alexstan12
62889c3cb1
refactor: split AuthZ mdw in 2 different parts, each for a specific purpose ( #1542 )
...
- AuthzHandler has now been split in BaseAuthzHandler and DistSpecAuthzHandler
The former populates context with user specific data needed in most handlers, while
the latter executes access logic specific to distribution-spec handlers.
Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>
2023-07-05 09:37:52 -07:00
Andrei Aaron
7fee57e7cc
fix(CVE): attempt to scan now returns early with an error if trivyDB metadata json is missing ( #1548 )
...
Also modify zli to retry in case of such errors,
assuming the trivyDB will eventually be downloaded by the scheduled task.
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-07-05 09:08:16 -07:00
Ramkumar Chinchani
137e5bd793
chore: fix dependabot alerts ( #1581 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-07-05 11:42:24 +03:00
Ramkumar Chinchani
aad6db279b
chore: fix dependabot alerts ( #1576 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-07-04 09:19:26 -07:00
Lisca Ana-Roberta
d4f200c2e1
fix: changing default numWorkers, making it customizable and refactoring scheduler ( #1563 )
...
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
2023-07-04 11:03:29 +03:00
peusebiu
7881ce32b2
fix(extensions): setup UI extension as last one ( #1572 )
...
because UI routes will setup a http.FileServer on '/'
any router setup after UI will be ignored at runtime
becuase gorrilla will route it to http.Fileserver instead.
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-07-03 17:13:15 +03:00
Poulpatine
bd7b21f3dc
docs: Add example for various popular public registries ( #1550 )
...
Signed-off-by: Poulpatine <poulpatine@gmail.com>
2023-06-30 21:53:10 +03:00
peusebiu
6932e3ffca
test: add more registries in sync blackbox tests ( #1568 )
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-06-30 21:07:04 +03:00
Andreea Lupu
7ec748f58a
fix: change commit message for pushing changes to project-zot/helm-charts ( #1564 )
...
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
2023-06-28 20:42:31 +03:00
Ramkumar Chinchani
d78ef0b1bd
ci: update oci dist-spec conformance test ( #1552 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-06-24 18:51:47 -07:00
LaurentiuNiculae
809529be18
fix(cli): add help message for searching referrers under search command ( #1551 )
...
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-06-23 17:44:30 +03:00
Ramkumar Chinchani
8cc5137b2d
build: ui extension needs mgmt ( #1549 )
2023-06-23 08:38:50 +03:00
Ramkumar Chinchani
1300fdfa88
refactor: filenames should use _ not - ( #1547 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-06-22 11:54:41 -07:00
peusebiu
d881f4e916
fix(sync): flaky test on fetching tags ( #1546 )
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-06-22 10:43:47 -07:00
LaurentiuNiculae
620287c7a4
feat(cli): add referrers and search commands to cli ( #1497 )
...
* feat(cli): add referrers command to cli
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
* feat(cli): add global search command
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
* feat(cli): fix comments
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
---------
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-06-22 10:43:01 -07:00
alexstan12
ea7dbf9e5c
refactor: move helper functions under common, in usage specific named files ( #1540 )
...
Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>
2023-06-22 14:29:45 +03:00
peusebiu
377aff1853
fix(sync): fixed skipping docker images when they already synced ( #1521 )
...
before syncing an image we first check if it's already present in our storage
to do that we get the manifest from remote and compare it with the local one
but in the case of syncing docker images, because the conversion to OCI format is done while
syncing, we get a docker manifest before conversion, so sync detects that local manifest and
remote one are different, so it starts syncing again.
to overcome this, convert remote docker manifests to OCI manifests and then compare.
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-06-21 11:05:52 -07:00
peusebiu
ea84752214
fix(test): fix flaky test ( #1544 )
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-06-21 19:53:14 +03:00
peusebiu
d5487d53e3
fix(authz): assign identity to authz context in tls mutual authentication ( #1541 )
...
this causes a bug in extensions by not having the identity for the
authenticated user and couldn't apply his permissions, just the default ones.
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-06-21 16:06:53 +03:00
Lisca Ana-Roberta
aab149610f
fix: removed quotation marks from enum in swagger docs ( #1539 )
...
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
2023-06-20 15:32:19 +03:00
Ramkumar Chinchani
d30d7a9330
chore: fix dependabot alerts ( #1537 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-06-19 12:34:50 -07:00
Lisca Ana-Roberta
aa16c955b3
fix: added swagger doc generation for mgmt and userprefs ( #1530 )
...
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
2023-06-19 10:43:25 -07:00
peusebiu
fc6d6356fb
feat(sync): sync references(signatures/artifacts) recursively ( #1500 )
...
sync now also pulls chained artifacts recursively
eg:
image->sbom->sbom signature
image->artifact->artifact
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-06-16 10:27:33 -07:00
Andrei Aaron
c41bf02240
fix(ui): fix login screen when anonymous and auth are both enabled ( #1528 )
...
