0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2024-12-16 21:56:37 -05:00
Commit graph

1226 commits

Author SHA1 Message Date
Andrei Aaron
28ffa38170
chore: fix search for 'no digests left, finished' in nightly job (#2784)
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-11-15 08:51:00 -08:00
Ramkumar Chinchani
334b121644
chore: fix dependabot alerts (#2780)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-11-12 13:12:44 -08:00
Andrei Aaron
dc38113df0
chore: use go1.23 in the build environment of zot container images (#2773)
* chore: use go1.23 in the build environment of zot container images

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

* chore: increase timeout in test/blackbox/restore_s3_blobs.bats

Looks like the message is actually there even if the test fails, maybe there is a timing issue.
https://github.com/project-zot/zot/actions/runs/11747889146/job/32730772641

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

---------

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-11-10 10:36:09 -08:00
Ramkumar Chinchani
c9914912d4
chore: fix dependabot alerts (#2770)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-11-08 10:24:19 -08:00
Ramkumar Chinchani
5465aa0d51
build: migrate to golang 1.23.x (#2701)
* build: migrate to golang 1.23.x

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

* fix: golangci-lint reported errors

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

---------

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-11-08 08:58:55 -08:00
Andrei Aaron
a76bfd4283
chore: update Trivy and Trivy dependencies (#2763)
The Trivy library now supports multiple locations from where to download the DBs.
The zot code has been updated to properly call the updated library functions.
If at some point we would want to support multiple Trivy DBs in zot, we could look into it more.

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-11-07 09:03:37 -08:00
Andreea Lupu
f17dd2608a
fix: prevent releases of helm chart with pre-releases of zot (#2755)
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
2024-11-04 08:51:44 +02:00
Andrei Aaron
da923ae232
chore: update go tests to use our hosted trivy-db and trivy-java-db images (#2754)
There are 2 remaining exceptions that I am aware of:
1. The tests under test/blackbox/cve.bats
2. One of the cli tests checking the server attempts download of the databases
from the default url

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-11-01 14:14:52 -07:00
Ramkumar Chinchani
30ecceda8c
chore: fix dependabot alerts (#2753)
* chore: fix dependabot alerts

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

* build: bump up ui version to commit-7bd1d7d

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

---------

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-10-31 20:59:36 -07:00
Ramkumar Chinchani
cb2af94b0b
feat: add support for docker images (#2714)
* feat: add support for docker images

Issue #724

A new config section under "HTTP" called "Compat" is added which
currently takes a list of possible compatible legacy media-types.

https://github.com/opencontainers/image-spec/blob/main/media-types.md#compatibility-matrix

Only "docker2s2" (Docker Manifest V2 Schema V2) is currently supported.

Garbage collection also needs to be made aware of non-OCI compatible
layer types.
feat: add cve support for non-OCI compatible layer types

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

* 

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

* test: add more docker compat tests

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

* feat: add additional validation checks for non-OCI images

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

* ci: make "full" images docker-compatible

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

---------

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-10-31 09:44:04 +02:00
Ramkumar Chinchani
403fd4eb61
chore: fix dependabot alerts (#2750) 2024-10-30 13:09:36 +02:00
Evan
c2facc9958
fix: enable TLS based on URL scheme for sync extension (#2747)
Signed-off-by: evanebb <78433178+evanebb@users.noreply.github.com>
2024-10-29 09:40:24 +02:00
Andrei Aaron
51e779fab4
fix: improve output of zot verify (#2745)
See #2744, there are 2 updates:
1. Silence the usage output in case of config verification errors
2. Wrap the error details in all of the zot configuration errors so they are propagated and shown in stdout for `zot verify`
We also need to keep logging those message to the zot logs file since the same logic is caled in the `zot serve` use case.

