Tuấn Vương
edb5491428
fix: max wait time on dynamodb ( #2730 )
...
Signed-off-by: Tuan Vuong <vanhtuan0409@gmail.com>
2024-10-20 12:14:50 +03:00
Ramkumar Chinchani
6471bed3a5
chore: fix dependabot alerts ( #2729 )
...
https://github.com/project-zot/zot/pull/2718
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-10-16 12:59:09 +03:00
Andrei Aaron
8820408d0a
chore: reduce number of spurious log messages produced by GetNextDigestWithBlobPaths ( #2727 )
...
Exit early in case of all folders and known non-blob file names.
This avoids the logic for validating digests, and log message generation.
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-10-15 09:29:01 -07:00
Andrei Aaron
a10c5fa7ab
test: add more tests for GCing indexes referencing other indexes referencing manifests ( #2716 )
...
Looks like we didn't have many GC tests for retaining multiarch images.
I added more data to the existing image retention tests, besides the new GC tests.
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-10-11 20:31:48 +03:00
Ramkumar Chinchani
c89be3ad31
chore: fix dependabot alerts ( #2709 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-10-07 16:20:37 -07:00
peusebiu
513f2a0dc9
fix(s3): fix check in dedupe logic ( #2700 )
...
cache.HasBlob() looks in both buckets: duplicates and original blobs
Because we want to check if the blob is in original bucket let's use
cache.GetBlob() because it's looking only in original bucket.
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com>
2024-10-03 12:27:58 -07:00
peusebiu
e6624a29a5
feat(graphql): Add LastPullTimestamp and PushTimestamp in ImageSummar… ( #2699 )
...
feat(graphql): Add LastPullTimestamp and PushTimestamp in ImageSummary resposne
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com>
2024-10-03 12:27:03 -07:00
peusebiu
cfbeeff7bb
fix(metrics): update storage metrics on gc ( #2698 )
...
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com>
2024-10-03 11:26:22 -07:00
Andrei Aaron
d42ac4cd0d
fix(delete manifest): distinct behaviors for delete by tag vb delete by digest ( #2626 )
...
In case of delete by tag only the tag is removed, the manifest itself would continue to be accessible by digest.
In case of delete by digest the manifest would be completely removed (provided it is not used by an index or another reference).
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-10-03 09:06:41 -07:00
Ramkumar Chinchani
a31842bd7e
chore: fix dependabot alerts ( #2684 )
...
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
* ci: fix clustering test by creating separate local dirs
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
* ci: free up disk space in cluster tests
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
* ci: revert to stacker v1.0.0-rc16
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
* ci: fix revert to stacker v1.0.0-rc16
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
---------
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
Co-authored-by: Andrei Aaron <aaaron@luxoft.com>
2024-10-01 11:11:27 +03:00
Ramkumar Chinchani
df4f9ca9d3
ci: stop using the non-free 4-core runners ( #2695 )
...
Signed-off-by: Jeffrey Sica <me@jeefy.dev>
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
Co-authored-by: Jeffrey Sica <me@jeefy.dev>
2024-09-30 11:24:24 -07:00
Andrei Aaron
8553712613
chore: upgrade trivy to v0.55.2 and update the logic of waiting for zot to start in some jobs ( #2685 )
...
chore: upgrade trivy to v0.55.2, also update the logic of waiting for zot to start in some jobs
Seems like there's an increate in the time zot requires to start before servicing requests.
From my GitHub observations it is better check using curl instead of relying on hardcoded 5s or 10s values.
The logic in .github/workflows/cluster.yaml seems to be old and out of date.
Even on main right now there is only 1 our of 3 zots actualy running.
The other 2 are actually erroring: Error: operation timeout: boltdb file is already in use, path '/tmp/zot/cache.db'
This is unrelated to this PR, I am seeing the same issue in the olders workflow runs still showing the logs
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-09-30 10:37:53 -07:00
Ramkumar Chinchani
9cf6b0205d
chore: fix dependabot alerts ( #2681 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-09-27 09:05:14 +03:00
Ramkumar Chinchani
ae185f497c
chore: fix dependabot alerts ( #2670 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-09-25 11:07:27 -07:00
Ramkumar Chinchani
db888fa385
chore: fix dependabot alerts ( #2664 )
...
https://github.com/project-zot/zot/pull/2660
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-09-19 23:50:08 -07:00
Ramkumar Chinchani
d73081191d
chore: fix dependabot alerts ( #2648 )
...
https://github.com/project-zot/zot/pull/2646
https://github.com/project-zot/zot/pull/2647
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-09-12 08:53:12 -07:00
Ramkumar Chinchani
98c8e2801c
fix: work around AWS S3 limits ( #2629 )
...
