Added config enable=true/false for extensions with default value as enabled closes #258

Signed-off-by: Alexei Dodon <adodon@cisco.com>
2026-06-15 20:07:55 +08:00 · 2021-12-28 15:29:30 +02:00
parent 730fe70f2f
commit 47c9b6244e
19 changed files with 970 additions and 85 deletions
@@ -290,7 +290,6 @@ func TestServerCVEResponse(t *testing.T) {
 	url := test.GetBaseURL(port)
 	conf := config.New()
 	conf.HTTP.Port = port
-	ctlr := api.NewController(conf)

 	dir, err := ioutil.TempDir("", "oci-repo-test")
 	if err != nil {
@@ -304,18 +303,21 @@ func TestServerCVEResponse(t *testing.T) {

 	defer os.RemoveAll(dir)

-	ctlr.Config.Storage.RootDirectory = dir
+	conf.Storage.RootDirectory = dir
 	cveConfig := &extconf.CVEConfig{
 		UpdateInterval: 2,
 	}
+	defaultVal := true
 	searchConfig := &extconf.SearchConfig{
 		CVE:    cveConfig,
-		Enable: true,
+		Enable: &defaultVal,
 	}
-	ctlr.Config.Extensions = &extconf.ExtensionConfig{
+	conf.Extensions = &extconf.ExtensionConfig{
 		Search: searchConfig,
 	}

+	ctlr := api.NewController(conf)
+
 	go func(controller *api.Controller) {
 		// this blocks
 		if err := controller.Run(); err != nil {
@@ -0,0 +1,666 @@
+//go:build extended
+// +build extended
+
+package cli_test
+
+import (
+	"fmt"
+	"io/ioutil"
+	"net/http"
+	"os"
+	"testing"
+
+	. "github.com/smartystreets/goconvey/convey"
+	"gopkg.in/resty.v1"
+	"zotregistry.io/zot/pkg/cli"
+	. "zotregistry.io/zot/pkg/test"
+)
+
+func TestServeExtensions(t *testing.T) {
+	oldArgs := os.Args
+
+	defer func() { os.Args = oldArgs }()
+
+	Convey("config file with no extensions", t, func(c C) {
+		port := GetFreePort()
+		baseURL := GetBaseURL(port)
+		logFile, err := ioutil.TempFile("", "zot-log*.txt")
+		So(err, ShouldBeNil)
+		defer os.Remove(logFile.Name()) // clean up
+
+		content := fmt.Sprintf(`{
+			"storage": {
+				"rootDirectory": "/tmp/zot"
+			},
+			"http": {
+				"address": "127.0.0.1",
+				"port": "%s"
+			},
+			"log": {
+				"level": "debug",
+				"output": "%s"
+			}
+		}`, port, logFile.Name())
+
+		cfgfile, err := ioutil.TempFile("", "zot-test*.json")
+		So(err, ShouldBeNil)
+		defer os.Remove(cfgfile.Name()) // clean up
+		_, err = cfgfile.Write([]byte(content))
+		So(err, ShouldBeNil)
+		err = cfgfile.Close()
+		So(err, ShouldBeNil)
+
+		os.Args = []string{"cli_test", "serve", cfgfile.Name()}
+		go func() {
+			err = cli.NewServerRootCmd().Execute()
+			So(err, ShouldBeNil)
+		}()
+
+		WaitTillServerReady(baseURL)
+		data, err := os.ReadFile(logFile.Name())
+		So(err, ShouldBeNil)
+		So(string(data), ShouldContainSubstring, "\"Extensions\":null")
+	})
+
+	Convey("config file with empty extensions", t, func(c C) {
+		port := GetFreePort()
+		baseURL := GetBaseURL(port)
+		logFile, err := ioutil.TempFile("", "zot-log*.txt")
+		So(err, ShouldBeNil)
+		defer os.Remove(logFile.Name()) // clean up
+
+		content := fmt.Sprintf(`{
+			"storage": {
+				"rootDirectory": "/tmp/zot"
+			},
+			"http": {
+				"address": "127.0.0.1",
+				"port": "%s"
+			},
+			"log": {
+				"level": "debug",
+				"output": "%s"
+			},
