0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2024-12-16 21:56:37 -05:00
Commit graph

541 commits

Author SHA1 Message Date
Ramkumar Chinchani
d68bbf6743 fix security alerts from artifacthub
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-09-08 09:24:33 +03:00
peusebiu
5479e2c785
s3: fix dedupe failing to manage blobs correctly (#772)
in order to know which blob is 'real' (has content)
we need to know which was the first blob inserted in cache,
because that is always the real one.

because we can not modify the keys order in boltdb we'll do this
by marking the first blob inserted with a value

when GetBlob() return the blob which is marked
when PutBlob() if is the first one, mark it
when DeleteBlob() in case deleted is marked then mark the next blob

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2022-09-08 01:12:14 +03:00
Nicol Draghici
6471add89d Read log path and verify content separately to avoid failed tests
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
2022-09-05 12:41:33 -07:00
slab713
8ffb053cec
Replaced deprecated io/ioutil functions (#768)
Signed-off-by: slab713 <109306207+slab713@users.noreply.github.com>
2022-09-02 15:56:02 +03:00
Alex Stan
6ae793eb51 skip manifests inside index.json that don't have an tag annotation
Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>
2022-09-01 10:32:19 -07:00
Shivam Mishra
6c293719e3 storage: different subpaths can point to same root directory
currently different subpaths can only point to same root directory only
when one or both of the storage config does not enable dedupe

different subpath should be able to point to same root directory and in
that case their storage config should be same i.e GC,Dedupe, GC delay
and GC interval

Signed-off-by: Shivam Mishra <shimish2@cisco.com>
2022-08-31 15:43:43 -07:00
Roxana Nemulescu
3bccea7aa2 oras fix:
newer version of oras: https://github.com/oras-project/oras/releases/tag/v0.14.0
	rename the --manifest-config to --config for push command

Signed-off-by: Roxana Nemulescu <roxana.nemulescu@gmail.com>
2022-08-30 21:39:16 +03:00
Andrei Aaron
5dda12b6a7 Fix syntax errors in benchmark and cluster workflows
Signed-off-by: Andrei Aaron <andaaron@cisco.com>
2022-08-30 19:20:56 +03:00
Roxana Nemulescu
8ed34608e4 GetCatalog() - Populate _catalog with mix of many small, medium and large images
Signed-off-by: Roxana Nemulescu <roxana.nemulescu@gmail.com>
2022-08-30 16:48:38 +03:00
Ramkumar Chinchani
cda1f4989d fix dependabot alerts
https://github.com/project-zot/zot/pull/755
https://github.com/project-zot/zot/pull/758
https://github.com/project-zot/zot/pull/759
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-08-29 22:28:17 -07:00
Catalin Hofnar
9ca5fa1029 Implement RepoListWithNewestImage to return [RepoSummary]
Removed access by index in repoListWithNewestImage

Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
2022-08-29 13:06:17 +03:00
Ramkumar Chinchani
981ca6ddb4 fix make binary-stacker Makefile target
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-08-26 23:33:45 +03:00
Alex Stan
49e8167dbe graphql: Apply authorization on /_search endpoint
- AccessControlContext now resides in a separate package from where it can be imported,
along with the contextKey that will be used to set and retrieve this context value.

- AccessControlContext has a new field called Username, that will be of use for future
implementations in graphQL resolvers.

- GlobalSearch resolver now uses this context to filter repos available to the logged user.

- moved logic for uploading images in tests so that it can be used in every package

- tests were added for multiple request scenarios, when zot-server requires authz
on specific repos

- added tests with injected errors for extended coverage

- added tests for status code error injection utilities

Closes https://github.com/project-zot/zot/issues/615

Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>
2022-08-26 21:31:26 +03:00
Nicol Draghici
5450139ba1 Get identity when using TLS certificates
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
2022-08-26 19:52:51 +03:00
Ramkumar Chinchani
f9f388f32e fix artifact upload action in github workflow
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-08-24 10:04:34 +03:00
Ramkumar Chinchani
399dc307e6 add a copyright notice
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-08-23 18:10:50 -07:00
Ramkumar Chinchani
2ff8e8b7d2 fix dependabot alerts
https://github.com/project-zot/zot/pull/737
https://github.com/project-zot/zot/pull/738
https://github.com/project-zot/zot/pull/739
https://github.com/project-zot/zot/pull/740

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-08-23 09:38:30 -07:00
Roxana Nemulescu
ab9a20c1ae Add GraphQL API for getting the information necessary to list images in the zot cli without download manifests.
If this GraphQL API is available, try that first, else fallback to the slowpath.

