feature: support global robot accounts & advanced permissions #27
Description
With harbor 2.2.0 global robot accounts with extended permissions can be created.
POST /robots
{
"secret": "string",
"disable": true,
"name": "string",
"level": "string",
"duration": 0,
"description": "string",
"permissions": [
{
"kind": "string",
"namespace": "string",
"access": [
{
"action": "string",
"resource": "string",
"effect": "string"
}
]
}
]
}A new feature would allow users to create new system-level robot accounts. The permissions must be configurable (either all or explicit)
Example for all:
{
"name": "my-name",
"duration": 30,
"description": null,
"disable": false,
"level": "system",
"permissions": [
{
"kind": "project",
"namespace": "*",
"access": [
{
"resource": "repository",
"action": "push"
},
{
"resource": "repository",
"action": "pull"
},
{
"resource": "artifact",
"action": "delete"
},
{
"resource": "helm-chart",
"action": "read"
},
{
"resource": "helm-chart-version",
"action": "create"
},
{
"resource": "helm-chart-version",
"action": "delete"
},
{
"resource": "tag",
"action": "create"
},
{
"resource": "tag",
"action": "delete"
},
{
"resource": "artifact-label",
"action": "create"
},
{
"resource": "scan",
"action": "create"
}
]
}
]
}