0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2024-12-23 22:27:35 -05:00
Commit graph

479 commits

Author SHA1 Message Date
Shivam Mishra
8787142d2c test: pull test images from aws container registry 2020-12-21 15:24:26 -08:00
Ramkumar Chinchani
79a759d802
Update README.md 2020-12-16 17:49:41 -08:00
Ramkumar Chinchani
57cf18c0e4 doc: add a CODE_OF_CONDUCT.md
Address issue #159
2020-12-15 11:20:45 -08:00
Ramkumar Chinchani
343c454df8 doc: update current project maintainer list
Add a MAINTAINERS.md
2020-12-10 17:36:22 -08:00
Ramkumar Chinchani
c49444e0ba
Merge pull request #165 from rchincha/doc
doc: add third-party software deps list
2020-12-06 18:54:43 -08:00
Ramkumar Chinchani
5edfad7e25 doc: add third-party software deps list
Add a THIRD-PARTY-LICENSES.md to list all known deps.

Fixes issue #161
2020-12-03 14:10:32 -08:00
Ramkumar Chinchani
4b87e1a6e7
Update README.md 2020-11-26 19:39:05 -08:00
Ramkumar Chinchani
9ff593ba94
Update README.md 2020-11-24 10:40:51 -08:00
Ramkumar Chinchani
3ead8996de
Update README.md 2020-11-23 09:37:06 -08:00
Ramkumar Chinchani
7854083021
Merge pull request #147 from rchincha/docker
build: update docker and stacker files
2020-11-20 08:50:26 -08:00
Ramkumar Chinchani
cb240ffd84 ci/cd: disable bazel builds in travis ci/cd 2020-11-19 11:41:21 -08:00
Ramkumar Chinchani
c5e3431f14 build: fix stacker build 2020-11-19 11:41:21 -08:00
Ramkumar Chinchani
09c633ad91 build: fix docker build
Update Dockerfile and Makefile to build a zot docker image
2020-11-19 11:41:21 -08:00
Ramkumar Chinchani
b80b7d2361
Merge pull request #148 from IonutCraciun/fixConfigNameCli
Raise error when adding a new zot config with an existed saved name
2020-11-04 10:53:09 -08:00
Ionut Costin Craciun
dad884ddeb Raise error when adding a new zot config with an existed saved name 2020-11-04 10:25:34 +02:00
Ramkumar Chinchani
429a689ace
Merge pull request #149 from rchincha/doc
README: update conformance results url
2020-11-03 09:10:12 -08:00
Ramkumar Chinchani
9649c828b2 README: update conformance results url 2020-11-02 09:45:47 -08:00
Ramkumar Chinchani
f2d4b57638
Merge pull request #145 from shimish2/embededbinary
customizable binaries
2020-10-28 09:11:03 -07:00
Shivam Mishra
b0ed625a2e build: increase wait timeout for travis bazel build process 2020-10-27 19:30:06 -07:00
Shivam Mishra
46beb30fc1 build: add build tags to create customizable binaries 2020-10-22 17:20:07 -07:00
Ramkumar Chinchani
17dce7e63b
Merge pull request #146 from shimish2/rchincha-origin-locks
routes: refactor locks to handle large file uploads
2020-10-19 10:21:38 -07:00
Shivam Mishra
7439feb1c2 build: set timeout in travis make build process to avoid timeout failure 2020-10-18 20:55:17 -07:00
Shivam Mishra
14214a5794 test: add unit test to verify lock changes 2020-10-16 14:58:45 -07:00
Ramkumar Chinchani
386c72d332 routes: refactor locks to handle large file uploads
The storage layer is protected with read-write locks.
However, we may be holding the locks over unnecessarily large critical
sections.

The typical workflow is that a blob is first uploaded via a per-client
private session-id meaning the blob is not publicly visible yet. When
the blob being uploaded is very large, the transfer takes a long time
while holding the lock.

