alt/zot-wo-auth
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
473 Commits 7 Branches 33 Tags 22 MiB
616d5f8a6d
Commit Graph

473 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Petu Eusebiu
616d5f8a6d zb: replace map with sync.Map to avoid concurrent writes closes #582 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-06-28 08:47:34 -07:00
Ramkumar Chinchani
eed48c1715 refactor filenames to reflect functionality 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-06-21 21:42:54 -07:00
Petu Eusebiu
a04f870a22 Periodically sync golang image from dockerhub to ghcr.io 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-06-16 23:42:50 -07:00
Catalin Hofnar
a8a65a6c37 Modified sync log calls to include error type (#336) 
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
 2022-06-15 09:45:49 -07:00
Lisca Ana-Roberta
111b80625d added repos command to list repositories 
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
 2022-06-15 02:22:18 -07:00
Alex Stan
66484c8ca9 changed go version to 1.18 
Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>
 2022-06-09 04:38:06 -07:00
Shivam Mishra
620bc7c517 routes: strip query parameter from request URL 
reuqest url also contains query parameter due to this in some scenarios
location header is setting up incorrectly, strip query parameter from
request url to correctly setup location header.

Closes #573 #575

Signed-off-by: Shivam Mishra <shimish2@cisco.com>
 2022-06-08 22:50:37 -07:00
Shivam Mishra
f52c950d04 fix sample request url in search extension README 
Signed-off-by: Shivam Mishra <shimish2@cisco.com>
 2022-06-07 11:24:19 -07:00
Ramkumar Chinchani
0edee009c0 fix CVE-2022-28946/GHSA-x7f3-62pm-9p38 
https://github.com/project-zot/zot/security/dependabot/17
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-06-06 11:43:36 -07:00
Ramkumar Chinchani
d07de27402 fix CVE-2022-26945/GHSA-x24g-9w7v-vprh 
https://github.com/project-zot/zot/security/dependabot/22

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-06-06 11:43:36 -07:00
Catalin Hofnar
0b6fdc23ea Added sync onDemand test for ORAS artifact 
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
 2022-06-06 10:38:42 -07:00
Shivam Mishra
b61aff62cd check notary v2 signature while looking for available signatures 
expanded repo info also provides information if manifests of repo is signed or not
previously it was looking for only cosign signature.

Signed-off-by: Shivam Mishra <shimish2@cisco.com>
 2022-06-03 17:45:22 -07:00
laurentiuNiculae
c9b32c73ae added more types of severity 
Signed-off-by: laurentiuNiculae <themelopeus@gmail.com>
 2022-06-03 09:44:54 -07:00
Andreea-Lupu
081ba0b2f2 fix periodic background tasks - gc and scrub 
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
 2022-06-02 08:58:02 -07:00
Petu Eusebiu
d0b52612a2 ci/cd: Fix arm builds, use distroless final image 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-05-30 10:38:55 -07:00
Lisca Ana-Roberta
62775cc095 fixed failed tests for all skopeo versions 
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>

skopeo verifications

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>

skopeo verifications modified makefile

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>

modified how to get digest and fixed makefile

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>

fixed failed tests for all skopeo versions

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>

echo skopeo version

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>

skopeo verifications

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>

skopeo verifications modified makefile

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>

modified how to get digest and fixed makefile

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>

skopeo failed tests fixed

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>

changed function name

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>

fixed lost modifications

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>

fixed code coverage and dead code

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
 2022-05-27 08:19:07 -07:00
Lisca Ana-Roberta
e5a14670db code coverage improvement 
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
 2022-05-26 08:54:05 -07:00
Ramkumar Chinchani
dbe23e58f9 fix CVE-2022-28948/GHSA-hp87-p4gw-j4gq 
https://github.com/project-zot/zot/security/dependabot/18

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-05-25 15:13:45 -07:00
Shivam Mishra
0dd00e7883 fix extension endpoints 
Signed-off-by: Shivam Mishra <shimish2@cisco.com>
 2022-05-25 13:46:43 -07:00
Ramkumar Chinchani
6b841809e3 fix CVE-2022-29173/GHSA-66x3-6cw3-v5gj 
https://github.com/project-zot/zot/security/dependabot/16

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-05-25 11:34:24 -07:00
Petu Eusebiu
da4acaf178 sync: preserve upstream digests after syncing images 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-05-25 10:19:36 -07:00
Petu Eusebiu
bd730150a8 sync: allow HTTP redirects when GETing signatures blobs 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-05-25 10:19:36 -07:00
Petu Eusebiu
aeb8a5da39 sync: specify contentType in headers when GETing cosign manifest 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-05-25 10:19:36 -07:00
Shivam Mishra
dcdeb935fd use zot as an extension name, ext as a component and search as a module 
add endpoints field in ext discover api

distribution spec extension discover api has endpoints field required.

https://github.com/opencontainers/distribution-spec/blob/main/extensions/_oci.md#extensions-property-descriptions

Signed-off-by: Shivam Mishra <shimish2@cisco.com>
 2022-05-24 19:12:40 -07:00
Petu Eusebiu
5e22acbbc4 s3: added logic for deduping blobs 
Because s3 doesn't support hard links we store duplicated blobs
as empty files. When the original blob is deleted its content is
moved to the the next duplicated blob and so on.

