github/zot
1
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2026-06-16 12:28:01 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,167 Commits 38 Branches 132 Tags
1c2736d970a8d82ebe2b8dbacfedbd7d5bcd6cc2
Commit Graph

653 Commits

Author SHA1 Message Date
peusebiu d5487d53e3 fix(authz): assign identity to authz context in tls mutual authentication (#1541) 
this causes a bug in extensions by not having the identity for the
authenticated user and couldn't apply his permissions, just the default ones.

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-06-21 16:06:53 +03:00
Lisca Ana-Roberta aab149610f fix: removed quotation marks from enum in swagger docs (#1539) 
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
 2023-06-20 15:32:19 +03:00
Lisca Ana-Roberta aa16c955b3 fix: added swagger doc generation for mgmt and userprefs (#1530) 
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
 2023-06-19 10:43:25 -07:00
peusebiu fc6d6356fb feat(sync): sync references(signatures/artifacts) recursively (#1500) 
sync now also pulls chained artifacts recursively
eg:
 image->sbom->sbom signature
 image->artifact->artifact

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-06-16 10:27:33 -07:00
Andrei Aaron f9f9422d13 ci(disk usage): disk related fixes and improvements (#1524) 
ci(workflow): show disk usage and free up disk space used by unneeded tooling
ci(tests): routes tests: do not copy large images if they are not used later
ci(trivy): update a test: download trivy.db to a temporary folder

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
 2023-06-15 15:07:28 -07:00
Lisca Ana-Roberta 622dde9193 fix: referrers now appears in swagger generated docs (#1488) 
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
 2023-06-12 10:32:11 -07:00
Ramkumar Chinchani 4d6ca493f2 chore: fix dependabot alerts (#1501) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2023-06-09 10:27:42 -07:00
Andrei Aaron 96d00cd0ef fix(cve): Fix CVE scanning in images containing Jar files (#1475) 2023-06-01 00:37:46 +03:00
peusebiu 612a12e5a8 refactor(sync): use task scheduler (#1301) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-05-31 10:26:23 -07:00
Ramkumar Chinchani 2202d6dfd4 fix: revert "org.opencontainers.referrers.filtersApplied" (#1478) 
As per latest dist-spec, this is now removed.

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2023-05-26 13:56:44 -07:00
LaurentiuNiculae a3f355c278 refactor(storage): refactoring storage (#1459) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-26 11:08:19 -07:00
peusebiu 9acd19f7ea fix(extensions): consolidate extensions headers returned to UI by extensions (#1473) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-05-25 11:44:54 -07:00
Lisca Ana-Roberta 6a7035c599 fix: removed duplicate structures from service.go and moved them to pkg/common (#1436) 
Signed-off-by: Ana-Roberta Lisca <ana.kagome@yahoo.com>
 2023-05-25 11:27:49 -07:00
peusebiu 4970f8814d fix(test): fix storage flaky tests (#1474) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-05-25 11:24:56 -07:00
LaurentiuNiculae 2b8479f7f2 feat(userprefs): update documentation and list extensions endpoint (#1456) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-25 14:46:52 +03:00
Andreea Lupu 970997f3a8 feat(graphql & repodb): add info about signature validity (#1344) 
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
 2023-05-24 09:46:16 -07:00
LaurentiuNiculae 6e6ffe800c chore(go.mod): upgrade to notation-go v1.0.0-rc.5 and image-spec v1.1.0-rc3 (#1468) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-23 15:16:33 +00:00
Ramkumar Chinchani 83ae1aad70 chore(go.mod): fix dependabot alerts (#1466) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2023-05-23 10:14:43 +03:00
LaurentiuNiculae c0170b0811 feat(routes): move the cors handler from /v2 to only where it's needed (#1457) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-19 21:22:51 -07:00
peusebiu 1b184ceef8 fix(zb): fixed remote repositories cleanup (#1461) 
fix(storage/local): also put deduped blobs in cache, not just origin blobs

this caused an error when trying to delete deduped blobs
from multiple repositories

fix(storage/s3): check blob is present in cache before deleting

this is an edge case where dedupe is false but cacheDriver is not nil
(because in s3 we open the cache.db if storage find it in rootDir)
it caused an error when trying to delete blobs uploaded with dedupe false

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-05-19 09:51:15 -07:00
Ramkumar Chinchani 2be5459c8e chore: fix dependabot alerts (#1458) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2023-05-17 00:37:34 -07:00
LaurentiuNiculae f4501e6b6b feat(search): add artifact type to manifest summary gql structure (#1448) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-15 10:44:49 -07:00
LaurentiuNiculae 912854f29b fix(sync): fix digest set into repodb (#1446) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-15 10:43:41 -07:00
LaurentiuNiculae 7bf40e7308 fix(sync): fixed way of updating repodb when syncing a signature (#1439) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-15 12:02:23 +03:00
Lisca Ana-Roberta e262fbea64 feat: verifying and enabling necessary extensions for ui (#1369) 
Signed-off-by: Ana-Roberta Lisca <ana.kagome@yahoo.com>
 2023-05-12 09:43:14 -07:00
LaurentiuNiculae 7d7bc9d5e4 feat(api): added oci-subject header when pushing an image with subject field (#1415) 
- as requested by the latest version of the oci distribution spec

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-12 09:32:01 -07:00
Ramkumar Chinchani 9534e0b88b chore: fix dependabot alerts (#1409) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2023-05-11 16:39:21 -07:00
LaurentiuNiculae b7ef88c96d fix(search): added the missing headers for search route (#1438) 
- added allow methods and allowed headers

