mirror of
https://github.com/project-zot/zot.git
synced 2025-01-06 22:40:28 -05:00
17d1338af1
This change introduces OpenID authn by using providers such as Github, Gitlab, Google and Dex. User sessions are now used for web clients to identify and persist an authenticated users session, thus not requiring every request to use credentials. Another change is apikey feature, users can create/revoke their api keys and use them to authenticate when using cli clients such as skopeo. eg: login: /auth/login?provider=github /auth/login?provider=gitlab and so on logout: /auth/logout redirectURL: /auth/callback/github /auth/callback/gitlab and so on If network policy doesn't allow inbound connections, this callback wont work! for more info read documentation added in this commit. Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro> Signed-off-by: Petu Eusebiu <peusebiu@cisco.com> Co-authored-by: Alex Stan <alexandrustan96@yahoo.ro>
97 lines
3.6 KiB
YAML
97 lines
3.6 KiB
YAML
name: "Ecosystem client tools"
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
pull_request:
|
|
branches: [main]
|
|
release:
|
|
types:
|
|
- published
|
|
|
|
permissions: read-all
|
|
|
|
jobs:
|
|
client-tools:
|
|
name: Check client tools
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v3
|
|
- uses: actions/setup-go@v4
|
|
with:
|
|
cache: false
|
|
go-version: 1.20.x
|
|
- name: Install dependencies
|
|
run: |
|
|
cd $GITHUB_WORKSPACE
|
|
go install github.com/swaggo/swag/cmd/swag
|
|
go mod download
|
|
sudo apt-get update
|
|
sudo apt-get install libgpgme-dev libassuan-dev libbtrfs-dev libdevmapper-dev pkg-config rpm uidmap
|
|
# install skopeo
|
|
git clone -b v1.12.0 https://github.com/containers/skopeo.git
|
|
cd skopeo
|
|
make bin/skopeo
|
|
sudo cp bin/skopeo /usr/bin
|
|
skopeo -v
|
|
# install cri-o (for crictl)
|
|
OS=xUbuntu_20.04
|
|
CRIO_VERSION=1.26
|
|
echo "deb https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list
|
|
echo "deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/$CRIO_VERSION/$OS/ /"|sudo tee /etc/apt/sources.list.d/devel:kubic:libcontainers:stable:cri-o:$CRIO_VERSION.list
|
|
curl -L https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable:/cri-o:/$CRIO_VERSION/$OS/Release.key | sudo apt-key add -
|
|
curl -L https://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/$OS/Release.key | sudo apt-key add -
|
|
sudo apt update
|
|
sudo apt install -y cri-o cri-o-runc
|
|
sudo systemctl enable crio.service
|
|
sudo systemctl start crio.service
|
|
sudo chmod 0777 /var/run/crio/crio.sock
|
|
# install dex
|
|
git clone https://github.com/dexidp/dex.git
|
|
cd dex/
|
|
make bin/dex
|
|
./bin/dex serve $GITHUB_WORKSPACE/test/dex/config-dev.yaml &
|
|
cd $GITHUB_WORKSPACE
|
|
- name: Run referrers tests
|
|
run: |
|
|
make test-bats-referrers
|
|
- name: Run metadata tests
|
|
run: |
|
|
make test-bats-metadata
|
|
- name: Run push-pull tests
|
|
run: |
|
|
make test-push-pull
|
|
- name: Run metrics tests
|
|
run: |
|
|
make test-bats-metrics
|
|
- name: Run cve tests
|
|
run: |
|
|
make test-bats-cve
|
|
- name: Run sync test
|
|
run: |
|
|
make test-bats-sync
|
|
- name: Run scrub tests
|
|
run: |
|
|
make test-bats-scrub
|
|
- name: Run anonymous-push-pull tests
|
|
run: |
|
|
make test-anonymous-push-pull
|
|
- name: Run annotations tests
|
|
run: |
|
|
make test-annotations
|
|
- name: Install localstack
|
|
run: |
|
|
pip install --upgrade pyopenssl
|
|
pip install localstack awscli-local[ver1] # install LocalStack cli and awslocal
|
|
docker pull localstack/localstack # Make sure to pull the latest version of the image
|
|
localstack start -d # Start LocalStack in the background
|
|
|
|
echo "Waiting for LocalStack startup..." # Wait 30 seconds for the LocalStack container
|
|
localstack wait -t 30 # to become ready before timing out
|
|
echo "Startup complete"
|
|
- name: Run cloud-only tests
|
|
run: |
|
|
make test-cloud-only
|
|
env:
|
|
AWS_ACCESS_KEY_ID: fake
|
|
AWS_SECRET_ACCESS_KEY: fake
|