Add identity-based access control, closes #51

Add a cli subcommand to verify config files validity
2026-06-15 20:07:55 +08:00 · 2021-05-13 21:59:12 +03:00
parent 26926ad4c2
commit 609d85d875
14 changed files with 915 additions and 51 deletions
@@ -0,0 +1,5 @@
+You can check a configuration file validity by running the verify command:
+
+```console
+$ zot verify /path/to/config
+```
@@ -9,6 +9,7 @@
        "ReadOnly": false
    },
    "log": {
-        "level": "debug"
+        "level": "debug",
+        "output": "/tmp/zot.log"
    }
 }
@@ -0,0 +1,54 @@
+{
+  "version": "0.1.0-dev",
+  "storage": {
+    "rootDirectory": "/tmp/zot"
+  },
+  "http": {
+    "address": "127.0.0.1",
+    "port": "8080",
+    "realm": "zot",
+    "auth": {
+      "htpasswd": {
+        "path": "test/data/htpasswd"
+      },
+      "failDelay": 1
+    },
+    "accessControl": {
+      "repos1/repo": {
+        "policies": [
+          {
+            "users": ["alice", "bob"],
+            "actions": ["create", "read", "update", "delete"]
+          },
+          {
+            "users": ["mallory"],
+            "actions": ["create", "read"]
+          }
+        ],
+        "defaultPolicy": ["read"]
+      },
+      "repos2/repo": {
+        "policies": [
+          {
+            "users": ["bob"],
+            "actions": ["read", "create"]
+          },
+          {
+            "users": ["mallory"],
+            "actions": ["create", "read"]
+          }
+        ],
+        "defaultPolicy": ["read"]
+      },
+      "adminPolicy": {
+          "users": ["admin"],
+          "actions": ["read", "create", "update", "delete"]
+      }
+    }
+  },
+  "log": {
+    "level": "debug",
+    "output": "/tmp/zot.log"
+  }
+}
+