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-11 16:05:14 +03:00
LaurentiuNiculae ea79be64da refactor(artifact): remove oci artifact support (#1359) 
* refactor(artifact): remove oci artifact support
- add header to referrers call to indicated applied artifact type filters

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>

* feat(gc): simplify gc logic to increase coverage

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>

---------

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-10 10:15:33 -07:00
LaurentiuNiculae 3be690c2ac feat(userpreferences): update allowed methods header for user preferences routes (#1430) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-10 10:09:53 -07:00
peusebiu d62dbcdf63 fix(sync): fix syncing signatures when using destination in sync's config (#1429) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-05-08 10:16:20 -07:00
LaurentiuNiculae 449f0d0ac3 fix(repoinfo): fix userprefs values for repos returned by expanded repo info (#1413) 
- now isBookmarked and isStarred are updated correctly

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-05-04 09:51:21 -07:00
peusebiu e299ae199a fix(sync): skip non distributable layers (#1421) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-05-04 09:38:33 -07:00
Ramkumar Chinchani 86ecbd3926 fix: non-distributable layers may not exist (#1404) 
Currently, when pushing an image, validation is performed to check that
a layer/blob in the manifest already exists. For non-distributable
layers, that check needs to be skipped.

Fixes issue #1394

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2023-05-01 12:49:41 -07:00
Ramkumar Chinchani 42df4c505a chore: fix dependabot alerts (#1403) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2023-05-01 12:49:10 -07:00
Ramkumar Chinchani 3dd228e3e3 fix(serve): gracefully exit with error instead of panic (#1396) 2023-05-01 08:26:23 +03:00
Nicol c169698c95 feat: remove usage of zerolog.Logger.Msgf() from zot code (#1382) 
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
 2023-04-27 19:44:22 -07:00
Andreea Lupu 40bf76add5 chore(go.mod): upgrade trivy and cosign (#1387) 
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
 2023-04-27 09:35:10 -07:00
peusebiu 07bfc8ab95 fix(authz): get username from authn.go request context (#1383) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-04-27 08:13:06 -07:00
LaurentiuNiculae 3d8a4022bd feat(global-search): add filtering options by starred and bookmarked (#1336) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2023-04-27 08:11:13 -07:00
Ramkumar Chinchani 635d07ae04 chore: update golang (to 1.20.x) and golangci-linter (#1388) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2023-04-27 00:09:46 -07:00
LaurentiuNiculae 9cc990d7ca feat(repodb): add user related information to repodb (#1317) 
Initial code was contributed by Bogdan BIVOLARU <104334+bogdanbiv@users.noreply.github.com>
Moved implementation from a separate db to repodb by Andrei Aaron <aaaron@luxoft.com>

Not done yet:
- run/test dynamodb implementation, only boltdb was tested
- add additional coverage for existing functionality
- add web-based APIs to toggle the stars/bookmarks on/off

Initially graphql mutation was discussed for the missing API but
we decided REST endpoints would be better suited for configuration



feat(userdb): complete functionality for userdb integration

- dynamodb rollback changes to user starred repos in case increasing the total star count fails
- dynamodb increment/decrement repostars in repometa when user stars/unstars a repo
- dynamodb check anonymous user permissions are working as intendend
- common test handle anonymous users
- RepoMeta2RepoSummary set IsStarred and IsBookmarked



feat(userdb): rest api calls for toggling stars/bookmarks on/off



test(userdb): blackbox tests



test(userdb): move preferences tests in a different file with specific build tags



feat(repodb): add is-starred and is-bookmarked fields to repo-meta

- removed duplicated logic for determining if a repo is starred/bookmarked

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
Co-authored-by: Andrei Aaron <aaaron@luxoft.com>
 2023-04-24 11:13:15 -07:00
peusebiu d818293cc1 test(sync): make sure sync doesn't write on shutdown (#1370) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-04-19 11:34:41 -07:00
Nicol 0586c6227e refactor: remove pkg/extensions/search/common and move the code to the appropriate packages (#1358) 
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
 2023-04-18 11:07:47 -07:00
Andrei Aaron e63faa8898 fix(csp): upgrade UI and fix zap failure (#1372) 
The zap scanner started to check the csp header, which is causing a warning.

We also need to ignore the rule, as both settings are read by the scanner.

Per https://w3c.github.io/webappsec-csp/#example-7bb4ce67 we can have multiple
Content-Security-Policy headers, and the most restrictive policies apply.
This rule doesn't seem to be applied by zap.

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
 2023-04-13 13:48:09 -07:00
Ramkumar Chinchani e6b81bb354 chore(go.mod): fix dependabot alerts (#1365) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2023-04-12 14:10:47 +03:00
Ramkumar Chinchani 8f809bda29 chore(go.mod): fix dependabot alerts (#1351) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2023-04-10 14:09:54 -07:00
Nicol 3510ef0fb0 refactor: move pkg/extensions/search/common/oci_layout.go under pkg/test/ (#1325) 
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
 2023-04-07 09:52:26 -07:00
peusebiu f35ff53146 feat(storage): rebuild storage(s3/local) dedupe index when switching dedupe status (#1062) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-04-07 09:49:24 -07:00
peusebiu 96232bb11c test(sync): consolidate all sync tests (#1332) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2023-04-07 09:36:27 +03:00