add building files

Dockerfile

@@ -0,0 +1,48 @@
+FROM registry.altlinux.org/alt/alt:latest AS builder
+ARG ZOT_VER=v2.0.4
+ARG ZUI_VER=commit-9de2337
+
+WORKDIR /workdir
+RUN apt-get update && apt-get install apt rpm
+RUN apt-get install -y podman git golang npm ca-certificates rpm-build-golang rpm-build-nodejs rpm-macros-golang
+RUN git clone -q --branch $ZOT_VER https://github.com/project-zot/zot
+
+WORKDIR zot
+RUN git checkout $ZOT_VER
+RUN git clone -q --branch $ZUI_VER https://github.com/project-zot/zui 
+
+WORKDIR zui
+COPY ./zui-auth.patch pwd/zui-auth.patch
+RUN git apply --check pwd/zui-auth.patch
+RUN npm install && npm run build 
+
+WORKDIR /workdir/zot
+RUN make COMMIT=$ZOT_VER ZUI_BUILD_PATH="/workdir/zot/zui/build" binary cli bench
+COPY pwd/bin/zli-linux-%go_hostarch completion bash > zli.bash
+COPY pwd/bin/zot-linux-%go_hostarch completion bash > zot.bash
+
+
+FROM registry.altlinux.org/alt/alt:latest
+MAINTAINER alt-cloud
+
+LABEL org.opencontainers.image.title="zot"
+LABEL org.opencontainers.image.description="A production-ready vendor-neutral OCI-native container image registry (purely based on OCI Distribution Specification)"
+LABEL org.opencontainers.image.source="https://github.com/project-zot/zot"
+LABEL org.opencontainers.image.licenses="Apache-2.0"
+LABEL org.opencontainers.image.vendor="ALT Linux Team"
+
+COPY --from=builder /workdir/zot/bin/zot-linux-* /usr/bin/zot
+COPY --from=builder /workdir/zot/bin/zli-linux-* /usr/bin/zli 
+COPY --from=builder /workdir/zot/bin/zb-linux-* /usr/bin/zb 
+COPY ./zot.service /lib/systemd/system/zot.service
+COPY ./config.json /etc/zot/config.json
+COPY --from=builder /workdir/zot/bin/zot.bash /usr/share/bash-completion/completions/zot
+COPY --from=builder /workdir/zot/bin/zli.bash /usr/share/bash-completion/completions/zli
+
+USER _zot:_zot
+
+VOLUME ["/var/lib/zot"]
+EXPOSE 5000
+
+ENTRYPOINT ["/usr/bin/zot"]
+CMD ["serve", "/etc/zot/config.json"]

config.json

@@ -0,0 +1,29 @@
+{
+	"storage":{
+        "rootDirectory":"/var/lib/zot"
+    },
+    "http":{
+        "address":"0.0.0.0",
+        "port":"5000"
+    },
+    "log":{
+        "level":"debug"
+    },
+    "extensions": {
+        "search": {
+            "enable": true,
+            "cve": {
+                "trivy": {
+                    "dbRepository": "ghcr.io/alt-cloud/trivy-db"
+                },
+                "updateInterval": "24h"
+            }
+        },
+        "ui": {
+            "enable": true
+        },
+        "mgmt": {
+            "enable": true
+        }
+    }
+}

zot.service

@@ -0,0 +1,50 @@
+[Unit]
+Description=OCI Distribution Registry
+Documentation=https://zotregistry.dev/
+Wants=network-online.target
+After=network-online.target local-fs.target
+
+[Service]
+Type=simple
+ExecStartPre=/usr/bin/zot verify /etc/zot/config.json
+ExecStart=/usr/bin/zot serve /etc/zot/config.json
+Restart=on-failure
+User=_zot
+Group=_zot
+LimitNOFILE=65535
+
+RemoveIPC=true
+ProcSubset=pid
+NoNewPrivileges=true
+LockPersonality=true
+MemoryDenyWriteExecute=true
+
+CapabilityBoundingSet=
+
+ProtectSystem=strict
+ReadWritePaths=-/var/lib/zot
+
+ProtectProc=invisible
+ProtectHome=true
+ProtectHostname=true
+ProtectClock=true
+ProtectKernelTunables=true
+ProtectKernelModules=true
+ProtectKernelLogs=true
+ProtectControlGroups=true
+
+PrivateTmp=true
+PrivateDevices=true
+PrivateIPC=true
+
+RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX
+RestrictNamespaces=true
+RestrictRealtime=true
+RestrictSUIDSGID=true
+
+SystemCallArchitectures=native
+SystemCallFilter=@system-service
+SystemCallFilter=~ @privileged @resources
+
+[Install]
+WantedBy=multi-user.target

zui-auth.patch

@@ -0,0 +1,49 @@
+diff --git a/src/App.js b/src/App.js
+index 6fdd96c..9728bc2 100644
+--- a/src/App.js
++++ b/src/App.js
+@@ -1,8 +1,7 @@
+-import React, { useState } from 'react';
++import React from 'react';
+ import { BrowserRouter as Router, Routes, Route, Navigate } from 'react-router-dom';
+ 
+-import { isAuthenticated, isApiKeyEnabled } from 'utilities/authUtilities';
+-import { AuthWrapper } from 'utilities/AuthWrapper';
++import { isApiKeyEnabled } from 'utilities/authUtilities';
+ 
+ import HomePage from './pages/HomePage';
+ import LoginPage from './pages/LoginPage';
+@@ -14,25 +13,18 @@ import UserManagementPage from 'pages/UserManagementPage';
+ import './App.css';
+ 
+ function App() {
+-  const [isLoggedIn, setIsLoggedIn] = useState(isAuthenticated());
+-
+   return (
+     <div className="App" data-testid="app-container">
+       <Router>
+         <Routes>
+-          <Route element={<AuthWrapper isLoggedIn={isLoggedIn} hasHeader redirect="/login" />}>
+-            <Route path="/" element={<Navigate to="/home" />} />
+-            <Route path="/home" element={<HomePage />} />
+-            <Route path="/explore" element={<ExplorePage />} />
+-            <Route path="/image/:name" element={<RepoPage />} />
+-            <Route path="/image/:reponame/tag/:tag" element={<TagPage />} />
+-            {isApiKeyEnabled() && <Route path="/user/apikey" element={<UserManagementPage />} />}
+-            <Route path="*" element={<Navigate to="/home" />} />
+-          </Route>
+-          <Route element={<AuthWrapper isLoggedIn={!isLoggedIn} redirect="/" />}>
+-            <Route path="/login" element={<LoginPage isLoggedIn={isLoggedIn} setIsLoggedIn={setIsLoggedIn} />} />
+-            <Route path="*" element={<Navigate to="/login" />} />
+-          </Route>
++          <Route path="/" element={<Navigate to="/home" />} />
++          <Route path="/home" element={<HomePage />} />
++          <Route path="/login" element={<LoginPage />} />
++          <Route path="/explore" element={<ExplorePage />} />
++          <Route path="/image/:name" element={<RepoPage />} />
++          <Route path="/image/:reponame/tag/:tag" element={<TagPage />} />
++          {isApiKeyEnabled() && <Route path="/user/apikey" element={<UserManagementPage />} />}
++          <Route path="*" element={<Navigate to="/home" />} />
+         </Routes>
+       </Router>
+     </div>