0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2024-12-16 21:56:37 -05:00
Commit graph

189 commits

Author SHA1 Message Date
Petu Eusebiu
03dd558ec6 sync: fix inconsistent test
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-31 09:19:07 -07:00
Ramkumar Chinchani
b2a4388522 gc: add a unit test
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-24 12:02:52 -07:00
Petu Eusebiu
be910cf01c lint: Move out config reloader context from controller struct
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-24 10:50:01 -07:00
Petu Eusebiu
353b0c6034 Move api constants in separate 'constants' package to avoid circular imports
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-24 10:50:01 -07:00
Petu Eusebiu
f53dc9eb8d sync: Add a new flag to enforce syncing only signed images, closes #455
sync: When checking if a image is already synced also check for changes in upstream signatures.

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-24 10:50:01 -07:00
laurentiuNiculae
0d148e1d6b new config option for sync-destination
Signed-off-by: laurentiuNiculae <themelopeus@gmail.com>
2022-03-21 08:12:34 -07:00
Petu Eusebiu
6d04ab3cdc sync: support reloading sync config when the config file changes
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-18 11:24:11 -07:00
laurentiuNiculae
63d94d4ac5 Update dist-spec version automatically
Warning if config has wrong dist-spec version

Signed-off-by: laurentiuNiculae <themelopeus@gmail.com>
2022-03-14 10:24:03 -07:00
Shivam Mishra
b8010e1ee4 routes: changes required to do browser authentication
whenever we make a request that contains header apart from CORS allowed header, browser sends a preflight request
and in response accept *Access-Control-Allow-Headers*.

preflight request is in form of OPTIONS method, added new http handler func to set headers
and returns HTTP status ok in case of OPTIONS method.

in case of authorization, request contains authorization header
added authorization header in Access-Control-Allow-Headers list

added AllowOrigin field in HTTPConfig this field value is set to Access-Control-Allow-Origin header and will give zot adminstrator to limit incoming request.

Signed-off-by: Shivam Mishra <shimish2@cisco.com>
2022-03-08 17:42:54 -08:00
Eng Zer Jun
0d77b60de7 test: use T.TempDir to create temporary test directory
The directory created by `T.TempDir` is automatically removed when the
test and all its subtests complete.

Reference: https://pkg.go.dev/testing#T.TempDir
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-03-07 12:28:49 -08:00
Ramkumar Chinchani
4be2652085 conformance: fix cross-mount behavior when 'from' is missing
fixes issue #442

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-04 17:24:50 -08:00
Ramkumar Chinchani
95e4b2054b upgrade module deps
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-04 13:10:58 -08:00
Petu Eusebiu
9cffbcaccb s3: bugfix, use sync.Map instead of map for storing multi part uploads references
add storage lock in GetIndexContent

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-03 09:12:07 -08:00
Ramkumar Chinchani
8db3e1b192 CVE-2022-23649: fix dependabot alert
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-02 12:01:14 -08:00
Ramkumar Chinchani
3ada6af0de tls: set min version to 1.2 and restrict cipher suites
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-02 10:03:50 -08:00
Petu Eusebiu
45968e0bb7 sync: fix inconsistent test, used inject error fw for hard to reach test cases
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-01 09:56:27 -08:00
Ramkumar Chinchani
38a110314b gc: add a gcDelay param
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-14 14:03:22 -08:00
Petu Eusebiu
35eeedb22a sync: pull only missing images, not everything, closes #335
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-02-14 08:09:18 -08:00
Petu Eusebiu
0ec39c0313 sync: make RetryDelay and MaxRetries optional
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-02-11 09:11:11 -08:00
Shivam Mishra
37d150e32f search: graphql api to give detailed repo info
DetailedRepoInfo graphql api returns detailed repo info given repo name
repo contains its manifests info
Each manifest entry contains digest,signed, tag and layers info
Each layer info containes digest, size

Signed-off-by: Shivam Mishra <shimish2@cisco.com>
2022-02-10 16:34:13 -08:00
Ramkumar Chinchani
b2c8533719 test: fix ldap unit tests
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-09 14:48:34 -08:00
Alexei Dodon
47c9b6244e Added config enable=true/false for extensions with default value as enabled closes #258
Signed-off-by: Alexei Dodon <adodon@cisco.com>
2022-02-09 09:53:49 -08:00
Ramkumar Chinchani
730fe70f2f coverage: improve code coverage
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-09 07:42:15 -08:00
Ramkumar Chinchani
d2aa016cdb storage: flush/sync contents to disk on file close
Behavior controlled by configuration (default=off)
It is a trade-off between performance and consistency.

