0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2024-12-16 21:56:37 -05:00
Commit graph

511 commits

Author SHA1 Message Date
Petu Eusebiu
ba41368469 Modified shared storage haproxy config to stick only writes, not reads
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-31 10:26:03 -07:00
Petu Eusebiu
03dd558ec6 sync: fix inconsistent test
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-31 09:19:07 -07:00
Ramkumar Chinchani
554e99a967 build: add -buildmode=pie to builds
This makes zot a dynamic binary, so the container base image has to be
changed accordingly

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-24 13:27:40 -07:00
Ramkumar Chinchani
b2a4388522 gc: add a unit test
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-24 12:02:52 -07:00
Petu Eusebiu
be910cf01c lint: Move out config reloader context from controller struct
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-24 10:50:01 -07:00
Petu Eusebiu
353b0c6034 Move api constants in separate 'constants' package to avoid circular imports
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-24 10:50:01 -07:00
Petu Eusebiu
f53dc9eb8d sync: Add a new flag to enforce syncing only signed images, closes #455
sync: When checking if a image is already synced also check for changes in upstream signatures.

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-24 10:50:01 -07:00
Andrei Aaron
dd6cedcf78
Refactor the push/pull tests to use the bats test framework (#467)
This is a follow up to #444.

Signed-off-by: Andrei Aaron <andaaron@cisco.com>
2022-03-23 00:13:10 +02:00
Ramkumar Chinchani
251857fb6e move module deps under project-zot repo
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-21 11:03:19 -07:00
laurentiuNiculae
0d148e1d6b new config option for sync-destination
Signed-off-by: laurentiuNiculae <themelopeus@gmail.com>
2022-03-21 08:12:34 -07:00
Petu Eusebiu
6d04ab3cdc sync: support reloading sync config when the config file changes
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-18 11:24:11 -07:00
Catalin-George Hofnar
7e8cc3c71c
Exported PATH for notation (#470)
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
2022-03-18 17:55:04 +02:00
Ramkumar Chinchani
cff3be638f ci/cd: scan released images with trivy scanner
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-17 19:13:49 -07:00
Ramkumar Chinchani
e767cb456c fix issue and PR templates
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-17 11:10:56 -07:00
Ramkumar Chinchani
10f0e6c307 fix dependabot alert
https://github.com/project-zot/zot/security/dependabot/10

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-15 16:55:32 -07:00
laurentiuNiculae
63d94d4ac5 Update dist-spec version automatically
Warning if config has wrong dist-spec version

Signed-off-by: laurentiuNiculae <themelopeus@gmail.com>
2022-03-14 10:24:03 -07:00
Petu Eusebiu
fa27e22404 Added clustering github workflow
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-09 10:54:17 -08:00
Shivam Mishra
b8010e1ee4 routes: changes required to do browser authentication
whenever we make a request that contains header apart from CORS allowed header, browser sends a preflight request
and in response accept *Access-Control-Allow-Headers*.

preflight request is in form of OPTIONS method, added new http handler func to set headers
and returns HTTP status ok in case of OPTIONS method.

in case of authorization, request contains authorization header
added authorization header in Access-Control-Allow-Headers list

added AllowOrigin field in HTTPConfig this field value is set to Access-Control-Allow-Origin header and will give zot adminstrator to limit incoming request.

Signed-off-by: Shivam Mishra <shimish2@cisco.com>
2022-03-08 17:42:54 -08:00
laurentiuNiculae
aee94218aa remove root access for skopeo in Makefile
Signed-off-by: laurentiuNiculae <themelopeus@gmail.com>
2022-03-08 10:39:22 -08:00
Eng Zer Jun
0d77b60de7 test: use T.TempDir to create temporary test directory
The directory created by `T.TempDir` is automatically removed when the
test and all its subtests complete.

