0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2024-12-16 21:56:37 -05:00
Commit graph

798 commits

Author SHA1 Message Date
Andreea Lupu
6269dbea0c
fix(ci-cd): trigger update-helm-chart after push-image is completed (#1435)
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
2023-05-10 09:53:39 -07:00
Andrei Aaron
0f8fb2b5af
fix(ui): update to latest available zui (#1433)
Includes:
- fix: change login page logic
- fix: fixed layer history not updating for multiarch images

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-05-09 08:30:55 -07:00
peusebiu
d62dbcdf63
fix(sync): fix syncing signatures when using destination in sync's config (#1429)
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-05-08 10:16:20 -07:00
LaurentiuNiculae
449f0d0ac3
fix(repoinfo): fix userprefs values for repos returned by expanded repo info (#1413)
- now isBookmarked and isStarred are updated correctly

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-05-04 09:51:21 -07:00
peusebiu
e299ae199a
fix(sync): skip non distributable layers (#1421)
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-05-04 09:38:33 -07:00
Lisca Ana-Roberta
4812de89ac
feat(sync): added tests for sync on demand with the most used upstream registry services (#1414)
Signed-off-by: Ana-Roberta Lisca <ana.kagome@yahoo.com>
2023-05-04 09:34:35 -07:00
Ramkumar Chinchani
5fcf01d8b8
fix: use golang 1.20 to build our container images (#1408)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-05-01 16:25:52 -07:00
Ramkumar Chinchani
86ecbd3926
fix: non-distributable layers may not exist (#1404)
Currently, when pushing an image, validation is performed to check that
a layer/blob in the manifest already exists. For non-distributable
layers, that check needs to be skipped.

Fixes issue #1394

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-05-01 12:49:41 -07:00
Ramkumar Chinchani
42df4c505a
chore: fix dependabot alerts (#1403)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-05-01 12:49:10 -07:00
Ramkumar Chinchani
c3ba122830
chore(go.mod): fix dependabot alerts (#1377) 2023-05-01 08:31:02 +03:00
Ramkumar Chinchani
3dd228e3e3
fix(serve): gracefully exit with error instead of panic (#1396) 2023-05-01 08:26:23 +03:00
Nicol
c169698c95
feat: remove usage of zerolog.Logger.Msgf() from zot code (#1382)
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
2023-04-27 19:44:22 -07:00
Andreea Lupu
40bf76add5
chore(go.mod): upgrade trivy and cosign (#1387)
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
2023-04-27 09:35:10 -07:00
peusebiu
07bfc8ab95
fix(authz): get username from authn.go request context (#1383)
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-04-27 08:13:06 -07:00
Andrei Aaron
1a092bd019
feat(ui): UX update for UI (#1391)
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-04-27 08:12:15 -07:00
LaurentiuNiculae
3d8a4022bd
feat(global-search): add filtering options by starred and bookmarked (#1336)
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-04-27 08:11:13 -07:00
Ramkumar Chinchani
635d07ae04
chore: update golang (to 1.20.x) and golangci-linter (#1388)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-04-27 00:09:46 -07:00
LaurentiuNiculae
9cc990d7ca
feat(repodb): add user related information to repodb (#1317)
Initial code was contributed by Bogdan BIVOLARU <104334+bogdanbiv@users.noreply.github.com>
Moved implementation from a separate db to repodb by Andrei Aaron <aaaron@luxoft.com>

Not done yet:
- run/test dynamodb implementation, only boltdb was tested
- add additional coverage for existing functionality
- add web-based APIs to toggle the stars/bookmarks on/off

Initially graphql mutation was discussed for the missing API but
we decided REST endpoints would be better suited for configuration



feat(userdb): complete functionality for userdb integration

- dynamodb rollback changes to user starred repos in case increasing the total star count fails
- dynamodb increment/decrement repostars in repometa when user stars/unstars a repo
- dynamodb check anonymous user permissions are working as intendend
- common test handle anonymous users
- RepoMeta2RepoSummary set IsStarred and IsBookmarked



feat(userdb): rest api calls for toggling stars/bookmarks on/off



test(userdb): blackbox tests



test(userdb): move preferences tests in a different file with specific build tags



feat(repodb): add is-starred and is-bookmarked fields to repo-meta

- removed duplicated logic for determining if a repo is starred/bookmarked

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
Co-authored-by: Andrei Aaron <aaaron@luxoft.com>
2023-04-24 11:13:15 -07:00
Ramkumar Chinchani
ef51fd692d
feat: add a kind cluster example (#1378)
Add examples/kind-with-registry.sh to start a kind cluster with zot as a
local registry.

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-04-19 13:37:13 -07:00
peusebiu
d818293cc1
test(sync): make sure sync doesn't write on shutdown (#1370)
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-04-19 11:34:41 -07:00
Nicol
0586c6227e
refactor: remove pkg/extensions/search/common and move the code to the appropriate packages (#1358)
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
2023-04-18 11:07:47 -07:00
Andrei Aaron
e63faa8898
fix(csp): upgrade UI and fix zap failure (#1372)
The zap scanner started to check the csp header, which is causing a warning.

We also need to ignore the rule, as both settings are read by the scanner.

Per https://w3c.github.io/webappsec-csp/#example-7bb4ce67 we can have multiple
Content-Security-Policy headers, and the most restrictive policies apply.
This rule doesn't seem to be applied by zap.

