0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2024-12-16 21:56:37 -05:00
Commit graph

773 commits

Author SHA1 Message Date
Ramkumar Chinchani
8f809bda29
chore(go.mod): fix dependabot alerts (#1351)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-04-10 14:09:54 -07:00
Nicol
3510ef0fb0
refactor: move pkg/extensions/search/common/oci_layout.go under pkg/test/ (#1325)
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
2023-04-07 09:52:26 -07:00
peusebiu
f35ff53146
feat(storage): rebuild storage(s3/local) dedupe index when switching dedupe status (#1062)
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-04-07 09:49:24 -07:00
peusebiu
96232bb11c
test(sync): consolidate all sync tests (#1332)
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-04-07 09:36:27 +03:00
Ramkumar Chinchani
38997be596
chore(go.mod): fix dependabot alerts (#1343)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-04-07 09:35:12 +03:00
Lisca Ana-Roberta
28ce1c7e71
fix: replaced printing the port with logging it when chosen dynamically (#1339)
Signed-off-by: Ana-Roberta Lisca <ana.kagome@yahoo.com>
2023-04-06 13:33:56 +03:00
Andrei Aaron
06bd8a8252
chore(go.mod): fix dependabot alerts (#1333)
upgrade to github.com/aws/aws-sdk-go@v1.44.237
upgrade to github.com/aquasecurity/trivy@v0.38.3
upgrade to oras.land/oras-go@v1.2.3
upgrade to github.com/google/go-containerregistry@v0.14.0
upgrade to github.com/moby/buildkit@v0.11.4

Note we can't switch to trivy 0.39.0 as well as some other updates
because they would also require upgrade of cosign to v2 with
breaking api changes

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-04-06 01:00:12 -07:00
Ramkumar Chinchani
d9173e3ad3
chore(go.mod): fix dependabot alerts (#1330)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-04-05 09:39:15 +03:00
LaurentiuNiculae
f0f94c3e97
fix(repodb): fixed assigned repoLastUpdated when searching for repos (#1323)
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-04-03 10:53:09 -07:00
Lisca Ana-Roberta
b679cd2e98
feat(ui): if zui tag is not found for download, it now builds locally from the commit (#1318)
Signed-off-by: Ana-Roberta Lisca <ana.kagome@yahoo.com>
2023-03-30 13:15:48 +03:00
Ramkumar Chinchani
5ad25126b7
chore: fix dependabot alerts (#1320)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-03-29 13:13:16 -07:00
peusebiu
3dd3c46ee3
test: stop task scheduler between test runs (#1311)
sync: remove sync WaitGroup, it's stopped with context
sync: onDemand will always try to sync newest image when a tag is used
if a digest is used then onDemand will serve local image
test(sync): fix flaky coverage in sync package
closes #1294

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-03-29 11:37:58 -07:00
LaurentiuNiculae
0ae35e973a
test(convert): added test for consistent coverage for update last-updated timestamp function (#1299)
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-03-29 17:39:15 +03:00
LaurentiuNiculae
af819e7b76
refactor(repodb): moving common utilities under pkg/meta (#1292)
* refactor(repodb): moving common utilities under pkg/meta

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>

* refactor(repodb): moved update, version components under pkg/meta

- updated wrapper initialization to recieve a log object in constructor

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>

* refactor(repodb): moved repodb initialization from controller to pkg/meta/repodb

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>

---------

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-03-28 10:20:09 -07:00
Ramkumar Chinchani
917159143c
chore: fix dependabot alerts (#1312)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-03-27 12:16:29 -07:00
Ramkumar Chinchani
e54c36db12
chore(go.mod): fix dependabot alerts (#1305)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-03-25 22:43:36 +02:00
Nicol
ceda13c24e
chore(deps): remove unused package pkg/extensions/search/digest (#1298)
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
2023-03-24 14:32:02 +02:00
Lisca Ana-Roberta
5c76c11bb2
fix(cve): blackbox cve tests now verifying actual cves (#1300)
Signed-off-by: Ana-Roberta Lisca <ana.kagome@yahoo.com>
2023-03-23 11:11:29 -07:00
LaurentiuNiculae
91e14bee00
fix(loadrepodb): statistics are now preserved after reloading zot (#1289)
- before, the download count for a manifest and repo star count were lost after reload

- now we are keeping these values when we reset the repo-meta structure

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-03-23 11:08:11 -07:00
Ramkumar Chinchani
906f8ce621
chore(deps): fix dependabot alerts (#1291)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-03-22 12:33:21 -07:00
LaurentiuNiculae
f8a77bc42f
feat(search): update search pattern matching rules (#1257)
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-03-22 10:31:53 -07:00
Andrei Aaron
fb85c8678c
feat(ui): update zui to a version which leverages the referrers on ImageSummary (#1293)
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-03-22 10:16:35 -07:00
Lisca Ana-Roberta
5f026d2e80
fix(trivy): consistent coverage for reset method + longer wait time between retries (#1272)
Signed-off-by: Ana-Roberta Lisca <ana.kagome@yahoo.com>
2023-03-22 09:52:48 -07:00
peusebiu
a2c34808a5
fix(http): fix GET requests to use 'Accept' header (#1288)
use 'Accept' header instead of 'Content-Type'
use 'Authorization' header only if we have credentials

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-03-21 10:27:49 -07:00
Andrei Aaron
c91d4a0308
feat(ui): upgrade to zui supporting cve search for a specific image (#1290)
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-03-21 10:25:59 -07:00
Andrei Aaron
4939ca3300
ci(go.mod): verify go.mod and go.sum don't have uncommitted changes after go mod tidy (#1287)
This is to avoid situations such as https://github.com/project-zot/zot/pull/1150
where an indirect dependency became direct without a corresponding go.mod change

