Ramkumar Chinchani
cf70a8d71e
CVE-2022-23648: update dependencies in go.mod
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-03 09:55:48 -08:00
Petu Eusebiu
9cffbcaccb
s3: bugfix, use sync.Map instead of map for storing multi part uploads references
...
add storage lock in GetIndexContent
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-03 09:12:07 -08:00
Ramkumar Chinchani
bf21435d42
remove linger go.sum entries to fix dependabot alert
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-02 13:28:37 -08:00
Ramkumar Chinchani
8db3e1b192
CVE-2022-23649: fix dependabot alert
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-02 12:01:14 -08:00
Ramkumar Chinchani
3ada6af0de
tls: set min version to 1.2 and restrict cipher suites
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-03-02 10:03:50 -08:00
Petu Eusebiu
45968e0bb7
sync: fix inconsistent test, used inject error fw for hard to reach test cases
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-03-01 09:56:27 -08:00
Ramkumar Chinchani
408f043f1e
codecov: upgrade from v1 to v2
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-25 09:23:57 -08:00
Ramkumar Chinchani
25bacd5aec
ci/cd: add a workflow to detect/close stale PRs and issues
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-24 10:55:47 -08:00
Ramkumar Chinchani
b800c5f20a
README: update README.md
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-17 13:07:32 -08:00
Ramkumar Chinchani
38a110314b
gc: add a gcDelay param
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-14 14:03:22 -08:00
Petu Eusebiu
35eeedb22a
sync: pull only missing images, not everything, closes #335
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-02-14 08:09:18 -08:00
Ramkumar Chinchani
bb53552048
bump github.com/docker/distribution from 2.7.1+incompatible to 2.8.0+incompatible
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-11 19:19:16 -08:00
Ramkumar Chinchani
c0c6b255e1
dependabot-alert: update 'github.com/open-policy-agent/opa'
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-11 19:19:16 -08:00
Ramkumar Chinchani
f66d496257
dependabot-alert: update 'github.com/open-policy-agent/opa'
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-11 15:49:54 -08:00
Ramkumar Chinchani
36ce0f8bb0
ci/cd: fix image upload pipeline
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-11 13:36:23 -08:00
Petu Eusebiu
0ec39c0313
sync: make RetryDelay and MaxRetries optional
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-02-11 09:11:11 -08:00
Shivam Mishra
37d150e32f
search: graphql api to give detailed repo info
...
DetailedRepoInfo graphql api returns detailed repo info given repo name
repo contains its manifests info
Each manifest entry contains digest,signed, tag and layers info
Each layer info containes digest, size
Signed-off-by: Shivam Mishra <shimish2@cisco.com>
2022-02-10 16:34:13 -08:00
Ramkumar Chinchani
4ddfd059b6
ci/cd: count lines of code
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-09 17:00:52 -08:00
Ramkumar Chinchani
b2c8533719
test: fix ldap unit tests
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-09 14:48:34 -08:00
Alexei Dodon
47c9b6244e
Added config enable=true/false for extensions with default value as enabled closes #258
...
Signed-off-by: Alexei Dodon <adodon@cisco.com>
2022-02-09 09:53:49 -08:00
Ramkumar Chinchani
730fe70f2f
coverage: improve code coverage
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-09 07:42:15 -08:00
Ramkumar Chinchani
73027fbce5
ci/cd: fix build/test workflow
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-08 22:31:42 -08:00
Ramkumar Chinchani
40d6174c1e
ci/cd: restore part of github workflow for PRs
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-08 12:03:07 -08:00
Ramkumar Chinchani
298b966eab
build: parameterize arch builds
...
Build zot artifacts for multiple os and arch.
[linux, amd64] - common case
[linux, arm64] - raspberry pi
[darwin, amd64] - Intel-based macs
[darwin, arm64] - Arm-based macs
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-08 08:26:58 -08:00
Ramkumar Chinchani
d2aa016cdb
storage: flush/sync contents to disk on file close
...
Behavior controlled by configuration (default=off)
It is a trade-off between performance and consistency.