References:
[1] https://github.com/golang/go/issues/20599

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-07 12:08:01 -08:00
Ramkumar Chinchani
c73e71b018 ci/cd: add a basic push-pull testing using client tools
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-07 10:03:24 -08:00
Petu Eusebiu
f89925fb27 sync: periodically retry if on-demand fails inline, closes #281
sync: don't return error on sync signatures, just skip them, closes #375
sync: sync signatures on demand
sync on demand: in case of parallel requests pull image just once, closes #344

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-02-07 09:04:13 -08:00
Ramkumar Chinchani
87084f286b storage: improve/fix oci image validation
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-02 13:31:41 -08:00
Petu Eusebiu
a0e65379c8 sync: for a prefix, allow multiple registries as a list instead of only one, closes #343
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-02-01 09:45:09 -08:00
Ramkumar Chinchani
45fe129c63 notaryv2: fix 'notation list'
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-31 14:33:21 -08:00
Petu Eusebiu
b9250a783a Use InsecureSkipVerify only with https upstreams
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-01-29 20:00:27 -08:00
Ramkumar Chinchani
e0a1a82890 coverage: add failure injection framework
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-28 08:56:00 -08:00
Alexei Dodon
f47c8222c2 bug: Storage used per zot repo metric is broken
Signed-off-by: Alexei Dodon <adodon@cisco.com>
2022-01-26 18:43:14 -08:00
Petu Eusebiu
89b143805e Remove sync http handler, not needed anymore since added sync on demand
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-01-25 09:18:23 -08:00
Ramkumar Chinchani
4d576a4817 storage: return errors instead of panics
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-24 13:33:45 -08:00
Ramkumar Chinchani
1e5ea7e09c controller: support rate-limiting incoming requests
helps constraining resource usage and against flood attacks.

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-24 12:48:13 -08:00
Alexei Dodon
d259ba6e4f Fix scrub command crash
Signed-off-by: Alexei Dodon <adodon@cisco.com>
2022-01-22 15:54:13 -08:00
Alexei Dodon
c9a81baa10 Renamed zot-exporter to zxp and added its image to zot release
Signed-off-by: Alexei Dodon <adodon@cisco.com>
2022-01-19 10:31:37 -08:00
Petu Eusebiu
1109bb4dde sync: Added support for syncing notary/cosign signatures, closes #261
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-01-13 08:45:59 -08:00
Petu Eusebiu
e6d6d5a7de Fix cli version showing help message, closes #361
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-01-12 12:35:17 -08:00
Ramkumar Chinchani
4896adad1b build: split functionality into separate binaries
zot: registry server
zli: zot cli to interact with the zot registry
zui: zot ui (proposed)
zb: zot benchmark (proposed)

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-11 11:48:18 -08:00
Alexei Dodon
c4d34b7269 Added storage latency histogram metric
Signed-off-by: Alexei Dodon <adodon@cisco.com>
2022-01-10 11:55:39 -08:00
Petu Eusebiu
4f825a5e2f [Identity-based Authorization] Add an option to specify a global policy for all repositories
using regex.

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-01-07 10:55:20 -08:00
Ramkumar Chinchani
cac7fe4854 storage: use sha256-simd from minio
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2021-12-28 22:25:11 -08:00
Ramkumar Chinchani
8183e1467c lint: some more linter-related cleanup
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2021-12-23 22:01:40 -08:00
Ramkumar Chinchani
ac3801ea2d lint: upgrade golangci-lint
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2021-12-20 17:20:35 -08:00
Petu Eusebiu
5f04092e71 Fix negative WaitGroup counter at runtime
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2021-12-17 16:52:34 -08:00
Petu Eusebiu
c86f44cc53 Disable sync periodically polling when pollInterval is not configured
Filtering out sync on demand images based on content configuration

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2021-12-14 08:59:50 -08:00
Andreea-Lupu
c61c3836db implement scrub to check manifest/blob integrity
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
2021-12-09 11:18:09 -08:00
Petu Eusebiu
627cb97ef1 Add wait group for graceful shutdown, closes #302
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2021-12-08 10:04:52 -08:00
Ramkumar Chinchani
d4307d96ac build: fix build artifacts in binary
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2021-12-07 20:59:26 -08:00