Signed-off-by: Roxana Nemulescu <roxana.nemulescu@gmail.com>
2022-08-23 16:32:00 +03:00
Andreea-Lupu
eb77307b63 fix chart version from pushpull.bats
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
2022-08-22 14:55:32 -07:00
Ramkumar Chinchani
5c01c4eab4
support OCI image index at manifest endpoint (#638)
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-08-20 11:18:48 +03:00
Andrei Aaron
b9b233e7fc Add the hack folder to .gitignore
To avoid committing it in the future

Signed-off-by: Andrei Aaron <andaaron@cisco.com>
2022-08-19 12:34:01 -07:00
Andrei Aaron
bd9ad998cd Fix file handlers not being closed after calls to ImageStore.GetBlob
This is to fixes hitting the FD limit when reading blobs from the disk in the graphql API

Signed-off-by: Andrei Aaron <andaaron@cisco.com>
2022-08-19 09:22:13 -07:00
Catalin Hofnar
74630ed3a0 Added content-type to Access-Control-Allow-Headers needed for playground preflight
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
2022-08-16 22:47:24 +03:00
Ramkumar Chinchani
2929a62998 fix dependabot alerts
https://github.com/project-zot/zot/pull/725
https://github.com/project-zot/zot/pull/726
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-08-15 11:47:27 -07:00
Ramkumar Chinchani
4b8e288cd3 fix dependabot alerts
https://github.com/project-zot/zot/pull/712
https://github.com/project-zot/zot/pull/714

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-08-13 00:02:36 -07:00
Nicol Draghici
a702a2377e Remove AllowReadOnly and ReadOnly
Signed-off-by: Nicol Draghici <idraghic@cisco.com>

Remove check and set header every time

Signed-off-by: Nicol Draghici <idraghic@cisco.com>
2022-08-10 14:27:21 -07:00
Alex Stan
a5ed99178e replace dependency of tagsInfo and repoInfo with just a list of manifests
- replace dependency of tagsInfo and repoInfo with a list of manifests, since it provides
all the needed data
- Mock tests added

Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>
2022-08-09 17:54:18 -07:00
Ramkumar Chinchani
86401de3b0 fix dependabot alerts
https://github.com/project-zot/zot/pull/706
https://github.com/project-zot/zot/pull/707

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-08-07 18:09:08 +03:00
Alex Stan
0c70ae8a4e RepoInfo structure now includes new field representing RepoSummary
ExpandedRepoInfo currently returns RepoInfo that is a list of Manifests.
To comply with the newest UI requirements, a new field called Summary,
referring to RepoSummary structure, was added.

Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>
2022-08-05 19:22:22 +03:00
Ramkumar Chinchani
ae73290929 fix dependabot alerts
https://github.com/project-zot/zot/pull/689
https://github.com/project-zot/zot/pull/690
https://github.com/project-zot/zot/pull/691

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-08-04 09:36:19 +03:00
Bogdan BIVOLARU
0f386f0c89 Remove from Response header Range the 'bytes' string
Conformance spec requires responding to PATCH requests with
response header 'Content-Range' and value <range>

Signed-off-by: Bogdan BIVOLARU <104334+bogdanbiv@users.noreply.github.com>
2022-08-03 19:46:18 +03:00
Bogdan BIVOLARU
f92e584301 Fix 'InvalidManifestErr' to have a response.body
Signed-off-by: Bogdan BIVOLARU <104334+bogdanbiv@users.noreply.github.com>
2022-08-03 19:46:18 +03:00
Ramkumar Chinchani
49fb609f28 fix dependabot alerts
https://github.com/project-zot/zot/pull/682

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-07-29 10:42:37 -07:00
Lisca Ana-Roberta
a49692a22b regclient blackbox tests and regclient installation in Makefile
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
2022-07-28 16:14:47 +03:00
Andrei Aaron
be93ece95e
Merge pull request #683 from andaaron/perms2
Fix permissions for image sync and stale workflows
2022-07-27 21:22:22 +03:00
Andrei Aaron
903460c55c
Fix permissions for image sync and stale workflows
Looks like read|write is not a correct value:
https://github.com/project-zot/zot/actions/runs/2743961177
https://github.com/project-zot/zot/actions/runs/2743965531

Write should include both, so let's try to use that.

