* build: add commit hash to Config at build for proper discovery readme link
* fix: use tag instead of commit hash, add to release build
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
Return this data as part of GlobalSearch and RepoListWithNewestImage
query results.
This commit also includes refactoring of the CVE scanning logic in
order to better encapsulate trivy specific logic, remove CVE scanning
logic from the graphql resolver.
Signed-off-by: Andrei Aaron <andaaron@cisco.com>
- AccessControlContext now resides in a separate package from where it can be imported,
along with the contextKey that will be used to set and retrieve this context value.
- AccessControlContext has a new field called Username, that will be of use for future
implementations in graphQL resolvers.
- GlobalSearch resolver now uses this context to filter repos available to the logged user.
- moved logic for uploading images in tests so that it can be used in every package
- tests were added for multiple request scenarios, when zot-server requires authz
on specific repos
- added tests with injected errors for extended coverage
- added tests for status code error injection utilities
Closes https://github.com/project-zot/zot/issues/615
Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>