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-03-21 10:25:13 -07:00
LaurentiuNiculae
21b7c69fd9
feat(cli): updated display format for multiarch images (#1268)
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-03-21 10:16:00 -07:00
LaurentiuNiculae
0036d6dd09
test(referrers): add test for getting referrers for a image index, multiarch-image, using gql (#1282)
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-03-21 15:10:50 +02:00
Nicol
0842b02181
feat: cleanup error msgs (#1273)
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
2023-03-20 12:42:36 -07:00
LaurentiuNiculae
ddbb56178e
fix(errors): remove direct dependency on 'github.com/pkg/errors' (#1275)
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-03-20 09:34:04 -07:00
LaurentiuNiculae
ed01292ad2
feat(search): add referrers field to ImageSummary (#1261)
Changed repodb to store more information about the referrer needed for the referrers query

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-03-20 09:14:17 -07:00
peusebiu
17a554b504
feat(routes): better error message in case of missing annotations (#1150)
putting this info into error detail would be ideal, but skopeo
doesn't print them, so overwrite the error message.

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-03-16 20:09:30 -07:00
Lisca Ana-Roberta
eea6f3f85a
fix(cve): Search by CVE title/id (full or partial) when listing an image's CVEs (#1264)
Signed-off-by: Ana-Roberta Lisca <ana.kagome@yahoo.com>
2023-03-16 12:13:07 -07:00
peusebiu
4d0bbf1e00
fix(mgmt): skip bearer authn for mgmt route (#1267)
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-03-16 12:02:59 -07:00
LaurentiuNiculae
150ee88945
fix(repodb): GQL request for ExpandedRepoInfo errors when artifacts with tags are present (#1265)
If we push an artifact and give it a tag, repodb would crash because of the null pointer dereferencing

Now when iterating over the tags of a repo and stumbling upon a unsupported media type, it's being ignored

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-03-15 10:34:48 -07:00
Nicol
7656b6f011
chore(deps): modify pkg/errors dependency as indirect (#1266)
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
2023-03-15 17:10:47 +02:00
Nicol Draghici
6f0c37079c chore(deps): remove usage of deprecated package pkg/errors
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
2023-03-14 10:46:29 -07:00
LaurentiuNiculae
5d1f91a79f
feat(repodb): update referrers api to use repodb (#1230)
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-03-10 10:37:29 -08:00
Andrei Aaron
c731acf6de
fix(cve): fix trivyDB being downloaded multiple times in a loop (#1255)
The condition to generate trivyDB download tasks was bugged,
and new tasks were generated in case the download had already been
successful (state `done`).

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-03-10 10:08:53 -08:00
peusebiu
f04e66a5e2
feat(mgmt): added mgmt extension which returns current zot configuration (#1198)
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-03-09 10:43:26 -08:00
LaurentiuNiculae
4c156234cb
feat(repodb): sync-repodb WIP (#1241)
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2023-03-09 10:41:48 -08:00
Andrei Aaron
fd5a2af10b
feat(ui): zui can now show multiple manifests per image (#1254)
Update to a zui version with multiarch image support
Also fix some issues with the filtering on the global search page

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-03-09 09:00:01 -08:00
Lisca Ana-Roberta
336526065f
feat(groups)!: added "groups" mechanism for authZ (#1123)
BREAKING CHANGE: repository paths are now specified under a new config key called "repositories" under "accessControl" section in order to handle "groups" feature. Previously the repository paths were specified directly under "accessControl".

This PR adds the ability to create groups of users which can be used for authZ policies, instead of just users.

{
"http": {
   "accessControl": {
       "groups": {

Just like the users, groups can be part of repository policies/default policies/admin policies. The 'groups' field in accessControl can be missing if there are no groups. The permissions priority is user>group>default>admin policy, verified in this order (in authz.go), and permissions are cumulative. It works with LDAP too, and the group attribute name is configurable. The DN of the group is used as the group name and the functionality is the same. All groups for the given user are added to the context in authn.go. Repository paths are now specified under a new keyword called "repositories" under "accessControl" section in order to handle "groups" feature.

Signed-off-by: Ana-Roberta Lisca <ana.kagome@yahoo.com>
2023-03-08 11:47:15 -08:00
peusebiu
79783b4b06
feat(sync): skip already synced images in sync ondemand (#1234)
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-03-07 09:58:42 -08:00
Ramkumar Chinchani
c2bec0d4a8
chore(go.mod): fix dependabot alerts (#1251)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2023-03-07 09:59:59 +02:00
Andrei Aaron
73b1126bbf
chore(go.mod): fix dependabot alerts (#1247)
Supersedes:
- https://github.com/project-zot/zot/pull/1132
- https://github.com/project-zot/zot/pull/1243
- https://github.com/project-zot/zot/pull/1244
- https://github.com/project-zot/zot/pull/1245

Also update the AWS SDK libraries used

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-03-06 11:05:19 -08:00
Andrei Aaron
c9b594d03d
feat(ui): update to the latest zui version which supports new multiarch image APIs (#1246)
Note patch does not mean full support for showing multiarch images in ZUI,
a single architecture is shown, but it fixes the ZUI views which were broken
since #1147

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2023-03-06 09:42:05 -08:00
peusebiu
e712b64c28
feat(doc): add documentation for dynamodb (#1236)
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2023-03-06 09:25:20 -08:00
Andreea Lupu
646250736e
fix(go.mod): replace opencontainers/umoci dependency with project-stacker/umoci (#1240)
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
2023-03-05 21:11:07 -08:00
Nicol
23efe24c72
refactor(test): update cve tests to stop duplicating test/data if not needed (#1232)
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
2023-03-02 09:45:23 -08:00