a13c917b73
chore: fix dependabot alerts ( #3292 )
...
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
* fix: update trivy api call
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-08-06 10:09:53 -07:00
2c7e8fd33e
chore: fix dependabot alerts ( #3245 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-07-05 00:06:32 +03:00
100dfec142
chore: fix dependabot alerts ( #3213 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-06-17 10:09:19 -07:00
6a22640bfa
Fix dependabot alerts ( #3188 )
...
* chore: update github.com/redis/go-redis/v9 to v9.9.0
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* chore: update trivy to v0.63.0
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* chore: update github.com/spf13/cast to v1.9.2
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* chore: update ossf/scorecard-action from 2.4.1 to 2.4.2
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* chore: fix multiple dependabot alerts
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
---------
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2025-06-09 10:40:13 -07:00
32a5eee521
chore: fix dependabot alerts ( #3141 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-05-05 22:06:22 -07:00
bc5fd1a357
feat(events): add events extension ( #3045 )
...
* feat: add events config
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* feat: implement event support with log sink
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* feat: integrate events and update tests
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* refactor: update event config
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* feat: implement http and nats sinks. remove log sink
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* refactor: events extension setup
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: cleanup tests to use nil event recorder
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: update events config example and add more logging
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* refactor: better use of build tags for minimal binary
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* fix: missing store param in evelated privileges tests
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* fix: regression in config decoding
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: update check logs script to enable cross-platform usage via GREP_BIN_PATH envvar
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: fix log lint issue for events
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: fix failing events disabled test
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* test: add blackbox tests for events
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: specify architecture when downloading binaries in Makefile
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: improve failure handling when no valid sinks are provided
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* test: fix data race in events test
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: cleanup event decoding
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* test: fix logging tests
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* test: make nats server test more reliable
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: go mod cleanup
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* test: add sleep when setting up nats client
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* fix: ensure event sink errors do not propogate
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* test: increase coverage for events
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* feat(events): Refactor events to be non-blocking from caller.
Signed-off-by: Asgeir Nilsen <asgeir.nilsen@bouvet.no >
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: remove harded-coded linux
Co-authored-by: Andrei Aaron <andreifdaaron@gmail.com >
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* feat(events): fail to start if incorrect event sink is configured
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* test: allow cli tests to return errors instead of panic
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: bump nats server to v2.11.3
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
---------
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
Signed-off-by: Asgeir Nilsen <asgeir.nilsen@bouvet.no >
Co-authored-by: Asgeir Nilsen <asgeir.nilsen@bouvet.no >
Co-authored-by: Andrei Aaron <andreifdaaron@gmail.com >
2025-05-02 12:30:06 -07:00
06a0cd5220
chore: fix dependabot alerts ( #3127 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-04-30 21:47:54 +03:00
0e2aa81439
feat(sync): use regclient for sync extension ( #2903 )
...
* feat(sync): use regclient for sync extension
replaced containers/image package with regclient/regclient package
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
* fix(sync): fixed converting innner docker list mediatype
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
* feat(sync): added option to preserve digest
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
* fix(sync): added coverage and various fixes
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
* fix(metadb): fixed converting manifest list not setting platform and annotations
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
* fix(sync): remove read lock on storage, not used concurrently
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
* feat(sync): added cache for repo tags
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
* fix(sync): fixed Makefile
removed opengpg tag
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
* fix(sync): add test for on demand referrer
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
---------
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
2025-04-15 16:58:15 -07:00
62af65b07d
chore: fix dependabot alerts ( #3084 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-04-08 22:57:22 -07:00
fd761c0254
chore: fix dependabot alerts ( #3070 )
...
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
* ci: fix linter config
* fix: linter fixes
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-04-04 00:31:02 -07:00
ff50aab9b3
chore: fix dependabot alerts ( #3041 )
...
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
* test: fix http status code check
Related to gqlgen changes
- github.com/99designs/gqlgen v0.17.66
+ github.com/99designs/gqlgen v0.17.68
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-03-18 20:10:55 -07:00
651d123731
chore: fix dependabot alerts ( #3021 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-03-11 01:40:27 -07:00
328606def0
chore: fix dependabot alerts ( #2978 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-02-22 22:28:23 -08:00
d0ad93532f
chore: fix dependabot alerts ( #2945 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-02-03 23:34:01 -08:00
ea6b6dab23
fix: MetaDB fixes related to Docker media types ( #2934 )
...
