redis driver for blob cache information and metadb (#2865)

* feat: add redis cache support

https://github.com/project-zot/zot/pull/2005
Fixes https://github.com/project-zot/zot/issues/2004

* feat: add redis cache support

Currently, we have dynamoDB as the remote shared cache but ideal only
for the cloud use case.
For on-prem use case, add support for redis.

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>

* feat(redis): added blackbox tests for redis

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>

* feat(redis): dummy implementation of MetaDB interface for redis cache

Signed-off-by: Alexei Dodon <adodon@cisco.com>

* feat: check validity of driver configuration on metadb instantiation

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

* feat: multiple fixes for redis cache driver implementation

- add missing method GetAllBlobs
- add redis cache tests, with and without mocking

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

* feat(redis): redis implementation for MetaDB

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

* feat(redis): use redsync to block concurrent write access to the redis DB

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

* feat(redis): update .github/workflows/cluster.yaml to also test redis

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

* feat(metadb): add keyPrefix parameter for redis and remove unneeded method meta.Crate()

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

* feat(redis): support RedisCluster configuration and add unit tests

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

* feat(redis): more tests for redis metadb implementation

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

* feat(redis): add more examples and update examples/README.md

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

* feat(redis): move option parsing and redis client initialization under pkg/api/config/redis

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

* chore(cachedb): move Cache interface to pkg/storage/types

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

* feat(redis): reorganize code in pkg/storage/cache.go

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

* feat(redis): call redis.SetLogger() with the zot logger as parameter

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

* feat(redis): rename pkg/meta/redisdb to pkg/meta/redis

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>

---------

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
Signed-off-by: Alexei Dodon <adodon@cisco.com>
Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
Co-authored-by: a <a@tuxpa.in>
Co-authored-by: Ramkumar Chinchani <rchincha@cisco.com>
Co-authored-by: Petu Eusebiu <peusebiu@cisco.com>
Co-authored-by: Alexei Dodon <adodon@cisco.com>

pkg/extensions/extension_image_trust.go

@@ -19,6 +19,7 @@ import (
 	"zotregistry.dev/zot/pkg/log"
 	mTypes "zotregistry.dev/zot/pkg/meta/types"
 	"zotregistry.dev/zot/pkg/scheduler"
+	sconstants "zotregistry.dev/zot/pkg/storage/constants"
 )
 
 func IsBuiltWithImageTrustExtension() bool {
@@ -172,7 +173,11 @@ func SetupImageTrustExtension(conf *config.Config, metaDB mTypes.MetaDB, log log
 
 	var err error
 
-	if conf.Storage.RemoteCache {
+	if conf.Storage.RemoteCache && conf.Storage.CacheDriver["name"] == sconstants.DynamoDBDriverName {
+		// AWS secrets manager
+		// In case of AWS let's assume if dynamodDB is used, the AWS secrets manager is also used
+		// we use the CacheDriver settings as opposed to the storage settings because we want to
+		// be able to use S3/minio and redis in the same configuration
 		endpoint, _ := conf.Storage.CacheDriver["endpoint"].(string)
 		region, _ := conf.Storage.CacheDriver["region"].(string)
 
@@ -181,6 +186,7 @@ func SetupImageTrustExtension(conf *config.Config, metaDB mTypes.MetaDB, log log
 			return err
 		}
 	} else {
+		// Store secrets on the local disk
 		imgTrustStore, err = imagetrust.NewLocalImageTrustStore(conf.Storage.RootDirectory)
 		if err != nil {
 			return err

pkg/extensions/extension_image_trust_test.go

@@ -17,6 +17,7 @@ import (
 	"testing"
 	"time"
 
+	"github.com/alicebob/miniredis/v2"
 	guuid "github.com/gofrs/uuid"
 	"github.com/sigstore/cosign/v2/cmd/cosign/cli/generate"
 	"github.com/sigstore/cosign/v2/cmd/cosign/cli/options"
@@ -123,6 +124,19 @@ func TestSignatureUploadAndVerificationLocal(t *testing.T) {
 	})
 }
 
+func TestSignatureUploadAndVerificationRedis(t *testing.T) {
+	Convey("test with local storage and redis metadb", t, func() {
+		miniRedis := miniredis.RunT(t)
+
+		cacheDriverParams := map[string]interface{}{
+			"name": "redis",
+			"url":  "redis://" + miniRedis.Addr(),
+		}
+
+		RunSignatureUploadAndVerificationTests(t, cacheDriverParams)
+	})
+}
+
 func TestSignatureUploadAndVerificationAWS(t *testing.T) {
 	tskip.SkipDynamo(t)
 
@@ -139,7 +153,7 @@ func TestSignatureUploadAndVerificationAWS(t *testing.T) {
 		repoBlobsInfoTablename := "repoBlobsInfoTable" + uuid.String()
 
 		cacheDriverParams := map[string]interface{}{
-			"name":                   "dynamoDB",
+			"name":                   "dynamodb",
 			"endpoint":               os.Getenv("DYNAMODBMOCK_ENDPOINT"),
 			"region":                 "us-east-2",
 			"cacheTablename":         cacheTablename,

pkg/extensions/imagetrust/image_trust_test.go

@@ -16,6 +16,7 @@ import (
 	"testing"
 	"time"
 