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-10-25 13:42:03 -07:00
Andrei Aaron
ca1eb76c7e
chore: less confusing warning message when unexpected media type is found in index manifest list (#2746)
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-10-25 13:39:05 -07:00
Ramkumar Chinchani
f735680ce2
chore: fix dependabot alerts (#2742) 2024-10-23 08:43:07 +03:00
Andrei Aaron
da6bd56a21
fix: issues with nested index processing in CVE and metaDB code (#2732)
Also fix an issue with searching tags, which should work with case insensitive searches.

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-10-21 09:57:43 -07:00
Tuấn Vương
edb5491428
fix: max wait time on dynamodb (#2730)
Signed-off-by: Tuan Vuong <vanhtuan0409@gmail.com>
2024-10-20 12:14:50 +03:00
Ramkumar Chinchani
6471bed3a5
chore: fix dependabot alerts (#2729)
https://github.com/project-zot/zot/pull/2718

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-10-16 12:59:09 +03:00
Andrei Aaron
8820408d0a
chore: reduce number of spurious log messages produced by GetNextDigestWithBlobPaths (#2727)
Exit early in case of all folders and known non-blob file names.
This avoids the logic for validating digests, and log message generation.

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-10-15 09:29:01 -07:00
Andrei Aaron
a10c5fa7ab
test: add more tests for GCing indexes referencing other indexes referencing manifests (#2716)
Looks like we didn't have many GC tests for retaining multiarch images.
I added more data to the existing image retention tests, besides the new GC tests.

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-10-11 20:31:48 +03:00
Ramkumar Chinchani
c89be3ad31
chore: fix dependabot alerts (#2709)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-10-07 16:20:37 -07:00
peusebiu
513f2a0dc9
fix(s3): fix check in dedupe logic (#2700)
cache.HasBlob() looks in both buckets: duplicates and original blobs
Because we want to check if the blob is in original bucket let's use
cache.GetBlob() because it's looking only in original bucket.

Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com>
2024-10-03 12:27:58 -07:00
peusebiu
e6624a29a5
feat(graphql): Add LastPullTimestamp and PushTimestamp in ImageSummar… (#2699)
feat(graphql): Add LastPullTimestamp and PushTimestamp in ImageSummary resposne

Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com>
2024-10-03 12:27:03 -07:00
peusebiu
cfbeeff7bb
fix(metrics): update storage metrics on gc (#2698)
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com>
2024-10-03 11:26:22 -07:00
Andrei Aaron
d42ac4cd0d
fix(delete manifest): distinct behaviors for delete by tag vb delete by digest (#2626)
In case of delete by tag only the tag is removed, the manifest itself would continue to be accessible by digest.
In case of delete by digest the manifest would be completely removed (provided it is not used by an index or another reference).

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-10-03 09:06:41 -07:00
Ramkumar Chinchani
a31842bd7e
chore: fix dependabot alerts (#2684)
* chore: fix dependabot alerts

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

* ci: fix clustering test by creating separate local dirs

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

* ci: free up disk space in cluster tests

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

* ci: revert to stacker v1.0.0-rc16

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

* ci: fix revert to stacker v1.0.0-rc16

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

---------

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
Co-authored-by: Andrei Aaron <aaaron@luxoft.com>
2024-10-01 11:11:27 +03:00
Ramkumar Chinchani
df4f9ca9d3
ci: stop using the non-free 4-core runners (#2695)
Signed-off-by: Jeffrey Sica <me@jeefy.dev>
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
Co-authored-by: Jeffrey Sica <me@jeefy.dev>
2024-09-30 11:24:24 -07:00
Andrei Aaron
8553712613
chore: upgrade trivy to v0.55.2 and update the logic of waiting for zot to start in some jobs (#2685)
chore: upgrade trivy to v0.55.2, also update the logic of waiting for zot to start in some jobs

Seems like there's an increate in the time zot requires to start before servicing requests.
From my GitHub observations it is better check using curl instead of relying on hardcoded 5s or 10s values.