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-04-13 13:48:09 -07:00
Ramkumar Chinchani
9638899e6e
test: additional blackbox tests for client push/pull (#1371)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-04-13 13:47:38 -07:00
Ramkumar Chinchani
e6b81bb354
chore(go.mod): fix dependabot alerts (#1365)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-04-12 14:10:47 +03:00
Ramkumar Chinchani
9f512082ad
chore(go.mod): fix dependabot alerts (#1360)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-04-11 23:21:30 -07:00
Ramkumar Chinchani
8f809bda29
chore(go.mod): fix dependabot alerts (#1351)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-04-10 14:09:54 -07:00
Nicol
3510ef0fb0
refactor: move pkg/extensions/search/common/oci_layout.go under pkg/test/ (#1325)
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
2023-04-07 09:52:26 -07:00
peusebiu
f35ff53146
feat(storage): rebuild storage(s3/local) dedupe index when switching dedupe status (#1062)
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-04-07 09:49:24 -07:00
peusebiu
96232bb11c
test(sync): consolidate all sync tests (#1332)
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-04-07 09:36:27 +03:00
Ramkumar Chinchani
38997be596
chore(go.mod): fix dependabot alerts (#1343)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-04-07 09:35:12 +03:00
Lisca Ana-Roberta
28ce1c7e71
fix: replaced printing the port with logging it when chosen dynamically (#1339)
Signed-off-by: Ana-Roberta Lisca <ana.kagome@yahoo.com>
2023-04-06 13:33:56 +03:00
Andrei Aaron
06bd8a8252
chore(go.mod): fix dependabot alerts (#1333)
upgrade to github.com/aws/aws-sdk-go@v1.44.237
upgrade to github.com/aquasecurity/trivy@v0.38.3
upgrade to oras.land/oras-go@v1.2.3
upgrade to github.com/google/go-containerregistry@v0.14.0
upgrade to github.com/moby/buildkit@v0.11.4

Note we can't switch to trivy 0.39.0 as well as some other updates
because they would also require upgrade of cosign to v2 with
breaking api changes

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-04-06 01:00:12 -07:00
Ramkumar Chinchani
d9173e3ad3
chore(go.mod): fix dependabot alerts (#1330)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-04-05 09:39:15 +03:00
LaurentiuNiculae
f0f94c3e97
fix(repodb): fixed assigned repoLastUpdated when searching for repos (#1323)
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-04-03 10:53:09 -07:00
Lisca Ana-Roberta
b679cd2e98
feat(ui): if zui tag is not found for download, it now builds locally from the commit (#1318)
Signed-off-by: Ana-Roberta Lisca <ana.kagome@yahoo.com>
2023-03-30 13:15:48 +03:00
Ramkumar Chinchani
5ad25126b7
chore: fix dependabot alerts (#1320)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-03-29 13:13:16 -07:00
peusebiu
3dd3c46ee3
test: stop task scheduler between test runs (#1311)
sync: remove sync WaitGroup, it's stopped with context
sync: onDemand will always try to sync newest image when a tag is used
if a digest is used then onDemand will serve local image
test(sync): fix flaky coverage in sync package
closes #1294

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-03-29 11:37:58 -07:00
LaurentiuNiculae
0ae35e973a
test(convert): added test for consistent coverage for update last-updated timestamp function (#1299)
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-03-29 17:39:15 +03:00
LaurentiuNiculae
af819e7b76
refactor(repodb): moving common utilities under pkg/meta (#1292)
* refactor(repodb): moving common utilities under pkg/meta

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>

* refactor(repodb): moved update, version components under pkg/meta

- updated wrapper initialization to recieve a log object in constructor

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>

* refactor(repodb): moved repodb initialization from controller to pkg/meta/repodb

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>

---------

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-03-28 10:20:09 -07:00
Ramkumar Chinchani
917159143c
chore: fix dependabot alerts (#1312)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-03-27 12:16:29 -07:00
Ramkumar Chinchani
e54c36db12
chore(go.mod): fix dependabot alerts (#1305)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-03-25 22:43:36 +02:00
Nicol
ceda13c24e
chore(deps): remove unused package pkg/extensions/search/digest (#1298)
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
2023-03-24 14:32:02 +02:00
Lisca Ana-Roberta
5c76c11bb2
fix(cve): blackbox cve tests now verifying actual cves (#1300)
Signed-off-by: Ana-Roberta Lisca <ana.kagome@yahoo.com>
2023-03-23 11:11:29 -07:00
LaurentiuNiculae
91e14bee00
fix(loadrepodb): statistics are now preserved after reloading zot (#1289)
- before, the download count for a manifest and repo star count were lost after reload

- now we are keeping these values when we reset the repo-meta structure

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-03-23 11:08:11 -07:00
Ramkumar Chinchani
906f8ce621
chore(deps): fix dependabot alerts (#1291)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-03-22 12:33:21 -07:00
LaurentiuNiculae
f8a77bc42f
feat(search): update search pattern matching rules (#1257)
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-03-22 10:31:53 -07:00
Andrei Aaron
fb85c8678c
feat(ui): update zui to a version which leverages the referrers on ImageSummary (#1293)
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-03-22 10:16:35 -07:00
Lisca Ana-Roberta
5f026d2e80
fix(trivy): consistent coverage for reset method + longer wait time between retries (#1272)
Signed-off-by: Ana-Roberta Lisca <ana.kagome@yahoo.com>
2023-03-22 09:52:48 -07:00
peusebiu
a2c34808a5
fix(http): fix GET requests to use 'Accept' header (#1288)
use 'Accept' header instead of 'Content-Type'
use 'Authorization' header only if we have credentials

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-03-21 10:27:49 -07:00
Andrei Aaron
c91d4a0308
feat(ui): upgrade to zui supporting cve search for a specific image (#1290)
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-03-21 10:25:59 -07:00