Fixes issue #2627
We get/put metadata in dynamodb and it appears there are limits enforced
by AWS S3 APIs.
https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_BatchGetItem.html
If you request more than 100 items, BatchGetItem returns a
ValidationException with the message "Too many items requested for the
BatchGetItem call."
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-09-12 08:26:43 -07:00
Ramkumar Chinchani
58c9c9c29b
chore: fix dependabot alerts ( #2645 )
...
https://github.com/project-zot/zot/pull/2632
https://github.com/project-zot/zot/pull/2633
https://github.com/project-zot/zot/pull/2636
https://github.com/project-zot/zot/pull/2637
https://github.com/project-zot/zot/pull/2638
https://github.com/project-zot/zot/pull/2639
https://github.com/project-zot/zot/pull/2640
https://github.com/project-zot/zot/pull/2642
https://github.com/project-zot/zot/pull/2643
https://github.com/project-zot/zot/pull/2644
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-09-09 18:32:57 -07:00
Ramkumar Chinchani
9c01204e24
chore: fix dependabot alerts ( #2630 )
...
https://github.com/project-zot/zot/pull/2622
https://github.com/project-zot/zot/pull/2623
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-09-05 16:00:00 -07:00
Ramkumar Chinchani
bfafe01c38
Fix deps ( #2621 )
...
* chore: update go.mod deps
Fix outdated pkgs reported in issue #2522
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
* chore: fix dependabot alerts
https://github.com/project-zot/zot/pull/2612
https://github.com/project-zot/zot/pull/2613
https://github.com/project-zot/zot/pull/2614
https://github.com/project-zot/zot/pull/2615
https://github.com/project-zot/zot/pull/2616
https://github.com/project-zot/zot/pull/2617
https://github.com/project-zot/zot/pull/2618
https://github.com/project-zot/zot/pull/2619
https://github.com/project-zot/zot/pull/2620
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
---------
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-08-20 21:34:43 +03:00
Andrei Aaron
0e6541f204
chore: update UI version ( #2611 )
...
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-08-19 08:14:06 -07:00
Ramkumar Chinchani
1acf124280
chore: update go.mod deps ( #2610 )
...
Fix outdated pkgs reported in issue #2522
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-08-14 13:09:45 -07:00
Ramkumar Chinchani
2a164cc56b
chore: update go.mod deps ( #2609 )
...
Fix outdated pkgs reported in issue #2522
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-08-13 11:28:51 -07:00
peusebiu
b461619682
fix(authn): make hashing/encryption keys used to secure cookies ( #2536 )
...
fix(authn): configurable hashing/encryption keys used to secure cookies
If they are not configured zot will generate a random hashing key at startup,
invalidating all cookies if zot is restarted. closes : #2526
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2024-08-12 15:11:53 -07:00
Ramkumar Chinchani
17dbb56ea1
chore: fix dependabot alerts ( #2594 )
...
https://github.com/project-zot/zot/pull/2592
https://github.com/project-zot/zot/pull/2601
https://github.com/project-zot/zot/pull/2602
https://github.com/project-zot/zot/pull/2603
https://github.com/project-zot/zot/pull/2604
https://github.com/project-zot/zot/pull/2605
https://github.com/project-zot/zot/pull/2606
https://github.com/project-zot/zot/pull/2607
https://github.com/project-zot/zot/pull/2608
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-08-12 15:07:05 -07:00
Andrei Aaron
253aad3195
fix(gc): gc now removes blob uploads which have not changed within the gc delay interval ( #2599 )
...
See #2598
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-08-12 11:58:46 -07:00
Andrei Aaron
2dea22f74a
chore: Update github.com/zitadel/oidc v1 to v3 ( #2585 )
...
Also removes dependency on gopkg.in/square/go-jose.v2
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-08-05 09:11:00 -07:00
Jan-Otto Kröpke
fa4b69954d
build(deps): bump all dependencies ( #2532 )
...
* build(deps): bump all dependencies
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>
* build(deps): bump all dependencies
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>
* build(deps): bump all dependencies
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>
* build(deps): bump all dependencies
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>
---------
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>
2024-08-02 14:23:53 -07:00
Jan-Otto Kröpke
7729fef2fe
build(go.mod): reformat require blocks ( #2582 )
...
