Petu Eusebiu
6d04ab3cdc
sync: support reloading sync config when the config file changes
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-18 11:24:11 -07:00
Catalin-George Hofnar
7e8cc3c71c
Exported PATH for notation ( #470 )
...
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
2022-03-18 17:55:04 +02:00
Ramkumar Chinchani
cff3be638f
ci/cd: scan released images with trivy scanner
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-17 19:13:49 -07:00
Ramkumar Chinchani
e767cb456c
fix issue and PR templates
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-17 11:10:56 -07:00
Ramkumar Chinchani
10f0e6c307
fix dependabot alert
...
https://github.com/project-zot/zot/security/dependabot/10
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-15 16:55:32 -07:00
laurentiuNiculae
63d94d4ac5
Update dist-spec version automatically
...
Warning if config has wrong dist-spec version
Signed-off-by: laurentiuNiculae <themelopeus@gmail.com>
2022-03-14 10:24:03 -07:00
Petu Eusebiu
fa27e22404
Added clustering github workflow
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-09 10:54:17 -08:00
Shivam Mishra
b8010e1ee4
routes: changes required to do browser authentication
...
whenever we make a request that contains header apart from CORS allowed header, browser sends a preflight request
and in response accept *Access-Control-Allow-Headers*.
preflight request is in form of OPTIONS method, added new http handler func to set headers
and returns HTTP status ok in case of OPTIONS method.
in case of authorization, request contains authorization header
added authorization header in Access-Control-Allow-Headers list
added AllowOrigin field in HTTPConfig this field value is set to Access-Control-Allow-Origin header and will give zot adminstrator to limit incoming request.
Signed-off-by: Shivam Mishra <shimish2@cisco.com>
2022-03-08 17:42:54 -08:00
laurentiuNiculae
aee94218aa
remove root access for skopeo in Makefile
...
Signed-off-by: laurentiuNiculae <themelopeus@gmail.com>
2022-03-08 10:39:22 -08:00
Eng Zer Jun
0d77b60de7
test: use T.TempDir
to create temporary test directory
...
The directory created by `T.TempDir` is automatically removed when the
test and all its subtests complete.
Reference: https://pkg.go.dev/testing#T.TempDir
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-03-07 12:28:49 -08:00
Ramkumar Chinchani
4be2652085
conformance: fix cross-mount behavior when 'from' is missing
...
fixes issue #442
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-04 17:24:50 -08:00
Ramkumar Chinchani
95e4b2054b
upgrade module deps
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-04 13:10:58 -08:00
Ramkumar Chinchani
3b9699c536
go.mod: cleanup deps so 'go mod tidy' works
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-04 13:10:58 -08:00
Ramkumar Chinchani
cf70a8d71e
CVE-2022-23648: update dependencies in go.mod
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-03 09:55:48 -08:00
Petu Eusebiu
9cffbcaccb
s3: bugfix, use sync.Map instead of map for storing multi part uploads references
...
add storage lock in GetIndexContent
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-03 09:12:07 -08:00
Ramkumar Chinchani
bf21435d42
remove linger go.sum entries to fix dependabot alert
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-02 13:28:37 -08:00
Ramkumar Chinchani
8db3e1b192
CVE-2022-23649: fix dependabot alert
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-02 12:01:14 -08:00
Ramkumar Chinchani
3ada6af0de
tls: set min version to 1.2 and restrict cipher suites
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-02 10:03:50 -08:00
Petu Eusebiu
45968e0bb7
sync: fix inconsistent test, used inject error fw for hard to reach test cases
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-01 09:56:27 -08:00
Ramkumar Chinchani
408f043f1e
codecov: upgrade from v1 to v2
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-25 09:23:57 -08:00
Ramkumar Chinchani
25bacd5aec
ci/cd: add a workflow to detect/close stale PRs and issues
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-24 10:55:47 -08:00
Ramkumar Chinchani
b800c5f20a
README: update README.md
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-17 13:07:32 -08:00
Ramkumar Chinchani
38a110314b
gc: add a gcDelay param
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-14 14:03:22 -08:00
Petu Eusebiu
35eeedb22a
sync: pull only missing images, not everything, closes #335
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-02-14 08:09:18 -08:00
Ramkumar Chinchani
bb53552048
bump github.com/docker/distribution from 2.7.1+incompatible to 2.8.0+incompatible
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-11 19:19:16 -08:00
Ramkumar Chinchani
c0c6b255e1
dependabot-alert: update 'github.com/open-policy-agent/opa'
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-11 19:19:16 -08:00
Ramkumar Chinchani
f66d496257
dependabot-alert: update 'github.com/open-policy-agent/opa'
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-11 15:49:54 -08:00
Ramkumar Chinchani
36ce0f8bb0
ci/cd: fix image upload pipeline
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-11 13:36:23 -08:00
Petu Eusebiu
0ec39c0313
sync: make RetryDelay and MaxRetries optional
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-02-11 09:11:11 -08:00
Shivam Mishra
37d150e32f
search: graphql api to give detailed repo info
...