The logic in .github/workflows/cluster.yaml seems to be old and out of date.
Even on main right now there is only 1 our of 3 zots actualy running.
The other 2 are actually erroring: Error: operation timeout: boltdb file is already in use, path '/tmp/zot/cache.db'
This is unrelated to this PR, I am seeing the same issue in the olders workflow runs still showing the logs

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-09-30 10:37:53 -07:00
Ramkumar Chinchani
9cf6b0205d
chore: fix dependabot alerts (#2681)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-09-27 09:05:14 +03:00
Ramkumar Chinchani
ae185f497c
chore: fix dependabot alerts (#2670)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-09-25 11:07:27 -07:00
Ramkumar Chinchani
db888fa385
chore: fix dependabot alerts (#2664)
https://github.com/project-zot/zot/pull/2660

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-09-19 23:50:08 -07:00
Ramkumar Chinchani
d73081191d
chore: fix dependabot alerts (#2648)
https://github.com/project-zot/zot/pull/2646
https://github.com/project-zot/zot/pull/2647

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-09-12 08:53:12 -07:00
Ramkumar Chinchani
98c8e2801c
fix: work around AWS S3 limits (#2629)
Fixes issue #2627

We get/put metadata in dynamodb and it appears there are limits enforced
by AWS S3 APIs.

https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_BatchGetItem.html

If you request more than 100 items, BatchGetItem returns a
ValidationException with the message "Too many items requested for the
BatchGetItem call."

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-09-12 08:26:43 -07:00
Ramkumar Chinchani
58c9c9c29b
chore: fix dependabot alerts (#2645)
https://github.com/project-zot/zot/pull/2632
https://github.com/project-zot/zot/pull/2633
https://github.com/project-zot/zot/pull/2636
https://github.com/project-zot/zot/pull/2637
https://github.com/project-zot/zot/pull/2638
https://github.com/project-zot/zot/pull/2639
https://github.com/project-zot/zot/pull/2640
https://github.com/project-zot/zot/pull/2642
https://github.com/project-zot/zot/pull/2643
https://github.com/project-zot/zot/pull/2644

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-09-09 18:32:57 -07:00
Ramkumar Chinchani
9c01204e24
chore: fix dependabot alerts (#2630)
https://github.com/project-zot/zot/pull/2622
https://github.com/project-zot/zot/pull/2623

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-09-05 16:00:00 -07:00
Ramkumar Chinchani
bfafe01c38
Fix deps (#2621)
* chore: update go.mod deps

Fix outdated pkgs reported in issue #2522

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

* chore: fix dependabot alerts

https://github.com/project-zot/zot/pull/2612
https://github.com/project-zot/zot/pull/2613
https://github.com/project-zot/zot/pull/2614
https://github.com/project-zot/zot/pull/2615
https://github.com/project-zot/zot/pull/2616
https://github.com/project-zot/zot/pull/2617
https://github.com/project-zot/zot/pull/2618
https://github.com/project-zot/zot/pull/2619
https://github.com/project-zot/zot/pull/2620
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

---------

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-08-20 21:34:43 +03:00
Andrei Aaron
0e6541f204
chore: update UI version (#2611)
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-08-19 08:14:06 -07:00
Ramkumar Chinchani
1acf124280
chore: update go.mod deps (#2610)
Fix outdated pkgs reported in issue #2522

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-08-14 13:09:45 -07:00
Ramkumar Chinchani
2a164cc56b
chore: update go.mod deps (#2609)
Fix outdated pkgs reported in issue #2522

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-08-13 11:28:51 -07:00
peusebiu
b461619682
fix(authn): make hashing/encryption keys used to secure cookies (#2536)
fix(authn): configurable hashing/encryption keys used to secure cookies

If they are not configured zot will generate a random hashing key at startup,
invalidating all cookies if zot is restarted. closes: #2526

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2024-08-12 15:11:53 -07:00
Ramkumar Chinchani
17dbb56ea1
chore: fix dependabot alerts (#2594)
https://github.com/project-zot/zot/pull/2592
https://github.com/project-zot/zot/pull/2601
https://github.com/project-zot/zot/pull/2602
https://github.com/project-zot/zot/pull/2603
https://github.com/project-zot/zot/pull/2604
https://github.com/project-zot/zot/pull/2605
https://github.com/project-zot/zot/pull/2606
https://github.com/project-zot/zot/pull/2607
https://github.com/project-zot/zot/pull/2608

