add validate webhhook address

[lengrongfu]

Thank you for contributing to Harbor!

Comprehensive Summary of your change

The currently created wehook does not verify whether the address is available, and the jobserver fails to execute after saving.

Issue being fixed

Fixes #(issue)

Please indicate you've done the following:

• Well Written Title and Summary of the PR
• Label the PR as needed. "release-note/ignore-for-release, release-note/new-feature, release-note/update, release-note/enhancement, release-note/community, release-note/breaking-change, release-note/docs, release-note/infra, release-note/deprecation"
• Accepted the DCO. Commits without the DCO will delay acceptance.
• Made sure tests are passing and test coverage is added if needed.
• Considered the docs impact and opened a new docs issue or PR with docs changes if needed in website repository.

[codecov]

Codecov Report

Merging #18996 (62767a4) into main (39ec1e4) will decrease coverage by 3.19%.
Report is 18 commits behind head on main.
The diff coverage is 76.92%.

@@            Coverage Diff             @@
##             main   #18996      +/-   ##
==========================================
- Coverage   70.58%   67.40%   -3.19%     
==========================================
  Files         748      992     +244     
  Lines       95349   108804   +13455     
  Branches        0     2751    +2751     
==========================================
+ Hits        67305    73334    +6029     
- Misses      24416    31534    +7118     
- Partials     3628     3936     +308     

Flag	Coverage Δ
unittests	67.40% <76.92%> (-3.19%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files Changed	Coverage Δ
src/server/v2.0/handler/webhook.go	47.86% <76.92%> (+1.04%)	⬆️

... and 258 files with indirect coverage changes

[chlins]

From security concern, I am not preferring to use net Dial for connection testing with the outside world. An attacker may use this scenario to perform insecure behaviors such as port scanning.

[lengrongfu]

use http.get to verify, what do you think?

[chlins]

use http.get to verify, what do you think?

The webhook endpoint usually serves with the POST method, so use the GET method to check as the health I don't think it's rigorous, for the webhook we don't have restricted methods like replication, and per the initial design, there's no Test Connection for this feature, I prefer to keep current design before we figure out the better solution.

[lengrongfu]

Because if the webhook address filled in is wrong, the jobserver will make a wrong call and need to retry many times.

[chlins]

Because if the webhook address filled in is wrong, the jobserver will make a wrong call and need to retry many times.

The retry mechanism is a common way to ensure the guarantee, it's not make sense to configure an unavailable endpoint and also the retry times can be customized by user.

harbor/make/harbor.yml.tmpl

Line 127 in 560e6cd

webhook_job_max_retry: 3

[github-actions]

This PR is being marked stale due to a period of inactivty. If this PR is still relevant, please comment or remove the stale label. Otherwise, this PR will close in 30 days.

[github-actions]

This PR was closed because it has been stalled for 30 days with no activity. If this PR is still relevant, please re-open a new PR against main.