+			"extensions": {
+			}
+		}`, port, logFile.Name())
+
+		cfgfile, err := ioutil.TempFile("", "zot-test*.json")
+		So(err, ShouldBeNil)
+		defer os.Remove(cfgfile.Name()) // clean up
+		_, err = cfgfile.Write([]byte(content))
+		So(err, ShouldBeNil)
+		err = cfgfile.Close()
+		So(err, ShouldBeNil)
+
+		os.Args = []string{"cli_test", "serve", cfgfile.Name()}
+		go func() {
+			err = cli.NewServerRootCmd().Execute()
+			So(err, ShouldBeNil)
+		}()
+
+		WaitTillServerReady(baseURL)
+		data, err := os.ReadFile(logFile.Name())
+		So(err, ShouldBeNil)
+		So(string(data), ShouldContainSubstring, "\"Extensions\":{\"Search\":null,\"Sync\":null,\"Metrics\":null")
+	})
+}
+
+func testWithMetricsEnabled(cfgContentFormat string) {
+	port := GetFreePort()
+	baseURL := GetBaseURL(port)
+	logFile, err := ioutil.TempFile("", "zot-log*.txt")
+	So(err, ShouldBeNil)
+
+	defer os.Remove(logFile.Name()) // clean up
+
+	content := fmt.Sprintf(cfgContentFormat, port, logFile.Name())
+	cfgfile, err := ioutil.TempFile("", "zot-test*.json")
+	So(err, ShouldBeNil)
+
+	defer os.Remove(cfgfile.Name()) // clean up
+	_, err = cfgfile.Write([]byte(content))
+	So(err, ShouldBeNil)
+	err = cfgfile.Close()
+	So(err, ShouldBeNil)
+
+	os.Args = []string{"cli_test", "serve", cfgfile.Name()}
+
+	go func() {
+		err = cli.NewServerRootCmd().Execute()
+		So(err, ShouldBeNil)
+	}()
+	WaitTillServerReady(baseURL)
+
+	resp, err := resty.R().Get(baseURL + "/metrics")
+	So(err, ShouldBeNil)
+	So(resp, ShouldNotBeNil)
+	So(resp.StatusCode(), ShouldEqual, http.StatusOK)
+
+	respStr := string(resp.Body())
+	So(respStr, ShouldContainSubstring, "zot_info")
+
+	data, err := os.ReadFile(logFile.Name())
+	So(err, ShouldBeNil)
+	So(string(data), ShouldContainSubstring,
+		"\"Extensions\":{\"Search\":null,\"Sync\":null,\"Metrics\":{\"Enable\":true,\"Prometheus\":{\"Path\":\"/metrics\"}}}") // nolint:lll
+}
+
+func TestServeMetricsExtension(t *testing.T) {
+	oldArgs := os.Args
+
+	defer func() { os.Args = oldArgs }()
+
+	Convey("no explicit enable", t, func(c C) {
+		content := `{
+			"storage": {
+				"rootDirectory": "/tmp/zot"
+			},
+			"http": {
+				"address": "127.0.0.1",
+				"port": "%s"
+			},
+			"log": {
+				"level": "debug",
+				"output": "%s"
+			},
+			"extensions": {
+				"metrics": {
+				}
+			}
+		}`
+		testWithMetricsEnabled(content)
+	})
+
+	Convey("no explicit enable but with prometheus parameter", t, func(c C) {
+		content := `{
+			"storage": {
+				"rootDirectory": "/tmp/zot"
+			},
+			"http": {
+				"address": "127.0.0.1",
+				"port": "%s"
+			},
+			"log": {
+				"level": "debug",
+				"output": "%s"
+			},
+			"extensions": {
+				"metrics": {
+					"prometheus": {
+						"path": "/metrics"
+					}
+				}
+			}
+		}`
+		testWithMetricsEnabled(content)
+	})
+
+	Convey("with explicit enable, but without prometheus parameter", t, func(c C) {
+		content := `{
+			"storage": {
+				"rootDirectory": "/tmp/zot"
+			},
+			"http": {
+				"address": "127.0.0.1",
+				"port": "%s"
+			},
+			"log": {
+				"level": "debug",
+				"output": "%s"
+			},