Signed-off-by: Andrei Aaron <andaaron@cisco.com>
2022-07-27 17:44:08 +00:00
alexstan12
16e9822c7f
Add fuzz tests for storage_fs (#601)
This commit uses native go fuzzing to fuzz test implementations
of storage in storage_fs.

moved fuzzing testdata for storage_fs in separate repo

added make target and script for importing fuzz data and running all fuzz tests

Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>
2022-07-27 20:37:55 +03:00
Andrei Aaron
b5f27c5b50 RepoSummary has a new attribute NewestTag of type ImageSummary
ImageListWithLatestTag currently returns a list of ImageInfo objects.
It needs to return consistent results with the API used for Global search as the same information will be used by the UI in the same type or cards.
So we need to update RepoSummary to include the data which right now is present in ImageInfo, but missing from RepoSummary (information on the latest tag in that specific repo).
Will update return type of ImageListWithLatestTag in a later PR (issue tracked in a separate GH issue)

Closes #666

Signed-off-by: Andrei Aaron <andaaron@cisco.com>
2022-07-27 19:41:00 +03:00
Lisca Ana-Roberta
87fc941b3c image level lint: enforce manifest mandatory annotations
closes #536

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
2022-07-27 11:48:04 +03:00
Ramkumar Chinchani
3d72dad507 fix dependabot alerts
https://github.com/project-zot/zot/pull/674
https://github.com/project-zot/zot/pull/676
https://github.com/project-zot/zot/pull/677
https://github.com/project-zot/zot/pull/678

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-07-27 08:48:51 +03:00
Andrei Aaron
7182e426a7 Fix typos in workflow permissions
Signed-off-by: Andrei Aaron <andaaron@cisco.com>
2022-07-26 10:40:51 -07:00
Alex Stan
4fd727a10c changed filenames in pkg/extensions
Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>
2022-07-26 16:56:20 +03:00
Andrei Aaron
10d9b1514b Fixes/Improvements to pkg/cli/stress_test.go
- Decrease RLIMIT_NOFILE and the number of goroutines used to reach this limit (from 512 to 100)
- Reset RLIMIT_NOFILE to the initial value before the test finishes
- Remove panic
- Use temporary dir managed by test framework
- Swith to using test logging in pkg/cli/stress_test.go
- Execute commands without `bash -c` in pkg/cli/stress_test.go

First item is needed as the GH runner seems to stop the test if stressed too much.
The lower number is still good enough to reproduce the test conditions

Signed-off-by: Andrei Aaron <andaaron@cisco.com>
2022-07-26 13:01:16 +03:00
Ramkumar Chinchani
4a3c0073b7 add a github workflow to report branch coverage
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-07-20 22:43:55 -07:00
Laurentiu Niculae
58f8cd5d7d test calculated size
Signed-off-by: Laurentiu Niculae <themelopeus@gmail.com>
2022-07-20 10:03:11 -07:00
Laurentiu Niculae
80369140f1 add image info to parameter
Signed-off-by: Laurentiu Niculae <themelopeus@gmail.com>
2022-07-20 10:03:11 -07:00
Laurentiu Niculae
7e3d063319 freeform querry api
Signed-off-by: Laurentiu Niculae <themelopeus@gmail.com>
2022-07-20 10:03:11 -07:00
Alex Stan
a31869f270 fix GetReferrers function to be able to retrieve referrers of any specified artifactType
Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>
2022-07-19 09:44:23 -07:00
Ramkumar Chinchani
317064ffc9 fix dependabot alerts
https://github.com/project-zot/zot/pull/647
https://github.com/project-zot/zot/pull/648
https://github.com/project-zot/zot/pull/649
https://github.com/project-zot/zot/pull/650
https://github.com/project-zot/zot/pull/651
https://github.com/project-zot/zot/pull/652
https://github.com/project-zot/zot/pull/653
https://github.com/project-zot/zot/pull/656

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2022-07-18 14:59:27 -07:00
Andrei Aaron
43160dcc43 Update to graphql 1.17.13
We encountered some problems with using the existing folder structure,
but it looks like running the tooling with the latest versions works after
we regenerated the project using 'gql init' and refactoring to separate
the login previously in resolvers.go.

- the autogenerated code is now under the gql_generated folder
- the file resolvers.go now contains only the code which is not
rewritten by the gqlgen framework
- the file schema.resolvers.go is rewritten when gqlgen runs,
and we'll only keep there the actual resolvers matching query names
Changes we observed to schema.resolvers.go when gqlgen runs include
reordering methods, and renaming function parameters to match the
names used in schema.graphql
- we now have a gqlgen.yaml config file which governs the behavior of
gqlgen (can be tweaked to restructure the folder structure of the
generated code in the future)

Looks like the new graphql server has better validation
1 Returns 422 instead of 200 for missing query string - had to update tests
2 Correctly uncovered an error in a test for a bad `%` in query string.

As as result of 2, a `masked` bug was found in the way we check if images are
signed with Notary, the signatures were reasched for with the media type
of the image manifest itself instead of the media type for notation.
Fixed this bug, and improved error messages.
This bug would have also been reproducible with main branch if the bad `%`
in the test would have fixed.

Updated the linter to ignore some issues with the code which is
always rewritten when running:
`go run github.com/99designs/gqlgen@v0.17.13 generate`

Add a workflow to test gqlgen works and has no uncommitted changes

Signed-off-by: Andrei Aaron <andaaron@cisco.com>
2022-07-18 12:55:40 -07:00