0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2024-12-16 21:56:37 -05:00
Commit graph

1180 commits

Author SHA1 Message Date
Ravi Chamarthy
4ddfcdd092 chore: add ossf scorecard
Signed-off-by: Ravi Chamarthy <ravi@chamarthy.dev>
2024-03-14 09:43:42 -07:00
Ramkumar Chinchani
ce7a9466c6
chore: update zui version (#2319) 2024-03-13 07:33:23 +02:00
Ramkumar Chinchani
fdb401273c
fix: ignore metadb errors if tag not found (#2301) 2024-03-13 07:28:08 +02:00
Vishwas R
c7472a2dda
feat: add verbose mode for cves for image listing (#2308)
Signed-off-by: Vishwas Rajashekar <vrajashe@cisco.com>
2024-03-12 13:38:48 -07:00
Ramkumar Chinchani
413514c0d4
chore: fix dependabot alerts (#2317) 2024-03-12 08:03:29 +02:00
ossfellow
dc0e41ad53
test(blackbox): add multi-arch index creation and image attributes modification (#2306)
* test: add multi-arch index creation and image modification tests

Signed-off-by: ossfellow <masoud@operatik.io>

* chore: update regclient version to the latest

Signed-off-by: ossfellow <masoud@operatik.io>

---------

Signed-off-by: ossfellow <masoud@operatik.io>
2024-03-08 08:49:12 -08:00
Ramkumar Chinchani
2dd1fc9316
chore: fix dependabot alerts (#2302)
https://github.com/project-zot/zot/pull/2297
https://github.com/project-zot/zot/pull/2298

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-03-07 21:20:35 +02:00
Ramkumar Chinchani
18235ca254
fix(oras)!: remove ORAS artifact references support (#2294)
* fix(oras)!: remove ORAS artifact references support

ORAS artifacts/references predated OCI dist-spec 1.1.0 which now has the
same functionality and likely to see wider adoption.

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

* test: update to released official images

So that they are unlikely to be deleted.
*-rc images may be cleaned up over time.

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

---------

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-03-06 12:16:42 -08:00
LaurentiuNiculae
5039128723
feat(cve): cli cve diff (#2242)
* feat(gql): add new query for diff of cves for 2 images

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>

* feat(cli): add cli for cve diff

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>

---------

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2024-03-06 10:40:29 +02:00
Ramkumar Chinchani
752b9e87c1
chore: fix dependabort alerts (#2295)
https://github.com/project-zot/zot/pull/2287
https://github.com/project-zot/zot/pull/2288
https://github.com/project-zot/zot/pull/2289
https://github.com/project-zot/zot/pull/2290
https://github.com/project-zot/zot/pull/2291
https://github.com/project-zot/zot/pull/2292
https://github.com/project-zot/zot/pull/2293

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-03-04 21:30:27 +02:00
peusebiu
6f00e843a0
fix(sync): sync generator now backs off on errors (#2272)
handle unsupported features like oci artifacts.

closes: #2238

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2024-03-04 09:44:11 -08:00
peusebiu
740eae8f26
fix(sync): better cleaning sync's download dir (#2273)
added cleanup in the case of copy.Image() failures.

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2024-02-29 09:09:21 -08:00
Andrei Aaron
6561e9f527
feat(ui): show CVE package path (#2286)
See https://github.com/project-zot/zui/pull/428 for details

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-02-29 07:57:05 -08:00
Ramkumar Chinchani
d00f5282fa
chore: fix dependabot alerts (#2283)
https://github.com/project-zot/zot/pull/2270
https://github.com/project-zot/zot/pull/2271
https://github.com/project-zot/zot/pull/2274
https://github.com/project-zot/zot/pull/2275
https://github.com/project-zot/zot/pull/2276
https://github.com/project-zot/zot/pull/2277
https://github.com/project-zot/zot/pull/2278
https://github.com/project-zot/zot/pull/2279
https://github.com/project-zot/zot/pull/2280
https://github.com/project-zot/zot/pull/2281
https://github.com/project-zot/zot/pull/2282

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-02-28 00:45:00 +02:00
Ramkumar Chinchani
565eca2609
chore: fix dependabot alerts (#2268)
https://github.com/project-zot/zot/pull/2258
https://github.com/project-zot/zot/pull/2259
https://github.com/project-zot/zot/pull/2260
https://github.com/project-zot/zot/pull/2261
https://github.com/project-zot/zot/pull/2262
https://github.com/project-zot/zot/pull/2263
https://github.com/project-zot/zot/pull/2264
https://github.com/project-zot/zot/pull/2265
https://github.com/project-zot/zot/pull/2266
https://github.com/project-zot/zot/pull/2267

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-02-20 21:51:40 +02:00
Andrei Aaron
4e5db84cb1
chore: update image-spec and dist spec to 1.1.0 (#2255)
BREAKING CHANGE: the dist spec version in the config files needs to be bumped to 1.1.0
in order for the config verification to pass without warnings.