+			"extensions": {
+				"metrics": {
+					"enable": true
+				}
+			}
+		}`
+		testWithMetricsEnabled(content)
+	})
+
+	Convey("with explicit disable", t, func(c C) {
+		port := GetFreePort()
+		baseURL := GetBaseURL(port)
+		logFile, err := ioutil.TempFile("", "zot-log*.txt")
+		So(err, ShouldBeNil)
+		defer os.Remove(logFile.Name()) // clean up
+
+		content := fmt.Sprintf(`{
+					"storage": {
+						"rootDirectory": "/tmp/zot"
+					},
+					"http": {
+						"address": "127.0.0.1",
+						"port": "%s"
+					},
+					"log": {
+						"level": "debug",
+						"output": "%s"
+					},
+					"extensions": {
+						"metrics": {
+							"enable": false
+						}
+					}
+				}`, port, logFile.Name())
+
+		cfgfile, err := ioutil.TempFile("", "zot-test*.json")
+		So(err, ShouldBeNil)
+		defer os.Remove(cfgfile.Name()) // clean up
+		_, err = cfgfile.Write([]byte(content))
+		So(err, ShouldBeNil)
+		err = cfgfile.Close()
+		So(err, ShouldBeNil)
+
+		os.Args = []string{"cli_test", "serve", cfgfile.Name()}
+		go func() {
+			err = cli.NewServerRootCmd().Execute()
+			So(err, ShouldBeNil)
+		}()
+		WaitTillServerReady(baseURL)
+
+		resp, err := resty.R().Get(baseURL + "/metrics")
+		So(err, ShouldBeNil)
+		So(resp, ShouldNotBeNil)
+		So(resp.StatusCode(), ShouldEqual, http.StatusNotFound)
+
+		data, err := os.ReadFile(logFile.Name())
+		So(err, ShouldBeNil)
+		So(string(data), ShouldContainSubstring,
+			"\"Extensions\":{\"Search\":null,\"Sync\":null,\"Metrics\":{\"Enable\":false,\"Prometheus\":{\"Path\":\"/metrics\"}}}") // nolint:lll
+	})
+}
+
+func TestServeSyncExtension(t *testing.T) {
+	oldArgs := os.Args
+
+	defer func() { os.Args = oldArgs }()
+
+	Convey("sync implicitly enabled", t, func(c C) {
+		port := GetFreePort()
+		baseURL := GetBaseURL(port)
+		logFile, err := ioutil.TempFile("", "zot-log*.txt")
+		So(err, ShouldBeNil)
+		defer os.Remove(logFile.Name()) // clean up
+
+		content := fmt.Sprintf(`{
+				"storage": {
+					"rootDirectory": "/tmp/zot"
+				},
+				"http": {
+					"address": "127.0.0.1",
+					"port": "%s"
+				},
+				"log": {
+					"level": "debug",
+					"output": "%s"
+				},
+				"extensions": {
+					"sync": {
+						"registries": [{
+							"urls": ["http://localhost:8080"],
+							"tlsVerify": false,
+							"onDemand": true,
+							"maxRetries": 3,
+							"retryDelay": "15m",
+							"certDir": "",
+							"content":[
+								{
+									"prefix": "zot-test",
+									"tags": {
+										"regex": ".*",
+										"semver": true
+									}
+								}
+							]
+						}]
+					}
+				}
+			}`, port, logFile.Name())
+
+		cfgfile, err := ioutil.TempFile("", "zot-test*.json")
+		So(err, ShouldBeNil)
+		defer os.Remove(cfgfile.Name()) // clean up
+		_, err = cfgfile.Write([]byte(content))
+		So(err, ShouldBeNil)
+		err = cfgfile.Close()
+		So(err, ShouldBeNil)
+
+		os.Args = []string{"cli_test", "serve", cfgfile.Name()}
+		go func() {
+			err = cli.NewServerRootCmd().Execute()
+			So(err, ShouldBeNil)
+		}()
+		WaitTillServerReady(baseURL)
+
+		data, err := os.ReadFile(logFile.Name())