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>
2024-07-31 11:40:45 +03:00
Ramkumar Chinchani
3b3f5458d4
chore: fix dependabot alerts ( #2580 )
...
https://github.com/project-zot/zot/pull/2572
https://github.com/project-zot/zot/pull/2573
https://github.com/project-zot/zot/pull/2574
https://github.com/project-zot/zot/pull/2575
https://github.com/project-zot/zot/pull/2576
https://github.com/project-zot/zot/pull/2577
https://github.com/project-zot/zot/pull/2578
https://github.com/project-zot/zot/pull/2579
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-07-30 11:37:33 -07:00
Jan-Otto Kröpke
f618b1d4ef
ci(deps): upgrade golangci-lint ( #2556 )
...
* ci(deps): upgrade golangci-lint
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>
* build(deps): removed disabled linters
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>
* build(deps): go run github.com/daixiang0/gci@latest write .
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>
* build(deps): go run golang.org/x/tools/cmd/goimports@latest -l -w .
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>
* build(deps): go run github.com/bombsimon/wsl/v4/cmd...@latest -strict-append -test=true -fix ./...
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>
* build(deps): go run github.com/catenacyber/perfsprint@latest -fix ./...
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>
* build(deps): replace gomnd by mnd
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>
* build(deps): make gqlgen
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>
* build: Revert "build(deps): go run github.com/daixiang0/gci@latest write ."
This reverts commit 5bf8c42e1f
2024-07-29 10:32:51 -07:00
Andrei Aaron
7d87558b7e
fix: various lint issues ( #2571 )
...
Originally found by @jkroepke in: https://github.com/project-zot/zot/actions/runs/10056774230/job/27796324933?pr=2556
And https://github.com/project-zot/zot/pull/2556 in general
This commit covers:
- (canonicalheader) capitalization of Docker-Content-Digest header
- (protogetter) the proto getters were not used, they check for nil pointers, we should switch to using them
- (zerologlint) fix the false positive
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-07-25 10:14:22 -07:00
Jan-Otto Kröpke
048e59186f
ci(deps): bump minio test dependency ( #2555 )
...
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>
2024-07-24 13:06:29 +03:00
Ramkumar Chinchani
a7ab16b31e
chore: fix dependabot alerts ( #2569 )
...
https://github.com/project-zot/zot/pull/2559
https://github.com/project-zot/zot/pull/2560
https://github.com/project-zot/zot/pull/2561
https://github.com/project-zot/zot/pull/2562
https://github.com/project-zot/zot/pull/2563
https://github.com/project-zot/zot/pull/2564
https://github.com/project-zot/zot/pull/2565
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-07-23 13:30:11 -07:00
Ramkumar Chinchani
4bb5ae3c03
ci: use more cores for the extensions test ( #2568 )
...
This test is running into timing issues in our CI.
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-07-23 09:12:40 +03:00
Ramkumar Chinchani
1da32e58c1
ci: use smaller runners for CI pipelines ( #2566 )
...
CNCF has been nice to us to offer larger runners, but we need to be
careful not to abuse them.
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-07-22 10:43:44 -07:00
Andrei Aaron
26be383aae
fix(digests): do not mandate sha256 as the only algorithm used for hashing blobs ( #2075 )
...
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-07-19 09:56:31 -07:00
Jan-Otto Kröpke
6421d8b49a
misc: make update_licenses.sh faster ( #2553 )
...
build(update_licenses.sh): make update_licenses.sh faster.
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de>
2024-07-18 10:22:32 +03:00
Andrei Aaron
714d8c4e13
fix: minor visual issues in readme/badges ( #2552 )
...
The codecov badge was not showing coverage as it was missing the token.
The license badge was in a separate paragraph
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-07-16 12:16:54 +03:00
fossabot
9f53510ba0
Add license scan report and status ( #2450 )
...
Signed off by: fossabot <badges@fossa.com>
2024-07-15 14:47:54 -07:00
Ramkumar Chinchani
e68baa42e3
chore: fix dependabot alerts ( #2551 )
...
https://github.com/project-zot/zot/pull/2535
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-07-15 13:04:37 -07:00
Anders Bennedsgaard
8262c46ad7
Fix sync extension logging ( #2537 )
...
