Infrastructure/zot

mirror of https://github.com/project-zot/zot.git synced 2024-12-16 21:56:37 -05:00

Author	SHA1	Message	Date
Andrei Aaron	6561e9f527	feat(ui): show CVE package path (#2286 ) See https://github.com/project-zot/zui/pull/428 for details Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-02-29 07:57:05 -08:00
Ramkumar Chinchani	d00f5282fa	chore: fix dependabot alerts (#2283 ) https://github.com/project-zot/zot/pull/2270 https://github.com/project-zot/zot/pull/2271 https://github.com/project-zot/zot/pull/2274 https://github.com/project-zot/zot/pull/2275 https://github.com/project-zot/zot/pull/2276 https://github.com/project-zot/zot/pull/2277 https://github.com/project-zot/zot/pull/2278 https://github.com/project-zot/zot/pull/2279 https://github.com/project-zot/zot/pull/2280 https://github.com/project-zot/zot/pull/2281 https://github.com/project-zot/zot/pull/2282 Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>	2024-02-28 00:45:00 +02:00
Ramkumar Chinchani	565eca2609	chore: fix dependabot alerts (#2268 ) https://github.com/project-zot/zot/pull/2258 https://github.com/project-zot/zot/pull/2259 https://github.com/project-zot/zot/pull/2260 https://github.com/project-zot/zot/pull/2261 https://github.com/project-zot/zot/pull/2262 https://github.com/project-zot/zot/pull/2263 https://github.com/project-zot/zot/pull/2264 https://github.com/project-zot/zot/pull/2265 https://github.com/project-zot/zot/pull/2266 https://github.com/project-zot/zot/pull/2267 Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>	2024-02-20 21:51:40 +02:00
Andrei Aaron	4e5db84cb1	chore: update image-spec and dist spec to 1.1.0 (#2255 ) BREAKING CHANGE: the dist spec version in the config files needs to be bumped to 1.1.0 in order for the config verification to pass without warnings. Also fix 1 dependabot alert for helm. Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-02-20 13:27:21 +02:00
Andrei Aaron	960686b957	feat(ui): introduce API key management in ZUI (#2256 ) See Raul's PR: https://github.com/project-zot/zui/pull/403 Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-02-20 12:23:58 +02:00
Andrei Aaron	6c953d6400	test: fix flacky coverage in cookiestore cleanup tests (#2257 ) Refactor and add more coverage to test flacky coverage in case sessions which are already deleted are flagged as expired/for deletion. See coverage drop in pkg/api/cookiestore.go: `8e68255946/indirect-changes` Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-02-19 14:43:30 -08:00
Andrei Aaron	2d2e005449	fix(npe): handle case where os.Stat returns different error types in DirExists (#2253 ) See https://github.com/project-zot/zot/actions/runs/7905369535/job/21577848110 Also add tests to fix some of the coverage fluctuations. Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-02-18 08:00:00 +02:00
Andreea Lupu	aafb1a50ac	feat(ui): update zui version (#2251 ) Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>	2024-02-16 11:39:14 +02:00
Vishwas R	0aa6bf0fff	feat: include PackagePath data in CVEs for image queries (#2241 ) Signed-off-by: Vishwas Rajashekar <vrajashe@cisco.com>	2024-02-15 13:19:49 -08:00
Andrei Aaron	cc2eda0335	test: add test images build instructions and stacker.yamls (#2249 ) Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-02-15 13:49:25 +02:00
Andreea Lupu	d04568b853	feat(ui): update zui version (#2248 ) Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>	2024-02-14 22:19:19 +02:00
peusebiu	8e68255946	fix(sync): added bearer client for sync (#2222 ) fixed ping function taking too much time closes: #2213 #2212 Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>	2024-02-14 09:18:10 -08:00
Andrei Aaron	d0eb043be5	feat: Get the image LastUpdated timestamp from annotations (#2240 ) Fallback to Created field and the History entries in the image config only if the annotation "org.opencontainers.image.created" is not available closes #2210 Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-02-14 09:14:24 -08:00
Andrei Aaron	ec38d39c06	chore(go.mod): fix dependabot alerts (#2247 ) Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-02-14 09:12:57 -08:00
Andreea Lupu	55acce6923	feat(graphql): filter CVEs by severity (#2246 ) Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>	2024-02-14 09:11:57 -08:00
LaurentiuNiculae	de90abd5dc	style(metadb): use type aliases for metadb types to be easier to read (#2043 ) Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>	2024-02-14 09:08:08 -08:00