+		So(err, ShouldBeNil)
+		So(string(data), ShouldContainSubstring,
+			"\"Extensions\":{\"Search\":null,\"Sync\":{\"Enable\":true")
+	})
+
+	Convey("sync explicitly enabled", t, func(c C) {
+		port := GetFreePort()
+		baseURL := GetBaseURL(port)
+		logFile, err := ioutil.TempFile("", "zot-log*.txt")
+		So(err, ShouldBeNil)
+		defer os.Remove(logFile.Name()) // clean up
+
+		content := fmt.Sprintf(`{
+				"storage": {
+					"rootDirectory": "/tmp/zot"
+				},
+				"http": {
+					"address": "127.0.0.1",
+					"port": "%s"
+				},
+				"log": {
+					"level": "debug",
+					"output": "%s"
+				},
+				"extensions": {
+					"sync": {
+						"enable": true,
+						"registries": [{
+							"urls": ["http://localhost:8080"],
+							"tlsVerify": false,
+							"onDemand": true,
+							"maxRetries": 3,
+							"retryDelay": "15m",
+							"certDir": "",
+							"content":[
+								{
+									"prefix": "zot-test",
+									"tags": {
+										"regex": ".*",
+										"semver": true
+									}
+								}
+							]
+						}]
+					}
+				}
+			}`, port, logFile.Name())
+
+		cfgfile, err := ioutil.TempFile("", "zot-test*.json")
+		So(err, ShouldBeNil)
+		defer os.Remove(cfgfile.Name()) // clean up
+		_, err = cfgfile.Write([]byte(content))
+		So(err, ShouldBeNil)
+		err = cfgfile.Close()
+		So(err, ShouldBeNil)
+
+		os.Args = []string{"cli_test", "serve", cfgfile.Name()}
+		go func() {
+			err = cli.NewServerRootCmd().Execute()
+			So(err, ShouldBeNil)
+		}()
+		WaitTillServerReady(baseURL)
+
+		data, err := os.ReadFile(logFile.Name())
+		So(err, ShouldBeNil)
+		So(string(data), ShouldContainSubstring,
+			"\"Extensions\":{\"Search\":null,\"Sync\":{\"Enable\":true")
+	})
+
+	Convey("sync explicitly disabled", t, func(c C) {
+		port := GetFreePort()
+		baseURL := GetBaseURL(port)
+		logFile, err := ioutil.TempFile("", "zot-log*.txt")
+		So(err, ShouldBeNil)
+		defer os.Remove(logFile.Name()) // clean up
+
+		content := fmt.Sprintf(`{
+				"storage": {
+					"rootDirectory": "/tmp/zot"
+				},
+				"http": {
+					"address": "127.0.0.1",
+					"port": "%s"
+				},
+				"log": {
+					"level": "debug",
+					"output": "%s"
+				},
+				"extensions": {
+					"sync": {
+						"enable": false,
+						"registries": [{
+							"urls": ["http://127.0.0.1:8080"],
+							"tlsVerify": false,
+							"certDir": "",
+							"maxRetries": 3,
+							"retryDelay": "15m"
+						}]
+					}
+				}
+			}`, port, logFile.Name())
+
+		cfgfile, err := ioutil.TempFile("", "zot-test*.json")
+		So(err, ShouldBeNil)
+		defer os.Remove(cfgfile.Name()) // clean up
+		_, err = cfgfile.Write([]byte(content))
+		So(err, ShouldBeNil)
+		err = cfgfile.Close()
+		So(err, ShouldBeNil)
+
+		os.Args = []string{"cli_test", "serve", cfgfile.Name()}
+		go func() {
+			err = cli.NewServerRootCmd().Execute()
+			So(err, ShouldBeNil)
+		}()
+		WaitTillServerReady(baseURL)
+
+		data, err := os.ReadFile(logFile.Name())
+		So(err, ShouldBeNil)
+		So(string(data), ShouldContainSubstring,
+			"\"Extensions\":{\"Search\":null,\"Sync\":{\"Enable\":false")
+	})
+}
+
