Infrastructure/zot
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2024-12-30 22:34:13 -05:00
Code Issues Activity
862 commits 5 branches 109 tags 208 MiB
Commit graph

466 commits

Author SHA1 Message Date
LaurentiuNiculae
0a04b2a4ed
feat(cve): implemented trivy image scan for multiarch images (#1510) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-07-06 11:36:26 +03:00
LaurentiuNiculae
96d9d318df
feat(referrers): added index support for referrers queries (#1560) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-07-05 09:42:16 -07:00
alexstan12
62889c3cb1
refactor: split AuthZ mdw in 2 different parts, each for a specific purpose (#1542) 
- AuthzHandler has now been split in BaseAuthzHandler and DistSpecAuthzHandler
The former populates context with user specific data needed in most handlers, while
the latter executes access logic specific to distribution-spec handlers.

Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>
 2023-07-05 09:37:52 -07:00
Andrei Aaron
7fee57e7cc
fix(CVE): attempt to scan now returns early with an error if trivyDB metadata json is missing (#1548) 
Also modify zli to retry in case of such errors,
assuming the trivyDB will eventually be downloaded by the scheduled task.

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
 2023-07-05 09:08:16 -07:00
Lisca Ana-Roberta
d4f200c2e1
fix: changing default numWorkers, making it customizable and refactoring scheduler (#1563) 
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
 2023-07-04 11:03:29 +03:00
peusebiu
7881ce32b2
fix(extensions): setup UI extension as last one (#1572) 
because UI routes will setup a http.FileServer on '/'
any router setup after UI will be ignored at runtime
becuase gorrilla will route it to http.Fileserver instead.

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-07-03 17:13:15 +03:00
LaurentiuNiculae
809529be18
fix(cli): add help message for searching referrers under search command (#1551) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-06-23 17:44:30 +03:00
Ramkumar Chinchani
1300fdfa88
refactor: filenames should use _ not - (#1547) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2023-06-22 11:54:41 -07:00
peusebiu
d881f4e916
fix(sync): flaky test on fetching tags (#1546) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-06-22 10:43:47 -07:00
LaurentiuNiculae
620287c7a4
feat(cli): add referrers and search commands to cli (#1497) 
* feat(cli): add referrers command to cli

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>

* feat(cli): add global search command

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>

* feat(cli): fix comments

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>

---------

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-06-22 10:43:01 -07:00
alexstan12
ea7dbf9e5c
refactor: move helper functions under common, in usage specific named files (#1540) 
Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>
 2023-06-22 14:29:45 +03:00
peusebiu
377aff1853
fix(sync): fixed skipping docker images when they already synced (#1521) 
before syncing an image we first check if it's already present in our storage
to do that we get the manifest from remote and compare it with the local one
but in the case of syncing docker images, because the conversion to OCI format is done while
syncing, we get a docker manifest before conversion, so sync detects that local manifest and
remote one are different, so it starts syncing again.

to overcome this, convert remote docker manifests to OCI manifests and then compare.

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-06-21 11:05:52 -07:00
peusebiu
ea84752214
fix(test): fix flaky test (#1544) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-06-21 19:53:14 +03:00
peusebiu
d5487d53e3
fix(authz): assign identity to authz context in tls mutual authentication (#1541) 
this causes a bug in extensions by not having the identity for the
authenticated user and couldn't apply his permissions, just the default ones.

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-06-21 16:06:53 +03:00
Lisca Ana-Roberta
aab149610f
fix: removed quotation marks from enum in swagger docs (#1539) 
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
 2023-06-20 15:32:19 +03:00
Lisca Ana-Roberta
aa16c955b3
fix: added swagger doc generation for mgmt and userprefs (#1530) 
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
 2023-06-19 10:43:25 -07:00
peusebiu
fc6d6356fb
feat(sync): sync references(signatures/artifacts) recursively (#1500) 
sync now also pulls chained artifacts recursively
eg:
 image->sbom->sbom signature
 image->artifact->artifact

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-06-16 10:27:33 -07:00
Andrei Aaron
f9f9422d13
ci(disk usage): disk related fixes and improvements (#1524) 
ci(workflow): show disk usage and free up disk space used by unneeded tooling
ci(tests): routes tests: do not copy large images if they are not used later
ci(trivy): update a test: download trivy.db to a temporary folder

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
 2023-06-15 15:07:28 -07:00
Lisca Ana-Roberta
622dde9193
fix: referrers now appears in swagger generated docs (#1488) 
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
 2023-06-12 10:32:11 -07:00
Ramkumar Chinchani
4d6ca493f2
chore: fix dependabot alerts (#1501) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2023-06-09 10:27:42 -07:00
Andrei Aaron
96d00cd0ef
fix(cve): Fix CVE scanning in images containing Jar files (#1475) 2023-06-01 00:37:46 +03:00
peusebiu
612a12e5a8
refactor(sync): use task scheduler (#1301) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-05-31 10:26:23 -07:00
Ramkumar Chinchani
2202d6dfd4
fix: revert "org.opencontainers.referrers.filtersApplied" (#1478) 
As per latest dist-spec, this is now removed.