Reference: https://pkg.go.dev/testing#T.TempDir
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-03-07 12:28:49 -08:00
Ramkumar Chinchani
4be2652085 conformance: fix cross-mount behavior when 'from' is missing
fixes issue #442

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-04 17:24:50 -08:00
Ramkumar Chinchani
95e4b2054b upgrade module deps
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-04 13:10:58 -08:00
Ramkumar Chinchani
3b9699c536 go.mod: cleanup deps so 'go mod tidy' works
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-04 13:10:58 -08:00
Ramkumar Chinchani
cf70a8d71e CVE-2022-23648: update dependencies in go.mod
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-03 09:55:48 -08:00
Petu Eusebiu
9cffbcaccb s3: bugfix, use sync.Map instead of map for storing multi part uploads references
add storage lock in GetIndexContent

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-03 09:12:07 -08:00
Ramkumar Chinchani
bf21435d42 remove linger go.sum entries to fix dependabot alert
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-02 13:28:37 -08:00
Ramkumar Chinchani
8db3e1b192 CVE-2022-23649: fix dependabot alert
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-02 12:01:14 -08:00
Ramkumar Chinchani
3ada6af0de tls: set min version to 1.2 and restrict cipher suites
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-02 10:03:50 -08:00
Petu Eusebiu
45968e0bb7 sync: fix inconsistent test, used inject error fw for hard to reach test cases
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-01 09:56:27 -08:00
Ramkumar Chinchani
408f043f1e codecov: upgrade from v1 to v2
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-25 09:23:57 -08:00
Ramkumar Chinchani
25bacd5aec ci/cd: add a workflow to detect/close stale PRs and issues
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-24 10:55:47 -08:00
Ramkumar Chinchani
b800c5f20a README: update README.md
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-17 13:07:32 -08:00
Ramkumar Chinchani
38a110314b gc: add a gcDelay param
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-14 14:03:22 -08:00
Petu Eusebiu
35eeedb22a sync: pull only missing images, not everything, closes #335
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-02-14 08:09:18 -08:00
Ramkumar Chinchani
bb53552048 bump github.com/docker/distribution from 2.7.1+incompatible to 2.8.0+incompatible
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-11 19:19:16 -08:00
Ramkumar Chinchani
c0c6b255e1 dependabot-alert: update 'github.com/open-policy-agent/opa'
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-11 19:19:16 -08:00
Ramkumar Chinchani
f66d496257 dependabot-alert: update 'github.com/open-policy-agent/opa'
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-11 15:49:54 -08:00
Ramkumar Chinchani
36ce0f8bb0 ci/cd: fix image upload pipeline
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-11 13:36:23 -08:00
Petu Eusebiu
0ec39c0313 sync: make RetryDelay and MaxRetries optional
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-02-11 09:11:11 -08:00
Shivam Mishra
37d150e32f search: graphql api to give detailed repo info
DetailedRepoInfo graphql api returns detailed repo info given repo name
repo contains its manifests info
Each manifest entry contains digest,signed, tag and layers info
Each layer info containes digest, size

Signed-off-by: Shivam Mishra <shimish2@cisco.com>
2022-02-10 16:34:13 -08:00
Ramkumar Chinchani
4ddfd059b6 ci/cd: count lines of code
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-09 17:00:52 -08:00
Ramkumar Chinchani
b2c8533719 test: fix ldap unit tests
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-09 14:48:34 -08:00
Alexei Dodon
47c9b6244e Added config enable=true/false for extensions with default value as enabled closes #258
Signed-off-by: Alexei Dodon <adodon@cisco.com>
2022-02-09 09:53:49 -08:00
Ramkumar Chinchani
730fe70f2f coverage: improve code coverage
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-09 07:42:15 -08:00
Ramkumar Chinchani
73027fbce5 ci/cd: fix build/test workflow
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-08 22:31:42 -08:00
Ramkumar Chinchani
40d6174c1e ci/cd: restore part of github workflow for PRs
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-08 12:03:07 -08:00
Ramkumar Chinchani
298b966eab build: parameterize arch builds
Build zot artifacts for multiple os and arch.
[linux, amd64] - common case
[linux, arm64] - raspberry pi
[darwin, amd64] - Intel-based macs
[darwin, arm64] - Arm-based macs

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-08 08:26:58 -08:00
Ramkumar Chinchani
d2aa016cdb storage: flush/sync contents to disk on file close
Behavior controlled by configuration (default=off)
It is a trade-off between performance and consistency.

References:
[1] https://github.com/golang/go/issues/20599

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-07 12:08:01 -08:00
Ramkumar Chinchani
c73e71b018 ci/cd: add a basic push-pull testing using client tools
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-07 10:03:24 -08:00
Petu Eusebiu
f89925fb27 sync: periodically retry if on-demand fails inline, closes #281
sync: don't return error on sync signatures, just skip them, closes #375
sync: sync signatures on demand
sync on demand: in case of parallel requests pull image just once, closes #344

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-02-07 09:04:13 -08:00