+func TestServeSearchExtension(t *testing.T) {
+	oldArgs := os.Args
+
+	defer func() { os.Args = oldArgs }()
+
+	Convey("search implicitly enabled", t, func(c C) {
+		port := GetFreePort()
+		baseURL := GetBaseURL(port)
+		logFile, err := ioutil.TempFile("", "zot-log*.txt")
+		So(err, ShouldBeNil)
+		defer os.Remove(logFile.Name()) // clean up
+
+		content := fmt.Sprintf(`{
+					"storage": {
+						"rootDirectory": "/tmp/zot"
+					},
+					"http": {
+						"address": "127.0.0.1",
+						"port": "%s"
+					},
+					"log": {
+						"level": "debug",
+						"output": "%s"
+					},
+					"extensions": {
+						"search": {
+						}
+					}
+				}`, port, logFile.Name())
+
+		cfgfile, err := ioutil.TempFile("", "zot-test*.json")
+		So(err, ShouldBeNil)
+		defer os.Remove(cfgfile.Name()) // clean up
+		_, err = cfgfile.Write([]byte(content))
+		So(err, ShouldBeNil)
+		err = cfgfile.Close()
+		So(err, ShouldBeNil)
+
+		os.Args = []string{"cli_test", "serve", cfgfile.Name()}
+		go func() {
+			err = cli.NewServerRootCmd().Execute()
+			So(err, ShouldBeNil)
+		}()
+		WaitTillServerReady(baseURL)
+
+		data, err := os.ReadFile(logFile.Name())
+		So(err, ShouldBeNil)
+		So(string(data), ShouldContainSubstring,
+			"\"Extensions\":{\"Search\":{\"CVE\":{\"UpdateInterval\":86400000000000},\"Enable\":true},\"Sync\":null,\"Metrics\":null}") // nolint:lll
+		So(string(data), ShouldContainSubstring, "updating the CVE database")
+	})
+
+	Convey("search implicitly enabled with CVE param set", t, func(c C) {
+		port := GetFreePort()
+		baseURL := GetBaseURL(port)
+		logFile, err := ioutil.TempFile("", "zot-log*.txt")
+		So(err, ShouldBeNil)
+		defer os.Remove(logFile.Name()) // clean up
+
+		content := fmt.Sprintf(`{
+					"storage": {
+						"rootDirectory": "/tmp/zot"
+					},
+					"http": {
+						"address": "127.0.0.1",
+						"port": "%s"
+					},
+					"log": {
+						"level": "debug",
+						"output": "%s"
+					},
+					"extensions": {
+						"search": {
+							"cve": {
+								"updateInterval": "1h"
+							}
+						}
+					}
+				}`, port, logFile.Name())
+
+		cfgfile, err := ioutil.TempFile("", "zot-test*.json")
+		So(err, ShouldBeNil)
+		defer os.Remove(cfgfile.Name()) // clean up
+		_, err = cfgfile.Write([]byte(content))
+		So(err, ShouldBeNil)
+		err = cfgfile.Close()
+		So(err, ShouldBeNil)
+
+		os.Args = []string{"cli_test", "serve", cfgfile.Name()}
+		go func() {
+			err = cli.NewServerRootCmd().Execute()
+			So(err, ShouldBeNil)
+		}()
+		WaitTillServerReady(baseURL)
+
+		data, err := os.ReadFile(logFile.Name())
+		So(err, ShouldBeNil)
+		// Even if in config we specified updateInterval=1h, the minimum interval is 2h
+		So(string(data), ShouldContainSubstring,
+			"\"Extensions\":{\"Search\":{\"CVE\":{\"UpdateInterval\":3600000000000},\"Enable\":true},\"Sync\":null,\"Metrics\":null}") // nolint:lll
+		So(string(data), ShouldContainSubstring, "updating the CVE database")
+		So(string(data), ShouldContainSubstring,
+			"CVE update interval set to too-short interval < 2h, changing update duration to 2 hours and continuing.")