Andrei Aaron	36e04a40c2	ci(nightly): update go version used for prometheus tests (#2239 ) Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-02-09 17:19:16 +02:00
peusebiu	5b83937d40	fix(tests): fixed inconsistent sync test (#2237 ) Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>	2024-02-08 18:28:59 +02:00
Andrei Aaron	f1d38d9dad	test(blackbox): fix the scrub test sometimes deleting the image manifest from the layout (#2236 ) If the manifest is not present, scrub no longer errors, so the test looking for errors in the log was not failing. See the related scrub changes in: https://github.com/project-zot/zot/pull/2180 Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-02-08 15:21:42 +02:00
Andrei Aaron	60dc8569ec	build(go): switch to go 1.21 (#2049 ) Also update to the latest swaggo version, as the previous one did not work with go 1.21 Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-02-07 10:54:28 -08:00
Andrei Aaron	4e33c172bb	feat(ui): show more information about CVEs (#2233 ) see: https://github.com/project-zot/zui/pull/419 Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-02-05 11:40:27 -08:00
Vishwas R	b332b43fb5	ci: release a checksums file with SHA256 hashes for release assets (#2227 ) * ci: generate sha256 checksums for release assets Signed-off-by: Vishwas Rajashekar <vrajashe@cisco.com> * ci: add wildcard character prefix to filenames in checksum file Signed-off-by: Vishwas Rajashekar <vrajashe@cisco.com> --------- Signed-off-by: Vishwas Rajashekar <vrajashe@cisco.com>	2024-02-05 10:19:48 -08:00
Andrei Aaron	e3065f6a2c	chore(deps): fix dependabot alerts (#2232 ) Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-02-05 09:56:38 -08:00
Andrei Aaron	92cece7c86	ci: add script to build/publish zot multiarch images and modify the publish pipeline to use it (#2214 ) Example usage: scripts/build_multiarch_image.sh --registry ghcr.io/project-zot --source-tag v2.0.0 --file build/multiarch-zot.json --destination-tags="v2.0.0 latest" Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-02-02 10:55:53 -08:00
Andrei Aaron	a60d3891ff	ci: stabilize ecosystem client tools workflow (#2224 ) Since the scheduler no longer executes generators in a fixed order, and scrub logic refactoring, the scrub tasks may or may not complete in the expected time. Increase sleep times used to search for tasks results in zot logs. Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-02-02 16:11:27 +02:00
Andrei Aaron	6a83dd47c0	fix(scheduler): the session cleanup generator is reset too often (#2220 ) This causes the "fair" scheduler to run it too often in the detriment of other generators. The intention was to run it every 2 hours but the measurement unit for 7200 was not specified. Add more logs, including showing a generator name, in order to troubleshoot this kind of issues easier in the future. Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-02-01 09:15:53 -08:00
Andrei Aaron	ce4924f841	refactor: rename go module from zotregistry.io/zot to zotregistry.dev/zot (#2187 ) Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-01-31 20:34:07 -08:00
Andreea Lupu	129e503d2d	feat(ui): update zui version (#2216 ) Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>	2024-01-31 11:20:57 -08:00
Andrei Aaron	a2b923b6fd	feat(search): search for a specific tag cross-repo (#2211 ) Syntax to search for `<tag_name>` accross all repos is `:<tag_name>` Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-01-30 09:12:41 -08:00
Ramkumar Chinchani	580df421bf	chore: fix dependabot alerts (#2208 ) https://github.com/project-zot/zot/pull/2192 https://github.com/project-zot/zot/pull/2193 https://github.com/project-zot/zot/pull/2194 https://github.com/project-zot/zot/pull/2195 https://github.com/project-zot/zot/pull/2196 https://github.com/project-zot/zot/pull/2197 https://github.com/project-zot/zot/pull/2198 https://github.com/project-zot/zot/pull/2199 https://github.com/project-zot/zot/pull/2200 https://github.com/project-zot/zot/pull/2201 https://github.com/project-zot/zot/pull/2202 https://github.com/project-zot/zot/pull/2203 https://github.com/project-zot/zot/pull/2204 https://github.com/project-zot/zot/pull/2205 https://github.com/project-zot/zot/pull/2206 https://github.com/project-zot/zot/pull/2207 Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>	2024-01-29 15:30:41 -08:00
Ramkumar Chinchani	9def35f3b8	chore: update go.mod to fix dependabot alerts (#2181 ) https://github.com/project-zot/zot/pull/2178 Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>	2024-01-25 14:40:26 -08:00