References:
[1] https://github.com/golang/go/issues/20599
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-07 12:08:01 -08:00
Ramkumar Chinchani
c73e71b018
ci/cd: add a basic push-pull testing using client tools
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-07 10:03:24 -08:00
Petu Eusebiu
f89925fb27
sync: periodically retry if on-demand fails inline, closes #281
...
sync: don't return error on sync signatures, just skip them, closes #375
sync: sync signatures on demand
sync on demand: in case of parallel requests pull image just once, closes #344
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-02-07 09:04:13 -08:00
Ramkumar Chinchani
87084f286b
storage: improve/fix oci image validation
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-02 13:31:41 -08:00
Ramkumar Chinchani
8d6b36a61b
bench: fix benchmark test data
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-02-02 13:31:41 -08:00
Petu Eusebiu
a0e65379c8
sync: for a prefix, allow multiple registries as a list instead of only one, closes #343
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-02-01 09:45:09 -08:00
Ramkumar Chinchani
45fe129c63
notaryv2: fix 'notation list'
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-31 14:33:21 -08:00
Ramkumar Chinchani
f9d14d7f94
ci/cd: add a license checker
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-30 12:04:49 -08:00
Petu Eusebiu
b9250a783a
Use InsecureSkipVerify only with https upstreams
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-01-29 20:00:27 -08:00
Ramkumar Chinchani
e0a1a82890
coverage: add failure injection framework
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-28 08:56:00 -08:00
Alexei Dodon
f47c8222c2
bug: Storage used per zot repo metric is broken
...
Signed-off-by: Alexei Dodon <adodon@cisco.com>
2022-01-26 18:43:14 -08:00
Petu Eusebiu
89b143805e
Remove sync http handler, not needed anymore since added sync on demand
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-01-25 09:18:23 -08:00
Ramkumar Chinchani
4d576a4817
storage: return errors instead of panics
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-24 13:33:45 -08:00
Ramkumar Chinchani
1e5ea7e09c
controller: support rate-limiting incoming requests
...
helps constraining resource usage and against flood attacks.
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-24 12:48:13 -08:00
Ramkumar Chinchani
f251e7af10
update go.mod
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-24 09:15:46 -08:00
Alexei Dodon
d259ba6e4f
Fix scrub command crash
...
Signed-off-by: Alexei Dodon <adodon@cisco.com>
2022-01-22 15:54:13 -08:00
Alexei Dodon
c9a81baa10
Renamed zot-exporter to zxp and added its image to zot release
...
Signed-off-by: Alexei Dodon <adodon@cisco.com>
2022-01-19 10:31:37 -08:00
Ramkumar Chinchani
cec66f6bc2
ci/cd: update continuous benchmark version
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-18 09:54:15 +02:00
Ramkumar Chinchani
6a2529f08f
ci/cd: add continuous benchmark action
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-14 10:10:55 -08:00
Ramkumar Chinchani
72da8303c5
perf: add a 'zb' binary for perf testing of dist-spec registries
...
'make bench' produces a bin/zb binary
bin/zb --help
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-13 10:11:08 -08:00
Petu Eusebiu
1109bb4dde
sync: Added support for syncing notary/cosign signatures, closes #261
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-01-13 08:45:59 -08:00
Petu Eusebiu
e6d6d5a7de
Fix cli version showing help message, closes #361
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-01-12 12:35:17 -08:00
Ramkumar Chinchani
4896adad1b
build: split functionality into separate binaries
...
zot: registry server
zli: zot cli to interact with the zot registry
zui: zot ui (proposed)
zb: zot benchmark (proposed)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-11 11:48:18 -08:00
Alexei Dodon
c4d34b7269
Added storage latency histogram metric
...
Signed-off-by: Alexei Dodon <adodon@cisco.com>
2022-01-10 11:55:39 -08:00
Petu Eusebiu
4f825a5e2f
[Identity-based Authorization] Add an option to specify a global policy for all repositories
...
using regex.
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-01-07 10:55:20 -08:00
Ramkumar Chinchani
3177f87403
ci/cd: upgrade golang to 1.17
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-01-07 09:46:50 -08:00