Also fix 1 dependabot alert for helm.

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-02-20 13:27:21 +02:00
Andrei Aaron
960686b957
feat(ui): introduce API key management in ZUI (#2256)
See Raul's PR: https://github.com/project-zot/zui/pull/403

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-02-20 12:23:58 +02:00
Andrei Aaron
6c953d6400
test: fix flacky coverage in cookiestore cleanup tests (#2257)
Refactor and add more coverage to test flacky coverage in case sessions
which are already deleted are flagged as expired/for deletion.

See coverage drop in pkg/api/cookiestore.go:
8e68255946/indirect-changes

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-02-19 14:43:30 -08:00
Andrei Aaron
2d2e005449
fix(npe): handle case where os.Stat returns different error types in DirExists (#2253)
See https://github.com/project-zot/zot/actions/runs/7905369535/job/21577848110

Also add tests to fix some of the coverage fluctuations.

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-02-18 08:00:00 +02:00
Andreea Lupu
aafb1a50ac
feat(ui): update zui version (#2251)
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
2024-02-16 11:39:14 +02:00
Vishwas R
0aa6bf0fff
feat: include PackagePath data in CVEs for image queries (#2241)
Signed-off-by: Vishwas Rajashekar <vrajashe@cisco.com>
2024-02-15 13:19:49 -08:00
Andrei Aaron
cc2eda0335
test: add test images build instructions and stacker.yamls (#2249)
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-02-15 13:49:25 +02:00
Andreea Lupu
d04568b853
feat(ui): update zui version (#2248)
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
2024-02-14 22:19:19 +02:00
peusebiu
8e68255946
fix(sync): added bearer client for sync (#2222)
fixed ping function taking too much time

closes: #2213 #2212

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2024-02-14 09:18:10 -08:00
Andrei Aaron
d0eb043be5
feat: Get the image LastUpdated timestamp from annotations (#2240)
Fallback to Created field and the History entries in the image config
only if the annotation "org.opencontainers.image.created" is not available

closes #2210

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-02-14 09:14:24 -08:00
Andrei Aaron
ec38d39c06
chore(go.mod): fix dependabot alerts (#2247)
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-02-14 09:12:57 -08:00
Andreea Lupu
55acce6923
feat(graphql): filter CVEs by severity (#2246)
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
2024-02-14 09:11:57 -08:00
LaurentiuNiculae
de90abd5dc
style(metadb): use type aliases for metadb types to be easier to read (#2043)
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2024-02-14 09:08:08 -08:00
Andrei Aaron
36e04a40c2
ci(nightly): update go version used for prometheus tests (#2239)
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-02-09 17:19:16 +02:00
peusebiu
5b83937d40
fix(tests): fixed inconsistent sync test (#2237)
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2024-02-08 18:28:59 +02:00
Andrei Aaron
f1d38d9dad
test(blackbox): fix the scrub test sometimes deleting the image manifest from the layout (#2236)
If the manifest is not present, scrub no longer errors,
so the test looking for errors in the log was not failing.

See the related scrub changes in: https://github.com/project-zot/zot/pull/2180

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-02-08 15:21:42 +02:00
Andrei Aaron
60dc8569ec
build(go): switch to go 1.21 (#2049)
Also update to the latest swaggo version, as the previous one did not work with go 1.21

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-02-07 10:54:28 -08:00
Andrei Aaron
4e33c172bb
feat(ui): show more information about CVEs (#2233)
see: https://github.com/project-zot/zui/pull/419

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-02-05 11:40:27 -08:00
Vishwas R
b332b43fb5
ci: release a checksums file with SHA256 hashes for release assets (#2227)
* ci: generate sha256 checksums for release assets

Signed-off-by: Vishwas Rajashekar <vrajashe@cisco.com>

* ci: add wildcard character prefix to filenames in checksum file

Signed-off-by: Vishwas Rajashekar <vrajashe@cisco.com>

---------

Signed-off-by: Vishwas Rajashekar <vrajashe@cisco.com>
2024-02-05 10:19:48 -08:00
Andrei Aaron
e3065f6a2c
chore(deps): fix dependabot alerts (#2232)
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-02-05 09:56:38 -08:00
Andrei Aaron
92cece7c86
ci: add script to build/publish zot multiarch images and modify the publish pipeline to use it (#2214)
Example usage:
   scripts/build_multiarch_image.sh --registry ghcr.io/project-zot --source-tag v2.0.0 --file build/multiarch-zot.json --destination-tags="v2.0.0 latest"

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-02-02 10:55:53 -08:00
Andrei Aaron
a60d3891ff
ci: stabilize ecosystem client tools workflow (#2224)
Since the scheduler no longer executes generators in a fixed order, and scrub logic refactoring,
the scrub tasks may or may not complete in the expected time.
Increase sleep times used to search for tasks results in zot logs.