* fix: nil pointer dereference on localimagestore
fixes https://github.com/project-zot/zot/issues/2527
Signed-off-by: Anders Bennedsgaard <abbennedsgaard@gmail.com>
* fix: no logging from sync extension imagestore
Signed-off-by: Anders Bennedsgaard <abbennedsgaard@gmail.com>
* feat: create local imagestore not found error
Signed-off-by: Anders Bennedsgaard <abbennedsgaard@gmail.com>
* fix: add test
Signed-off-by: Anders Bennedsgaard <abbennedsgaard@gmail.com>
---------
Signed-off-by: Anders Bennedsgaard <abbennedsgaard@gmail.com>
2024-07-15 10:30:43 -07:00
Ramkumar Chinchani
e5eacaa082
chore: fix dependabot alerts ( #2531 )
...
https://github.com/project-zot/zot/pull/2519
https://github.com/project-zot/zot/pull/2528
https://github.com/project-zot/zot/pull/2529
https://github.com/project-zot/zot/pull/2530
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-07-09 19:49:33 +03:00
peusebiu
1c2736d970
fix(storage): handle dedupe disabled in GetAllDedupeReposCandidates() ( #2533 )
...
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2024-07-09 15:33:11 +03:00
Ramkumar Chinchani
aaee0220e4
Merge pull request from GHSA-55r9-5mx9-qq7r
...
when a client pushes an image zot's inline dedupe
will try to find the blob path corresponding with the blob digest
that it's currently pushed and if it's found in the cache
then zot will make a symbolic link to that cache entry and report
to the client that the blob already exists on the location.
Before this patch authorization was not applied on this process meaning
that a user could copy blobs without having permissions on the source repo.
Added a rule which says that the client should have read permissions on the source repo
before deduping, otherwise just Stat() the blob and return the corresponding status code.
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
Co-authored-by: Petu Eusebiu <peusebiu@cisco.com>
2024-07-08 11:35:44 -07:00
Ramkumar Chinchani
002ff05f6e
chore: fix dependabot alerts ( #2504 )
...
https://github.com/project-zot/zot/pull/2502
https://github.com/project-zot/zot/pull/2507
https://github.com/project-zot/zot/pull/2508
https://github.com/project-zot/zot/pull/2509
https://github.com/project-zot/zot/pull/2510
https://github.com/project-zot/zot/pull/2511
https://github.com/project-zot/zot/pull/2512
https://github.com/project-zot/zot/pull/2514
https://github.com/project-zot/zot/pull/2515
https://github.com/project-zot/zot/pull/2516
https://github.com/project-zot/zot/pull/2517
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-07-01 13:29:39 -07:00
Ramkumar Chinchani
0d0eae502e
chore: fix dependabot alerts ( #2499 )
...
https://github.com/project-zot/zot/pull/2489
https://github.com/project-zot/zot/pull/2490
https://github.com/project-zot/zot/pull/2491
https://github.com/project-zot/zot/pull/2492
https://github.com/project-zot/zot/pull/2493
https://github.com/project-zot/zot/pull/2494
https://github.com/project-zot/zot/pull/2495
https://github.com/project-zot/zot/pull/2496
https://github.com/project-zot/zot/pull/2497
https://github.com/project-zot/zot/pull/2498
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-06-25 13:17:27 -07:00
Ramkumar Chinchani
fb2edcc269
chore: fix dependabot alerts ( #2486 )
...
https://github.com/project-zot/zot/pull/2475
https://github.com/project-zot/zot/pull/2477
https://github.com/project-zot/zot/pull/2478
https://github.com/project-zot/zot/pull/2479
https://github.com/project-zot/zot/pull/2480
https://github.com/project-zot/zot/pull/2481
https://github.com/project-zot/zot/pull/2482
https://github.com/project-zot/zot/pull/2483
https://github.com/project-zot/zot/pull/2484
https://github.com/project-zot/zot/pull/2485
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-06-17 20:31:01 +03:00
Ramkumar Chinchani
a460e7f441
chore: fix dependabot alerts ( #2474 )
2024-06-15 07:14:44 +03:00
peusebiu
e023936e8e
fix(ui): fix image details view ( #2470 )
...
when a UI client tries to view image details
for an image with multiple tags pointing to the same digest
we make a query to dynamodb having duplicate keys (same digest)
resulting in an error and the client is redirect back to image
overview.
closes : #2464
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2024-06-14 09:22:48 -07:00
