0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2024-12-16 21:56:37 -05:00
Commit graph

101 commits

Author SHA1 Message Date
Peter Engelbert
268b4088fd Add support for bearer/token auth
New options added to configuration file to reference a public key used
to validate authorization tokens signed by an auth server with
corresponding private key.

Resolves #24

Signed-off-by: Peter Engelbert <pmengelbert@gmail.com>
2020-01-27 12:42:23 -06:00
Tycho Andersen
10d8a8650f
Merge pull request #62 from rchincha/compl
cli: deprecate "compliance" command
2020-01-16 17:46:47 -08:00
Ramkumar Chinchani
9000adba60 cli: deprecate "compliance" command
dist-spec community is now maintaining its own conformance suite hosted
at https://oci.bloodorange.io which over time will be more complete.

This makes zot's compliance cli superfluous. Hence, deprecating the cli.

However, we keep the unit tests itself though.
2020-01-16 15:05:55 -08:00
Tycho Andersen
d69be98a58
Merge pull request #61 from rchincha/compliance
compliance: be compliant with dist-spec compliance tests
2020-01-16 12:37:54 -08:00
Ramkumar Chinchani
964af6ba51 compliance: be compliant with dist-spec compliance tests
dist-spec compliance tests are now becoming a part of dist-spec repo
itself - we want to be compliant

pkg/api/regex.go:
	* revert uppercasing in repository names

pkg/api/routes.go:
	* ListTags() should support the URL params 'n' and 'last'
	  for pagination

	* s/uuid/session_id/g to use the dist-spec's naming

	* Fix off-by-one error in GetBlobUpload()'s http response "Range" header

	* DeleteManifest() success status code is 202

	* Fix PatchBlobUpload() to account for "streamed" use case
	  where neither "Content-Length" nor "Content-Range" headers are set

pkg/storage/storage.go:
	* Add a "streamed" version of PutBlobChunk() called PutBlobChunkStreamed()

pkg/compliance/v1_0_0/check.go:
	* fix unit tests to account for changed response status codes
2020-01-16 11:28:23 -08:00
Tycho Andersen
92d8f7c866
Merge pull request #59 from rchincha/ldap
authN: first try local htpasswd then LDAP
2020-01-15 09:57:46 -08:00
Ramkumar Chinchani
d64a3e33cc authN: first try local htpasswd then LDAP
We are noticing that LDAP connectivity issues and timeouts can affect
authN behavior from client side (which can timeout as well).

Instead, put local authN first so at least we have a reliable authN
method.

But, the caveat is that it is best if the local and LDAP user list
doesn't overlap.
2020-01-15 09:37:17 -08:00
Tycho Andersen
17ac1be723
Merge pull request #57 from rchincha/500-status
go.mod: update json-iterator
2020-01-08 10:41:46 -07:00
Ravi Chamarthy
1f8bf8dbd0
Merge pull request #58 from rchincha/compl
README: update compliance test results
2020-01-07 16:21:02 -08:00
Ramkumar Chinchani
5f71b764fc go.mod: update json-iterator
older versions of json-iterator appear to have an issue with maps.

We are most certainly hitting this panic with maps.
https://github.com/anuvu/zot/blob/master/pkg/api/routes.go#L898

On the json-iterator/go side,
   json-iterator/go@acfec88
   json-iterator/go#388
2020-01-07 14:04:01 -08:00
Ramkumar Chinchani
488ff24aef README: update compliance test results
Documented results/notes for zot and docker.
Setting up quay is proving a little harder, will append once available.
2020-01-07 13:14:10 -08:00
Ravi Chamarthy
250118269c
Merge pull request #56 from rchincha/500-status
routes: add more logs
2020-01-06 23:55:18 -08:00
Ramkumar Chinchani
31b30d858b routes: add more logs
There still appears to be another path where we are seeing 500s.
Adding more logs to catch this path.
2020-01-06 22:51:42 -08:00
Ravi Chamarthy
2b9d29c9a2
Merge pull request #55 from rchincha/500-status 2020-01-05 23:45:33 -08:00
Ramkumar Chinchani
8bbf892480 routes: be more paranoid
once we have an non-EOF error in this path, not clear if we can really
recover.
2020-01-05 23:21:27 -08:00
Ravi Chamarthy
d5d6928341
Merge pull request #54 from rchincha/compl 2020-01-04 19:16:57 -08:00
Ravi Chamarthy
70dc6b1722
Merge pull request #53 from rchincha/500-status 2020-01-04 19:14:23 -08:00
Ramkumar Chinchani
87bad57345 compliance: "Location" header can be absolute or relative
Pls. see: https://github.com/opencontainers/distribution-spec/issues/79
2020-01-04 19:05:39 -08:00
Ramkumar Chinchani
2eb4455df7 routes: improve error handling when returning blob data
We have noticed that very intermittently zot returns a 500 when copying
blob data. This is likely happening due to a io.ErrShortWrite
2020-01-04 18:39:21 -08:00
Serge Hallyn
915c994c6c
Merge pull request #52 from rchincha/compl
Compliance cleanup
2019-12-26 21:19:58 -06:00
Ramkumar Chinchani
98a76e83c3 README: update notes about compliance
clarify what compliance tests will achieve

report results of tests conducted
2019-12-23 23:32:08 -08:00
Ramkumar Chinchani
a57f085749 compliance: cleanup compliance test code
zot ci/cd tests are too stict, so separate and relax them for compliance
tests.