+	"github.com/alicebob/miniredis/v2"
 	awshttp "github.com/aws/aws-sdk-go-v2/aws/transport/http"
 	"github.com/aws/aws-sdk-go-v2/service/secretsmanager"
 	"github.com/aws/aws-sdk-go-v2/service/secretsmanager/types"
@@ -653,6 +654,25 @@ func TestLocalTrustStore(t *testing.T) {
 	})
 }
 
+func TestLocalTrustStoreRedis(t *testing.T) {
+	miniRedis := miniredis.RunT(t)
+
+	Convey("test local storage and redis", t, func() {
+		rootDir := t.TempDir()
+
+		imageTrustStore, err := imagetrust.NewLocalImageTrustStore(rootDir)
+		So(err, ShouldBeNil)
+
+		dbDriverParams := map[string]interface{}{
+			"name": "redis",
+			"url":  "redis://" + miniRedis.Addr(),
+		}
+
+		RunUploadTests(t, *imageTrustStore)
+		RunVerificationTests(t, dbDriverParams)
+	})
+}
+
 func TestAWSTrustStore(t *testing.T) {
 	tskip.SkipDynamo(t)
 
@@ -1065,6 +1085,7 @@ func TestAWSTrustStore(t *testing.T) {
 			panic(err)
 		}
 
+		cacheTablename := "BlobTable" + uuid.String()
 		repoMetaTablename := "RepoMetadataTable" + uuid.String()
 		versionTablename := "Version" + uuid.String()
 		userDataTablename := "UserDataTable" + uuid.String()
@@ -1073,9 +1094,10 @@ func TestAWSTrustStore(t *testing.T) {
 		repoBlobsInfoTablename := "repoBlobsInfoTable" + uuid.String()
 
 		dynamoDBDriverParams := map[string]interface{}{
-			"name":                   "dynamoDB",
+			"name":                   "dynamodb",
 			"endpoint":               os.Getenv("DYNAMODBMOCK_ENDPOINT"),
 			"region":                 "us-east-2",
+			"cachetablename":         cacheTablename,
 			"repometatablename":      repoMetaTablename,
 			"imagemetatablename":     imageMetaTablename,
 			"repoblobsinfotablename": repoBlobsInfoTablename,

pkg/extensions/search/search_test.go

@@ -18,6 +18,7 @@ import (
 	"testing"
 	"time"
 
+	"github.com/alicebob/miniredis/v2"
 	guuid "github.com/gofrs/uuid"
 	regTypes "github.com/google/go-containerregistry/pkg/v1/types"
 	notreg "github.com/notaryproject/notation-go/registry"
@@ -3905,7 +3906,7 @@ func TestGlobalSearch(t *testing.T) { //nolint: gocyclo
 		So(len(results.Repos), ShouldEqual, 0)
 	})
 
-	Convey("test nested indexes", t, func() {
+	Convey("test nested indexes CVE scanning disabled", t, func() {
 		log := log.NewLogger("debug", "")
 		rootDir := t.TempDir()
 		port := GetFreePort()
@@ -3913,6 +3914,20 @@ func TestGlobalSearch(t *testing.T) { //nolint: gocyclo
 		conf := config.New()
 		conf.HTTP.Port = port
 		conf.Storage.RootDirectory = rootDir
+
+		Convey("test with boltdb", func() {
+			conf.Storage.CacheDriver = nil
+		})
+
+		Convey("test with redis", func() {
+			miniRedis := miniredis.RunT(t)
+
+			conf.Storage.CacheDriver = map[string]interface{}{
+				"name": "redis",
+				"url":  "redis://" + miniRedis.Addr(),
+			}
+		})
+
 		defaultVal := true
 		conf.Extensions = &extconf.ExtensionConfig{
 			Search: &extconf.SearchConfig{BaseConfig: extconf.BaseConfig{Enable: &defaultVal}},
@@ -4054,7 +4069,7 @@ func TestGlobalSearch(t *testing.T) { //nolint: gocyclo
 		}
 	})
 
-	Convey("test nested indexes", t, func() {
+	Convey("test nested indexes CVE scanning enabled", t, func() {
 		log := log.NewLogger("debug", "")
 		rootDir := t.TempDir()
 		port := GetFreePort()
@@ -4062,6 +4077,20 @@ func TestGlobalSearch(t *testing.T) { //nolint: gocyclo
 		conf := config.New()
 		conf.HTTP.Port = port
 		conf.Storage.RootDirectory = rootDir
+
+		Convey("test with boltdb", func() {
+			conf.Storage.CacheDriver = nil
+		})
+
+		Convey("test with redis", func() {
+			miniRedis := miniredis.RunT(t)
+
+			conf.Storage.CacheDriver = map[string]interface{}{
+				"name": "redis",
+				"url":  "redis://" + miniRedis.Addr(),
+			}
+		})
+
 		defaultVal := true
 
 		updateDuration, _ := time.ParseDuration("1h")
@@ -6838,7 +6867,7 @@ func TestReadUploadDeleteDynamoDB(t *testing.T) {
 	repoBlobsTablename := "RepoBlobs" + uuid.String()
 
 	cacheDriverParams := map[string]interface{}{
-		"name":                   "dynamoDB",
+		"name":                   "dynamodb",
 		"endpoint":               os.Getenv("DYNAMODBMOCK_ENDPOINT"),
 		"region":                 "us-east-2",
 		"cachetablename":         cacheTablename,