Andreea Lupu	ddba1b7baf	fix(scrub): hold locks per image not per repo while executing scrub (#2180 ) Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>	2024-01-25 11:12:21 -08:00
LaurentiuNiculae	1785688b7c	feat(ldap): hot reloading ldap credentials on change (#2167 ) Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>	2024-01-25 09:15:22 -08:00
Andrei Aaron	8215766720	fix: the scheduler is now fair (#2158 ) Generators are now ordered by rank in the priority queue. The rank computation formula is: - 100/(1+generated_task_count) for high priority tasks - 10/(1+generated_task_count) for medium priority tasks - 1/(1+generated_task_count) for low priority tasks Note the ranks are used when comparing generators both with the same priority and with different priority. So now we are: - giving an opportunity to all generators with the same priority to take turns generating tasks - giving roughly 1 low priority and 10 medium priority tasks the opportunity to run for every 100 high priority tasks running. After a generator generates a task, the generators are reordered in the priority queue based on rank. Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-01-25 09:05:47 -08:00
peusebiu	e9ab520905	fix(bearer): fixed /v2/ route not implementing token spec (#2176 ) We use chartmuseum lib for handling bearer requests, which is not implementing the token spec, mainly it expects "scope" parameter to be given on every request, even for /v2/ route which doesn't represent a resource. Handle this /v2/ route inside our code. Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>	2024-01-22 09:15:27 -08:00
Andrei Aaron	ed6be0580e	refactor: replace deprecated APIs for creating images in the search tests (#2173 ) Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-01-22 09:10:34 -08:00
peusebiu	7dd1ca353f	fix(nightly): increase wait time for dedupe nightly build (#2177 ) Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>	2024-01-22 09:07:04 -08:00
LaurentiuNiculae	3f97f878fd	feat(cve): add option to exclude string from cve search (#2163 ) Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>	2024-01-19 12:59:42 -08:00
Andrei Aaron	355b1eea4c	feat(ui): show CVE severity statistics in the UI (#2172 ) Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-01-18 21:31:15 -08:00
Andreea Lupu	5a1a8ad9d9	feat(ui): update zui version (#2171 ) Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>	2024-01-18 18:34:21 +02:00
Andrei Aaron	8467a80a50	refactor: update tests to use the newer API for creating test images (#2168 ) - update cve tests - update scrub tests - update tests for parsing storage and loading into meta DB - update controller tests Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-01-17 10:20:07 -08:00
Andreea Lupu	029f01ac6e	feat(ui): update zui version (#2162 ) It includes the changes for exporting the vulnerabilities list(CSV/MS Excel) Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>	2024-01-17 17:22:33 +02:00
peusebiu	ee9bbb0bf2	feat(log): print traceback when panics occur (#2166 ) Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>	2024-01-16 09:08:14 -08:00
peusebiu	d1bf713573	fix: excessive memory usage (#2164 ) instead of reading entire files before calculating their digests stream them by using their Reader method. Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>	2024-01-16 09:04:36 -08:00
ericgraf	d7f2429c01	docs: Fix Examples Readme to use correct field storage.retention.policies.repositories. (#2074 ) Signed-off-by: ericgraf <eric@giantswarm.io>	2024-01-15 15:18:36 +02:00
peusebiu	0bed25dddd	feat(config): handle config files with no explicit extension (#2147 ) Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>	2024-01-15 13:10:56 +02:00
Ramkumar Chinchani	d685adb029	fix: npe if ldap query doesn't return attributes (#2151 ) We cannot assume the LDAP server will have group attributes programmed everytime. So handle it accordingly. Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>	2024-01-12 14:08:35 -08:00
Ramkumar Chinchani	1c756b4db9	fix: enable panic backtraces (#2150 ) We expect panics in the server/datapath to be few and far between. So the backtraces are more valuable now. Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>	2024-01-11 13:56:50 -08:00
Andrei Aaron	2a6bf66cb2	fix: high CPU utilization by scheduler while idle (#2156 ) resolves #2155 Signed-off-by: Andrei Aaron <aaaron@luxoft.com>	2024-01-11 09:30:16 -08:00
Ramkumar Chinchani	77d68297cf	docs: update docs website url (#2159 ) Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>	2024-01-11 09:55:11 +02:00

1 2 3 4 5 ...

1118 commits