Location header is set in some cases, but some clarification is needed
in URL construction.

Fix some incorrect compliance tests.
2019-12-23 22:32:52 -08:00
Serge Hallyn
e76804af4f
Merge pull request #49 from rchincha/blob-mount
routes: handle "mount blob" to remain compliant
2019-12-20 12:47:51 -06:00
Ramkumar Chinchani
c8563d8672 routes: handle "mount blob" to remain compliant
"mount blob" was the only feature we didn't handle.
We don't fully support it yet because we don't have access control
support, but at least handle it and return something sane to remain
compliant.
2019-12-20 10:37:41 -08:00
Ramkumar Chinchani
1e10fa9d80
Merge pull request #47 from rchamarthy/fix/lint
Fix comments in storage.go
2019-12-14 12:33:04 -08:00
Ravi Chamarthy
535b9d07b1 Fix comments in storage.go 2019-12-13 17:31:05 -08:00
Ramkumar Chinchani
13fdf21459
Merge pull request #44 from bloodorangeio/html-report
JSON output option for compliance checks

(closed by mistake earlier, merging)
2019-12-13 15:57:03 -08:00
Ravi Chamarthy
1243db315f
Merge branch 'master' into html-report 2019-12-13 15:01:19 -08:00
Ravi Chamarthy
2d68a403a1
Merge pull request #46 from rchincha/test-cleanup
.gitignore: ignore generated test artifacts
2019-12-13 14:59:26 -08:00
Ramkumar Chinchani
09cdae8d07 .gitignore: ignore generated test artifacts 2019-12-13 14:44:10 -08:00
Josh Dolitsky
271b916a26 feat(compliance): Add JSON output option
This adds a new --json flag to the compliance subcommand, which
will output the compliance test results as minified JSON to stdout.

Also a few other small additions:
- Exit 1 if compliance tests fail
- Use random port for test server using freeport library (added)

Signed-off-by: Josh Dolitsky <393494+jdolitsky@users.noreply.github.com>
2019-12-13 14:57:51 -06:00
Serge Hallyn
7de21820d7
Merge pull request #45 from rchincha/issue-15
test/data: remove htpasswd file
2019-12-13 13:48:16 -06:00
Ramkumar Chinchani
d30766de34 test/data: remove htpasswd file
Fixes issue #15
2019-12-13 11:11:24 -08:00
Ravi Chamarthy
ec7b2c8da9
Merge pull request #43 from zendril/issue-42-golangcilint-errors
Issue 42 - Fixing issues with upgrading to golangci-lint 1.21.0
2019-12-13 10:20:46 -08:00
zendril
4e22352e9c Fixing all the issues with upgrading to golangci-lint 1.21.0 2019-12-13 00:53:18 -05:00
Ramkumar Chinchani
b8cc5dd001
Merge pull request #39 from rchincha/mod1
refactor: make zot 'go get'-able
2019-12-11 14:44:09 -08:00
Ramkumar Chinchani
dffddcf6d3 README: update the README about the 'go get' way to build zot
zot could previously be built using a 'make' system, but we can now just
'go get' zot
2019-12-11 14:17:06 -08:00
Ramkumar Chinchani
5a125e74a1 docs: commit docs so that zot binary build becomes easier
swagger-based docs have been autogenerated from annotations and required
a separate step and then the binary could be built along with these doc
artifacts. Since we don't expect docs to change only when the dist-spec
gets updated, we are committing them.
2019-12-11 14:17:06 -08:00
Ramkumar Chinchani
7779188a9c ldap: pull in external library code so go modules are in control
1) github.com/jtblin/go-ldap-client is an abandoned project and not keeping
up with go modules, so pull that code in (single file, BSD license)

2) minor refactor ldap as a result of 1)

3) update go.mod
2019-12-11 14:17:06 -08:00
Tycho Andersen
9a18c1bfa1
Merge pull request #37 from rchincha/log
log: improve logging
2019-11-26 15:36:54 -07:00
Ramkumar Chinchani
9ae9e40b67 log: improve logging
- add a panic recovery handler
        - add logs on unexpected error paths
        - use logger's panic method
2019-11-26 14:18:20 -08:00
Ramkumar Chinchani
3e7ca9c517
Merge pull request #38 from rchincha/reorder
reorder header and data writes
2019-11-26 09:53:43 -08:00
Ramkumar Chinchani
f07c535225 reorder header and data writes 2019-11-26 09:40:13 -08:00
Serge Hallyn
181fe595c5
Merge pull request #36 from rchincha/ldap
ldap: improve recovery when connection failures
2019-11-18 14:30:15 -06:00
Ramkumar Chinchani
5447ec5bdd ldap: improve recovery when connection failures 2019-11-18 11:54:11 -08:00
Tycho Andersen
0550752e63
Merge pull request #35 from rchincha/ldap
ldap: setup a new ldap conn on bind failure
2019-11-08 13:35:24 -07:00
Ramkumar Chinchani
13a8d8631e ldap: setup a new ldap conn on bind failure 2019-11-08 11:39:55 -08:00
Serge Hallyn
24361364a7
Merge pull request #34 from rchincha/logs
logs: strip properly
2019-10-24 18:45:00 -05:00
Ramkumar Chinchani
84b9194598 logs: strip properly 2019-10-24 14:20:17 -07:00
Tycho Andersen
a1a05a8a41
Merge pull request #33 from rchincha/logs
logs: sanitize logs
2019-10-24 14:32:22 -06:00