+	})
+
+	Convey("search explicitly enabled, but CVE parameter not set", t, func(c C) {
+		port := GetFreePort()
+		baseURL := GetBaseURL(port)
+		logFile, err := ioutil.TempFile("", "zot-log*.txt")
+		So(err, ShouldBeNil)
+		defer os.Remove(logFile.Name()) // clean up
+
+		content := fmt.Sprintf(`{
+				"storage": {
+					"rootDirectory": "/tmp/zot"
+				},
+				"http": {
+					"address": "127.0.0.1",
+					"port": "%s"
+				},
+				"log": {
+					"level": "debug",
+					"output": "%s"
+				},
+				"extensions": {
+					"search": {
+						"enable": true
+					}
+				}
+			}`, port, logFile.Name())
+
+		cfgfile, err := ioutil.TempFile("", "zot-test*.json")
+		So(err, ShouldBeNil)
+		defer os.Remove(cfgfile.Name()) // clean up
+		_, err = cfgfile.Write([]byte(content))
+		So(err, ShouldBeNil)
+		err = cfgfile.Close()
+		So(err, ShouldBeNil)
+
+		os.Args = []string{"cli_test", "serve", cfgfile.Name()}
+		go func() {
+			err = cli.NewServerRootCmd().Execute()
+			So(err, ShouldBeNil)
+		}()
+		WaitTillServerReady(baseURL)
+
+		data, err := os.ReadFile(logFile.Name())
+		So(err, ShouldBeNil)
+		So(string(data), ShouldContainSubstring,
+			"\"Extensions\":{\"Search\":{\"CVE\":{\"UpdateInterval\":86400000000000},\"Enable\":true},\"Sync\":null,\"Metrics\":null}") // nolint:lll
+		So(string(data), ShouldContainSubstring, "updating the CVE database")
+	})
+
+	Convey("search explicitly disabled", t, func(c C) {
+		port := GetFreePort()
+		baseURL := GetBaseURL(port)
+		logFile, err := ioutil.TempFile("", "zot-log*.txt")
+		So(err, ShouldBeNil)
+		defer os.Remove(logFile.Name()) // clean up
+
+		content := fmt.Sprintf(`{
+				"storage": {
+					"rootDirectory": "/tmp/zot"
+				},
+				"http": {
+					"address": "127.0.0.1",
+					"port": "%s"
+				},
+				"log": {
+					"level": "debug",
+					"output": "%s"
+				},
+				"extensions": {
+					"search": {
+						"enable": false,
+						"cve": {
+							"updateInterval": "3h"
+						}
+					}
+				}
+			}`, port, logFile.Name())
+
+		cfgfile, err := ioutil.TempFile("", "zot-test*.json")
+		So(err, ShouldBeNil)
+		defer os.Remove(cfgfile.Name()) // clean up
+		_, err = cfgfile.Write([]byte(content))
+		So(err, ShouldBeNil)
+		err = cfgfile.Close()
+		So(err, ShouldBeNil)
+
+		os.Args = []string{"cli_test", "serve", cfgfile.Name()}
+		go func() {
+			err = cli.NewServerRootCmd().Execute()
+			So(err, ShouldBeNil)
+		}()
+		WaitTillServerReady(baseURL)
+
+		data, err := os.ReadFile(logFile.Name())
+		So(err, ShouldBeNil)
+		So(string(data), ShouldContainSubstring,
+			"\"Extensions\":{\"Search\":{\"CVE\":{\"UpdateInterval\":10800000000000},\"Enable\":false},\"Sync\":null,\"Metrics\":null}") // nolint:lll
+		So(string(data), ShouldContainSubstring, "CVE config not provided, skipping CVE update")
+		So(string(data), ShouldNotContainSubstring,
+			"CVE update interval set to too-short interval < 2h, changing update duration to 2 hours and continuing.")