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-05-24 17:00:10 -07:00
Petu Eusebiu
ad08c08986 cluster: use zb source ips pool to distribute requests to cluster 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-05-24 15:19:23 -07:00
Petu Eusebiu
ca8b866c46 zb: pick client IPs from a pool, closes #472 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-05-24 15:19:23 -07:00
Ramkumar Chinchani
a5e091e3d2 fix CVE-2022-29162/GHSA-f3fp-gc8g-vw66 
https://github.com/project-zot/zot/security/dependabot/15

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-05-24 12:53:48 -07:00
Ramkumar Chinchani
3ca2393dec fix stacker build file to include compatible glibc runtime 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-05-22 23:01:01 -07:00
Shivam Mishra
36c9631000 ext: use distribution spec route prefix for extension api 
Following the spec defined here https://github.com/opencontainers/distribution-spec/tree/main/extensions

Signed-off-by: Shivam Mishra <shimish2@cisco.com>
 2022-05-22 16:35:16 -07:00
Ramkumar Chinchani
c1bf4456d0 update cosign deps 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-05-22 09:15:01 -07:00
laurentiuNiculae
7d8af50aec mocked tests for routes 
Signed-off-by: laurentiuNiculae <themelopeus@gmail.com>
 2022-05-20 13:27:09 -07:00
Ramkumar Chinchani
287ac05ddc update linter version to 1.46.2 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-05-20 11:53:56 -07:00
Ramkumar Chinchani
32afe712d6 build: fix base image in stacker files 
Revert 058bbb94c6
Use alpine:3

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-05-20 10:38:44 -07:00
Catalin Hofnar
7c477f5ba3 Changed Github workflow to cache dependencies 
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
 2022-05-19 09:44:52 -07:00
Petu Eusebiu
799eab63a9 clustering: Give time to minio container to come up 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-05-18 10:35:26 -07:00
Petu Eusebiu
7c3a8f9d07 Report unknown keys when parsing configuration files 
Report missing mandatory ldap keys

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-05-16 14:13:31 -07:00
Catalin Hofnar
20a60cbad4 Enhance sync logic - stop blob redownloads and re-pushes (#479 #480) 
Changed imagesToCopyFromUpstream to return a map[string][]types.ImageReference from just an array of refs
Rewrote some logic in sync.go to use the new signature of imagesToCopyFromUpstream
Split getLocalImageRef by adding function getLocalCachePath
Adapted tests for new changes, added some tests
Merged #481

Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
 2022-05-16 10:05:01 -07:00
Shivam Mishra
c2245bf412 add failfast flag in go test 
this flag disables running additional tests after any test fails.

Signed-off-by: Shivam Mishra <shimish2@cisco.com>
 2022-05-13 18:53:24 -07:00
Ramkumar Chinchani
058bbb94c6 stacker builds: use a different base image 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-05-12 11:32:42 -07:00
Ramkumar Chinchani
0eed4fbed2 zb: fix usage help output 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-05-10 09:50:01 -07:00
Shivam Mishra
e04a9bf6e2 use TempDir instead of /tmp/zot in tests 
Closes #508

Signed-off-by: Shivam Mishra <shimish2@cisco.com>
 2022-05-05 10:38:53 -07:00
Ramkumar Chinchani
97173a54dd add a CODEOWNERS file 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-05-04 11:52:28 -07:00
Ramkumar Chinchani
6d593b468f dependabot alert: fix CVE-2022-29810 
https://github.com/project-zot/zot/security/dependabot/14

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-05-03 14:36:41 -07:00
laurentiuNiculae
bb95af5b4d default policy only authorization 
unit tests for manifest integrity when updating

Signed-off-by: laurentiuNiculae <themelopeus@gmail.com>
 2022-05-03 11:46:55 -07:00
Ramkumar Chinchani
e1a1bdff1a codeql: move from v1 to v2 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-04-27 11:58:46 -07:00
Alex Stan
d325c8b5f4 Fix problems signaled by new linter version v1.45.2 
PR (linter: upgrade linter version #405) triggered lint job which failed
with many errors generated by various linters. Configurations were added to
golangcilint.yaml and several refactorings were made in order to improve the
results of the linter.

maintidx linter disabled

Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>
 2022-04-27 09:55:44 -07:00
Ramkumar Chinchani
d19a4bf2a1 build(deps): bump github.com/swaggo/http-swagger from 1.2.5 to 1.2.6 
Fixes https://github.com/project-zot/zot/security/dependabot/12

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-04-26 09:31:11 -07:00
Andreea-Lupu
cb9d8d6c13 update metrics/Dockerfile to match current binary name format 
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
 2022-04-22 11:37:53 -07:00
Petu Eusebiu
ad90a4975f Migrate from docker/build-push-action to stacker-build-push-action 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-04-19 10:49:21 -07:00