DetailedRepoInfo graphql api returns detailed repo info given repo name
repo contains its manifests info
Each manifest entry contains digest,signed, tag and layers info
Each layer info containes digest, size
Signed-off-by: Shivam Mishra <shimish2@cisco.com>
2022-02-10 16:34:13 -08:00
Ramkumar Chinchani
4ddfd059b6
ci/cd: count lines of code
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-09 17:00:52 -08:00
Ramkumar Chinchani
b2c8533719
test: fix ldap unit tests
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-09 14:48:34 -08:00
Alexei Dodon
47c9b6244e
Added config enable=true/false for extensions with default value as enabled closes #258
...
Signed-off-by: Alexei Dodon <adodon@cisco.com>
2022-02-09 09:53:49 -08:00
Ramkumar Chinchani
730fe70f2f
coverage: improve code coverage
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-09 07:42:15 -08:00
Ramkumar Chinchani
73027fbce5
ci/cd: fix build/test workflow
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-08 22:31:42 -08:00
Ramkumar Chinchani
40d6174c1e
ci/cd: restore part of github workflow for PRs
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-08 12:03:07 -08:00
Ramkumar Chinchani
298b966eab
build: parameterize arch builds
...
Build zot artifacts for multiple os and arch.
[linux, amd64] - common case
[linux, arm64] - raspberry pi
[darwin, amd64] - Intel-based macs
[darwin, arm64] - Arm-based macs
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-08 08:26:58 -08:00
Ramkumar Chinchani
d2aa016cdb
storage: flush/sync contents to disk on file close
...
Behavior controlled by configuration (default=off)
It is a trade-off between performance and consistency.
References:
[1] https://github.com/golang/go/issues/20599
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-07 12:08:01 -08:00
Ramkumar Chinchani
c73e71b018
ci/cd: add a basic push-pull testing using client tools
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-07 10:03:24 -08:00
Petu Eusebiu
f89925fb27
sync: periodically retry if on-demand fails inline, closes #281
...
sync: don't return error on sync signatures, just skip them, closes #375
sync: sync signatures on demand
sync on demand: in case of parallel requests pull image just once, closes #344
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-02-07 09:04:13 -08:00
Ramkumar Chinchani
87084f286b
storage: improve/fix oci image validation
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-02 13:31:41 -08:00
Ramkumar Chinchani
8d6b36a61b
bench: fix benchmark test data
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-02 13:31:41 -08:00
Petu Eusebiu
a0e65379c8
sync: for a prefix, allow multiple registries as a list instead of only one, closes #343
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-02-01 09:45:09 -08:00
Ramkumar Chinchani
45fe129c63
notaryv2: fix 'notation list'
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-31 14:33:21 -08:00
Ramkumar Chinchani
f9d14d7f94
ci/cd: add a license checker
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-30 12:04:49 -08:00
Petu Eusebiu
b9250a783a
Use InsecureSkipVerify only with https upstreams
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-01-29 20:00:27 -08:00
Ramkumar Chinchani
e0a1a82890
coverage: add failure injection framework
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-28 08:56:00 -08:00
Alexei Dodon
f47c8222c2
bug: Storage used per zot repo metric is broken
...
Signed-off-by: Alexei Dodon <adodon@cisco.com>
2022-01-26 18:43:14 -08:00
Petu Eusebiu
89b143805e
Remove sync http handler, not needed anymore since added sync on demand
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-01-25 09:18:23 -08:00
Ramkumar Chinchani
4d576a4817
storage: return errors instead of panics
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-24 13:33:45 -08:00