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-08-12 15:07:05 -07:00
Andrei Aaron
253aad3195
fix(gc): gc now removes blob uploads which have not changed within the gc delay interval (#2599)
See #2598

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-08-12 11:58:46 -07:00
Andrei Aaron
2dea22f74a
chore: Update github.com/zitadel/oidc v1 to v3 (#2585)
Also removes dependency on gopkg.in/square/go-jose.v2

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-08-05 09:11:00 -07:00
Jan-Otto Kröpke
fa4b69954d
build(deps): bump all dependencies (#2532)
* build(deps): bump all dependencies

Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>

* build(deps): bump all dependencies

Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* build(deps): bump all dependencies

Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* build(deps): bump all dependencies

Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>

---------

Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>
2024-08-02 14:23:53 -07:00
Jan-Otto Kröpke
7729fef2fe
build(go.mod): reformat require blocks (#2582)
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>
2024-07-31 11:40:45 +03:00
Ramkumar Chinchani
3b3f5458d4
chore: fix dependabot alerts (#2580)
https://github.com/project-zot/zot/pull/2572
https://github.com/project-zot/zot/pull/2573
https://github.com/project-zot/zot/pull/2574
https://github.com/project-zot/zot/pull/2575
https://github.com/project-zot/zot/pull/2576
https://github.com/project-zot/zot/pull/2577
https://github.com/project-zot/zot/pull/2578
https://github.com/project-zot/zot/pull/2579

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-07-30 11:37:33 -07:00
Jan-Otto Kröpke
f618b1d4ef
ci(deps): upgrade golangci-lint (#2556)
* ci(deps): upgrade golangci-lint

Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>

* build(deps): removed disabled linters

Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>

* build(deps): go run github.com/daixiang0/gci@latest write .

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* build(deps): go run golang.org/x/tools/cmd/goimports@latest -l -w .

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* build(deps): go run github.com/bombsimon/wsl/v4/cmd...@latest -strict-append -test=true -fix ./...

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* build(deps): go run github.com/catenacyber/perfsprint@latest -fix ./...

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* build(deps): replace gomnd by mnd

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* build(deps): make gqlgen

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* build: Revert "build(deps): go run github.com/daixiang0/gci@latest write ."

This reverts commit 5bf8c42e1f.

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* build(deps): go run github.com/daixiang0/gci@latest write -s 'standard' -s default -s 'prefix(zotregistry.dev/zot)' .

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* build(deps): make gqlgen

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: wsl issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: check-log issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: gci issues

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

* fix: tests

Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>

---------

Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>
2024-07-29 10:32:51 -07:00
Andrei Aaron
7d87558b7e
fix: various lint issues (#2571)
Originally found by @jkroepke in: https://github.com/project-zot/zot/actions/runs/10056774230/job/27796324933?pr=2556
And https://github.com/project-zot/zot/pull/2556 in general

This commit covers:
- (canonicalheader) capitalization of Docker-Content-Digest header
- (protogetter) the proto getters were not used, they check for nil pointers, we should switch to using them
- (zerologlint) fix the false positive

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-07-25 10:14:22 -07:00
Jan-Otto Kröpke
048e59186f
ci(deps): bump minio test dependency (#2555)
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>
2024-07-24 13:06:29 +03:00
Ramkumar Chinchani
a7ab16b31e
chore: fix dependabot alerts (#2569)
https://github.com/project-zot/zot/pull/2559
https://github.com/project-zot/zot/pull/2560
https://github.com/project-zot/zot/pull/2561
https://github.com/project-zot/zot/pull/2562
https://github.com/project-zot/zot/pull/2563
https://github.com/project-zot/zot/pull/2564
https://github.com/project-zot/zot/pull/2565

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-07-23 13:30:11 -07:00