+	})
+}
@@ -286,8 +286,9 @@ func TestServerResponse(t *testing.T) {
 		url := test.GetBaseURL(port)
 		conf := config.New()
 		conf.HTTP.Port = port
+		defaultVal := true
 		conf.Extensions = &extconf.ExtensionConfig{
-			Search: &extconf.SearchConfig{Enable: true},
+			Search: &extconf.SearchConfig{Enable: &defaultVal},
 		}
 		ctlr := api.NewController(conf)
 		dir, err := ioutil.TempDir("", "oci-repo-test")
@@ -4,6 +4,7 @@ import (
 	"context"
 	"fmt"
 	"net/http"
+	"time"

 	glob "github.com/bmatcuk/doublestar/v4"
 	"github.com/fsnotify/fsnotify"
@@ -15,6 +16,7 @@ import (
 	"zotregistry.io/zot/errors"
 	"zotregistry.io/zot/pkg/api"
 	"zotregistry.io/zot/pkg/api/config"
+	extconf "zotregistry.io/zot/pkg/extensions/config"
 	"zotregistry.io/zot/pkg/extensions/monitoring"
 	"zotregistry.io/zot/pkg/storage"
 )
@@ -293,6 +295,64 @@ func validateConfiguration(config *config.Config) {
 	}
 }

+func applyDefaultValues(config *config.Config, viperInstance *viper.Viper) {
+	defaultVal := true
+
+	if config.Extensions == nil && viperInstance.Get("extensions") != nil {
+		config.Extensions = &extconf.ExtensionConfig{}
+
+		extMap := viperInstance.GetStringMap("extensions")
+		_, ok := extMap["metrics"]
+
+		if ok {
+			// we found a config like `"extensions": {"metrics": {}}`
+			// Note: In case metrics is not empty the config.Extensions will not be nil and we will not reach here
+			config.Extensions.Metrics = &extconf.MetricsConfig{}
+		}
+
+		_, ok = extMap["search"]
+		if ok {
+			// we found a config like `"extensions": {"search": {}}`
+			// Note: In case search is not empty the config.Extensions will not be nil and we will not reach here
+			config.Extensions.Search = &extconf.SearchConfig{}
+		}
+	}
+
+	if config.Extensions != nil {
+		if config.Extensions.Sync != nil {
+			if config.Extensions.Sync.Enable == nil {
+				config.Extensions.Sync.Enable = &defaultVal
+			}
+
+			for id, regCfg := range config.Extensions.Sync.Registries {
+				if regCfg.TLSVerify == nil {
+					config.Extensions.Sync.Registries[id].TLSVerify = &defaultVal
+				}
+			}
+		}
+
+		if config.Extensions.Search != nil {
+			if config.Extensions.Search.Enable == nil {
+				config.Extensions.Search.Enable = &defaultVal
+			}
+
+			if config.Extensions.Search.CVE == nil {
+				config.Extensions.Search.CVE = &extconf.CVEConfig{UpdateInterval: 24 * time.Hour} // nolint: gomnd
+			}
+		}
+
+		if config.Extensions.Metrics != nil {
+			if config.Extensions.Metrics.Enable == nil {
+				config.Extensions.Metrics.Enable = &defaultVal
+			}
+
+			if config.Extensions.Metrics.Prometheus == nil {
+				config.Extensions.Metrics.Prometheus = &extconf.PrometheusConfig{Path: "/metrics"}
+			}
+		}
+	}
+}
+
 func LoadConfiguration(config *config.Config, configPath string) {
 	// Default is dot (.) but because we allow glob patterns in authz
 	// we need another key delimiter.
@@ -322,17 +382,9 @@ func LoadConfiguration(config *config.Config, configPath string) {
 		panic(err)
 	}

+	// defaults
+	applyDefaultValues(config, viperInstance)
+
 	// various config checks
 	validateConfiguration(config)
-
-	// defaults
-	defaultTLSVerify := true
-
-	if config.Extensions != nil && config.Extensions.Sync != nil {
-		for id, regCfg := range config.Extensions.Sync.Registries {
-			if regCfg.TLSVerify == nil {
-				config.Extensions.Sync.Registries[id].TLSVerify = &defaultTLSVerify
-			}
-		}
-	}
 }