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-02-02 16:11:27 +02:00
Andrei Aaron
6a83dd47c0
fix(scheduler): the session cleanup generator is reset too often (#2220)
This causes the "fair" scheduler to run it too often in the detriment of other generators.
The intention was to run it every 2 hours but the measurement unit for 7200 was not specified.

Add more logs, including showing a generator name, in order to troubleshoot this kind of issues easier in the future.

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-02-01 09:15:53 -08:00
Andrei Aaron
ce4924f841
refactor: rename go module from zotregistry.io/zot to zotregistry.dev/zot (#2187)
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-01-31 20:34:07 -08:00
Andreea Lupu
129e503d2d
feat(ui): update zui version (#2216)
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
2024-01-31 11:20:57 -08:00
Andrei Aaron
a2b923b6fd
feat(search): search for a specific tag cross-repo (#2211)
Syntax to search for `<tag_name>` accross all repos is `:<tag_name>`

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-01-30 09:12:41 -08:00
Ramkumar Chinchani
580df421bf
chore: fix dependabot alerts (#2208)
https://github.com/project-zot/zot/pull/2192
https://github.com/project-zot/zot/pull/2193
https://github.com/project-zot/zot/pull/2194
https://github.com/project-zot/zot/pull/2195
https://github.com/project-zot/zot/pull/2196
https://github.com/project-zot/zot/pull/2197
https://github.com/project-zot/zot/pull/2198
https://github.com/project-zot/zot/pull/2199
https://github.com/project-zot/zot/pull/2200
https://github.com/project-zot/zot/pull/2201
https://github.com/project-zot/zot/pull/2202
https://github.com/project-zot/zot/pull/2203
https://github.com/project-zot/zot/pull/2204
https://github.com/project-zot/zot/pull/2205
https://github.com/project-zot/zot/pull/2206
https://github.com/project-zot/zot/pull/2207

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-01-29 15:30:41 -08:00
Ramkumar Chinchani
9def35f3b8
chore: update go.mod to fix dependabot alerts (#2181)
https://github.com/project-zot/zot/pull/2178

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
2024-01-25 14:40:26 -08:00
Andreea Lupu
ddba1b7baf
fix(scrub): hold locks per image not per repo while executing scrub (#2180)
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
2024-01-25 11:12:21 -08:00
LaurentiuNiculae
1785688b7c
feat(ldap): hot reloading ldap credentials on change (#2167)
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2024-01-25 09:15:22 -08:00
Andrei Aaron
8215766720
fix: the scheduler is now fair (#2158)
Generators are now ordered by rank in the priority queue.

The rank computation formula is:
- 100/(1+generated_task_count) for high priority tasks
- 10/(1+generated_task_count) for medium priority tasks
- 1/(1+generated_task_count) for low priority tasks

Note the ranks are used when comparing generators both with the same priority and with different priority.
So now we are:
- giving an opportunity to all generators with the same priority to take turns generating tasks
- giving roughly 1 low priority and 10 medium priority tasks the opportunity to run for every 100 high priority tasks running.

After a generator generates a task, the generators are reordered in the priority queue based on rank.

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-01-25 09:05:47 -08:00
peusebiu
e9ab520905
fix(bearer): fixed /v2/ route not implementing token spec (#2176)
We use chartmuseum lib for handling bearer requests, which is not
implementing the token spec, mainly it expects "scope" parameter
to be given on every request, even for /v2/ route which doesn't represent
a resource.

Handle this /v2/ route inside our code.

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2024-01-22 09:15:27 -08:00
Andrei Aaron
ed6be0580e
refactor: replace deprecated APIs for creating images in the search tests (#2173)
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2024-01-22 09:10:34 -08:00
peusebiu
7dd1ca353f
fix(nightly): increase wait time for dedupe nightly build (#2177)
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
2024-01-22 09:07:04 -08:00
LaurentiuNiculae
3f97f878fd
feat(cve): add option to exclude string from cve search (#2163)
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
2024-01-19 12:59:42 -08:00