Update to the latest zui version
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-06-16 10:26:03 -07:00
peusebiu
d45cfbf5d2
feat(ci): give minio container more time to start ( #1527 )
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-06-16 12:24:38 +03:00
Ramkumar Chinchani
7dd17be96d
chore: fix dependabot alerts ( #1517 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-06-16 10:28:43 +03:00
Andrei Aaron
f9f9422d13
ci(disk usage): disk related fixes and improvements ( #1524 )
...
ci(workflow): show disk usage and free up disk space used by unneeded tooling
ci(tests): routes tests: do not copy large images if they are not used later
ci(trivy): update a test: download trivy.db to a temporary folder
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-06-15 15:07:28 -07:00
Lisca Ana-Roberta
988ca427b5
fix: replaced used CVE in blackbox test ( #1519 )
...
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
2023-06-15 13:22:29 +03:00
peusebiu
03f47f68c0
chore(deps): downgrade golang-lru ( #1515 )
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-06-14 19:45:30 +03:00
Ramkumar Chinchani
d7bddd2a05
chore: fix dependabot alerts ( #1508 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-06-12 14:53:03 -07:00
Lisca Ana-Roberta
622dde9193
fix: referrers now appears in swagger generated docs ( #1488 )
...
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
2023-06-12 10:32:11 -07:00
Ramkumar Chinchani
4d6ca493f2
chore: fix dependabot alerts ( #1501 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-06-09 10:27:42 -07:00
Ramkumar Chinchani
d9e5f33e7e
chore: fix security alerts ( #1493 )
...
https://github.com/project-zot/zot/security/code-scanning/4293
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-06-01 16:53:50 -07:00
Andrei Aaron
96d00cd0ef
fix(cve): Fix CVE scanning in images containing Jar files ( #1475 )
2023-06-01 00:37:46 +03:00
Ramkumar Chinchani
40180f878f
chore(go.mod): fix dependabot alerts ( #1491 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-05-31 22:16:21 +03:00
peusebiu
612a12e5a8
refactor(sync): use task scheduler ( #1301 )
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-05-31 10:26:23 -07:00
Ramkumar Chinchani
e148343540
chore(go.mod): fix dependabot alerts ( #1479 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-05-27 01:23:50 +03:00
Ramkumar Chinchani
2202d6dfd4
fix: revert "org.opencontainers.referrers.filtersApplied" ( #1478 )
...
As per latest dist-spec, this is now removed.
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-05-26 13:56:44 -07:00
LaurentiuNiculae
a3f355c278
refactor(storage): refactoring storage ( #1459 )
...
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-05-26 11:08:19 -07:00
peusebiu
9acd19f7ea
fix(extensions): consolidate extensions headers returned to UI by extensions ( #1473 )
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-05-25 11:44:54 -07:00
Lisca Ana-Roberta
6a7035c599
fix: removed duplicate structures from service.go and moved them to pkg/common ( #1436 )
...
Signed-off-by: Ana-Roberta Lisca <ana.kagome@yahoo.com>
2023-05-25 11:27:49 -07:00
peusebiu
4970f8814d
fix(test): fix storage flaky tests ( #1474 )
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-05-25 11:24:56 -07:00
LaurentiuNiculae
2b8479f7f2
feat(userprefs): update documentation and list extensions endpoint ( #1456 )
...
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-05-25 14:46:52 +03:00
Andreea Lupu
970997f3a8
feat(graphql & repodb): add info about signature validity ( #1344 )
...
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
2023-05-24 09:46:16 -07:00
LaurentiuNiculae
6e6ffe800c
chore(go.mod): upgrade to notation-go v1.0.0-rc.5 and image-spec v1.1.0-rc3 ( #1468 )
...
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-05-23 15:16:33 +00:00
Andrei Aaron
60148138d5
ci(cri-o): update cri-o installation steps ( #1470 )
...
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-05-23 17:01:10 +03:00
Ramkumar Chinchani
83ae1aad70
chore(go.mod): fix dependabot alerts ( #1466 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-05-23 10:14:43 +03:00
LaurentiuNiculae
c0170b0811
feat(routes): move the cors handler from /v2 to only where it's needed ( #1457 )
...
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-05-19 21:22:51 -07:00
peusebiu
1b184ceef8
fix(zb): fixed remote repositories cleanup ( #1461 )
...
fix(storage/local): also put deduped blobs in cache, not just origin blobs
this caused an error when trying to delete deduped blobs
from multiple repositories
fix(storage/s3): check blob is present in cache before deleting
this is an edge case where dedupe is false but cacheDriver is not nil
(because in s3 we open the cache.db if storage find it in rootDir)
it caused an error when trying to delete blobs uploaded with dedupe false
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-05-19 09:51:15 -07:00
Andrei Aaron
9ca85e0937
feat(UI): upgrade to a UI which supports user preferences ( #1460 )
...
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-05-18 09:44:28 -07:00