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2023-05-26 13:56:44 -07:00
LaurentiuNiculae
a3f355c278
refactor(storage): refactoring storage (#1459) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-26 11:08:19 -07:00
peusebiu
9acd19f7ea
fix(extensions): consolidate extensions headers returned to UI by extensions (#1473) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-05-25 11:44:54 -07:00
Lisca Ana-Roberta
6a7035c599
fix: removed duplicate structures from service.go and moved them to pkg/common (#1436) 
Signed-off-by: Ana-Roberta Lisca <ana.kagome@yahoo.com>
 2023-05-25 11:27:49 -07:00
peusebiu
4970f8814d
fix(test): fix storage flaky tests (#1474) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-05-25 11:24:56 -07:00
LaurentiuNiculae
2b8479f7f2
feat(userprefs): update documentation and list extensions endpoint (#1456) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-25 14:46:52 +03:00
Andreea Lupu
970997f3a8
feat(graphql & repodb): add info about signature validity (#1344) 
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
 2023-05-24 09:46:16 -07:00
LaurentiuNiculae
6e6ffe800c
chore(go.mod): upgrade to notation-go v1.0.0-rc.5 and image-spec v1.1.0-rc3 (#1468) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-23 15:16:33 +00:00
Ramkumar Chinchani
83ae1aad70
chore(go.mod): fix dependabot alerts (#1466) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2023-05-23 10:14:43 +03:00
LaurentiuNiculae
c0170b0811
feat(routes): move the cors handler from /v2 to only where it's needed (#1457) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-19 21:22:51 -07:00
peusebiu
1b184ceef8
fix(zb): fixed remote repositories cleanup (#1461) 
fix(storage/local): also put deduped blobs in cache, not just origin blobs

this caused an error when trying to delete deduped blobs
from multiple repositories

fix(storage/s3): check blob is present in cache before deleting

this is an edge case where dedupe is false but cacheDriver is not nil
(because in s3 we open the cache.db if storage find it in rootDir)
it caused an error when trying to delete blobs uploaded with dedupe false

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-05-19 09:51:15 -07:00
Ramkumar Chinchani
2be5459c8e
chore: fix dependabot alerts (#1458) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2023-05-17 00:37:34 -07:00
LaurentiuNiculae
f4501e6b6b
feat(search): add artifact type to manifest summary gql structure (#1448) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-15 10:44:49 -07:00
LaurentiuNiculae
912854f29b
fix(sync): fix digest set into repodb (#1446) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-15 10:43:41 -07:00
LaurentiuNiculae
7bf40e7308
fix(sync): fixed way of updating repodb when syncing a signature (#1439) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-15 12:02:23 +03:00
Lisca Ana-Roberta
e262fbea64
feat: verifying and enabling necessary extensions for ui (#1369) 
Signed-off-by: Ana-Roberta Lisca <ana.kagome@yahoo.com>
 2023-05-12 09:43:14 -07:00
LaurentiuNiculae
7d7bc9d5e4
feat(api): added oci-subject header when pushing an image with subject field (#1415) 
- as requested by the latest version of the oci distribution spec

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-12 09:32:01 -07:00
Ramkumar Chinchani
9534e0b88b
chore: fix dependabot alerts (#1409) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2023-05-11 16:39:21 -07:00
LaurentiuNiculae
b7ef88c96d
fix(search): added the missing headers for search route (#1438) 
- added allow methods and allowed headers

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-11 16:05:14 +03:00
LaurentiuNiculae
ea79be64da
refactor(artifact): remove oci artifact support (#1359) 
* refactor(artifact): remove oci artifact support
- add header to referrers call to indicated applied artifact type filters

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>

* feat(gc): simplify gc logic to increase coverage

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>

---------

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-10 10:15:33 -07:00
LaurentiuNiculae
3be690c2ac
feat(userpreferences): update allowed methods header for user preferences routes (#1430) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-10 10:09:53 -07:00
peusebiu
d62dbcdf63
fix(sync): fix syncing signatures when using destination in sync's config (#1429) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-05-08 10:16:20 -07:00
LaurentiuNiculae
449f0d0ac3
fix(repoinfo): fix userprefs values for repos returned by expanded repo info (#1413) 
- now isBookmarked and isStarred are updated correctly

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-04 09:51:21 -07:00
peusebiu
e299ae199a
fix(sync): skip non distributable layers (#1421) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-05-04 09:38:33 -07:00
Ramkumar Chinchani
86ecbd3926
fix: non-distributable layers may not exist (#1404) 
Currently, when pushing an image, validation is performed to check that
a layer/blob in the manifest already exists. For non-distributable
layers, that check needs to be skipped.

Fixes issue #1394

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2023-05-01 12:49:41 -07:00
Ramkumar Chinchani
42df4c505a
chore: fix dependabot alerts (#1403) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2023-05-01 12:49:10 -07:00
Ramkumar Chinchani
3dd228e3e3
fix(serve): gracefully exit with error instead of panic (#1396) 2023-05-01 08:26:23 +03:00
Nicol
c169698c95
feat: remove usage of zerolog.Logger.Msgf() from zot code (#1382) 
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
 2023-04-27 19:44:22 -07:00