Private session-id based uploads don't really need locks, and hold locks
only when blobs are published after the upload is complete.
2020-10-16 13:33:11 -07:00
Shivam Mishra
25ad71787a test: minimize trivy db download tests to avoid api rate limit 2020-10-15 14:32:37 -07:00
Ramkumar Chinchani
0dcff98c1f
Merge pull request #143 from shimish2/testchanges
test: add wait for trivy db download in test case
2020-10-08 13:38:51 -07:00
Shivam Mishra
8075eadc1a test: add wait for trivy db download in test case 2020-10-02 16:47:54 -07:00
Ramkumar Chinchani
ea0ef61a65
Merge pull request #140 from rchincha/readme
README: bring doc up-to-date
2020-09-24 11:43:33 -07:00
Ramkumar Chinchani
f91cc72aa9
Merge branch 'master' into readme 2020-09-24 10:28:53 -07:00
Ramkumar Chinchani
0d823092f8 README: bring doc up-to-date
Highlight distinguishing features.
Update ecosystem tools section.
2020-09-24 10:19:10 -07:00
Ramkumar Chinchani
6cf54c3212
Merge pull request #134 from shimish2/Issue-130
search/cve: exclude unsupported images from fixed-tag list.
2020-09-24 10:05:30 -07:00
Shivam Mishra
971404f6ee search/cve: fix log messages 2020-09-23 12:47:50 -07:00
Shivam Mishra
d63f715fe5 search/cve: exclude unsupported images from fixed-tag list.
If image vulnerability scan does not support any media type, considering those images as an infected image and now this images will not be shown in fixed images list.

Fixes issue #130
2020-09-22 09:24:04 -07:00
Ramkumar Chinchani
31687991d4
Merge pull request #135 from shimish2/Issue-132
Fixes issue #132
2020-09-10 10:49:41 -07:00
Shivam Mishra
cd0206fe6c Fixes issue #132, if image does not have any fixed tags, empty list with no error should be returned 2020-09-08 16:41:06 -07:00
Ramkumar Chinchani
aa6683854f
Merge pull request #133 from tsnaik/cve-sort
cli: group CVEs by severity
2020-09-08 09:29:17 -07:00
Tanmay Naik
f5867ce0b6 cli: group CVEs by severity 2020-09-04 13:56:47 -04:00
Ramkumar Chinchani
ebfc5958dd
Merge pull request #123 from tsnaik/cve
cli: add commands for fetching CVE
2020-08-21 10:02:49 -07:00
Tanmay Naik
c590b86d14 cli: add commands for CVE
Uses GraphQL API of zot to fetch CVE info

- Get all images affected by a CVE (input: CVEID)
- Get all CVEs of a layer (input: image:tag)
- Get all layers of an image which have resolved a CVE (input: image,
CVEID)
- Get all layers of an image affected by a CVE (input: image, CVEID)
2020-08-21 12:42:01 -04:00
Ramkumar Chinchani
abc22dcdcd
Merge pull request #128 from shimish2/fixbuild
Enable wait option during travis ci build
2020-08-19 19:37:43 -07:00
Shivam Mishra
a8e5a01972 Enable wait option during travis ci build because bazel build takes time and does not print any message on console due to which build exits 2020-08-19 17:46:54 -07:00
Ramkumar Chinchani
2e7b7aec4f
Merge pull request #124 from shimish2/FixedTags
Add support to scan images for CVEs
2020-08-19 14:27:15 -07:00
Shivam Mishra
5f230bd8ff Added unit test cases 2020-08-19 00:19:35 -07:00
Shivam Mishra
ed254159a0 Added support for searching fixed tag given cve and an image 2020-08-18 23:53:04 -07:00
Shivam Mishra
72ae02ca4b Added image format validation to validate media type because squashfs image media type not supported for vulnerability scanning 2020-08-18 23:05:52 -07:00
Shivam Mishra
2cf2c16137 Added graphql api feature for image vulnerability scanning 2020-08-18 22:44:34 -07:00
Shivam Mishra
baa5d247ec Enable trivy db download and update 2020-08-18 21:46:17 -07:00
Shivam Mishra
e537f27f00 Added search extension and integrated trivy to support image vulnerability scanning 2020-08-18 21:03:48 -07:00
Ramkumar Chinchani
a06ad7e701
Merge pull request #127 from shimish2/dedupe-fix
Dedupe fix
2020-08-17 16:33:25 -07:00
Shivam Mishra
3a30290e08 Using "destRecord" as a path in DeleteBlob function instead of "dst".
dstRecord :- blob path stored in cache.
dst :- blob path that is trying to be uploaded.

Currently, if the actual blob on disk may have been removed by GC/delete, during syncing the cache dst is being passed to DeleteBlob function and retry section is being continuously called because DeleteBlob function never deletes dst path (doesn't exist in db), dstRecord should be passed into DeleteBlob function because dstRecord is actual blob path stored in db.

If dst and dstRecord path value is same then this issue will not be produced and DeleteBlob method will delete the blob info from cache but if both are different then DeleteBlob method will try to delete dst path which is not in cache.

Note:- boltdb delete method return nil even when value doesn't exist (https://godoc.org/github.com/boltdb/bolt#Bucket.Delete)
2020-08-12 10:06:20 -07:00