does not take effect.
Versions: Please specify the versions of following systems.
Additional context:
harbor.yml
and files in the same directory, including subdirectory./var/log/harbor/
.