* fix: update download counters for docker media types
closes #2929
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* fix: handle docker config mediatype in MetaDB
The OS/Arch/Layer History information was not written to MetaDB
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
---------
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2025-02-03 08:29:55 +02:00
05823cd74f
redis driver for blob cache information and metadb ( #2865 )
...
* feat: add redis cache support
https://github.com/project-zot/zot/pull/2005
Fixes https://github.com/project-zot/zot/issues/2004
* feat: add redis cache support
Currently, we have dynamoDB as the remote shared cache but ideal only
for the cloud use case.
For on-prem use case, add support for redis.
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* feat(redis): added blackbox tests for redis
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com >
* feat(redis): dummy implementation of MetaDB interface for redis cache
Signed-off-by: Alexei Dodon <adodon@cisco.com >
* feat: check validity of driver configuration on metadb instantiation
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat: multiple fixes for redis cache driver implementation
- add missing method GetAllBlobs
- add redis cache tests, with and without mocking
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): redis implementation for MetaDB
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): use redsync to block concurrent write access to the redis DB
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): update .github/workflows/cluster.yaml to also test redis
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(metadb): add keyPrefix parameter for redis and remove unneeded method meta.Crate()
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): support RedisCluster configuration and add unit tests
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): more tests for redis metadb implementation
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): add more examples and update examples/README.md
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): move option parsing and redis client initialization under pkg/api/config/redis
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* chore(cachedb): move Cache interface to pkg/storage/types
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): reorganize code in pkg/storage/cache.go
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): call redis.SetLogger() with the zot logger as parameter
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): rename pkg/meta/redisdb to pkg/meta/redis
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com >
Signed-off-by: Alexei Dodon <adodon@cisco.com >
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
Co-authored-by: a <a@tuxpa.in >
Co-authored-by: Ramkumar Chinchani <rchincha@cisco.com >
Co-authored-by: Petu Eusebiu <peusebiu@cisco.com >
Co-authored-by: Alexei Dodon <adodon@cisco.com >
2025-01-30 11:00:52 -08:00
97fd43e2b0
chore: fix dependabot alerts ( #2881 )
2025-01-14 08:36:30 +02:00
7f593b8896
chore: fix dependabot alerts ( #2869 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-01-13 01:20:29 -08:00
6ca9c66260
chore: fix dependabot alerts ( #2851 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2024-12-23 21:10:23 -08:00
8789fb0008
chore: fix dependabot alerts ( #2837 )
...
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
* chore: update oras version
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2024-12-18 08:57:13 -08:00
8f5414a1f0
chore: update ui version ( #2827 )
...
chore: fix dependabot alerts (#2825 )
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2024-12-14 11:58:04 -08:00
72c6e8afb3
chore: fix dependabot alerts ( #2810 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-12-06 09:04:46 -08:00
a76bfd4283
chore: update Trivy and Trivy dependencies ( #2763 )
...
The Trivy library now supports multiple locations from where to download the DBs.
The zot code has been updated to properly call the updated library functions.
If at some point we would want to support multiple Trivy DBs in zot, we could look into it more.
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-11-07 09:03:37 -08:00
da923ae232
chore: update go tests to use our hosted trivy-db and trivy-java-db images ( #2754 )
...
There are 2 remaining exceptions that I am aware of:
1. The tests under test/blackbox/cve.bats
2. One of the cli tests checking the server attempts download of the databases
from the default url
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-11-01 14:14:52 -07:00
cb2af94b0b
feat: add support for docker images ( #2714 )
...
* feat: add support for docker images
Issue #724
A new config section under "HTTP" called "Compat" is added which
currently takes a list of possible compatible legacy media-types.
https://github.com/opencontainers/image-spec/blob/main/media-types.md#compatibility-matrix
Only "docker2s2" (Docker Manifest V2 Schema V2) is currently supported.
Garbage collection also needs to be made aware of non-OCI compatible
layer types.
feat: add cve support for non-OCI compatible layer types
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
*
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* test: add more docker compat tests
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* feat: add additional validation checks for non-OCI images
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* ci: make "full" images docker-compatible
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-10-31 09:44:04 +02:00
da6bd56a21
fix: issues with nested index processing in CVE and metaDB code ( #2732 )
...
Also fix an issue with searching tags, which should work with case insensitive searches.
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-10-21 09:57:43 -07:00
c89be3ad31
chore: fix dependabot alerts ( #2709 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-10-07 16:20:37 -07:00
e6624a29a5
feat(graphql): Add LastPullTimestamp and PushTimestamp in ImageSummar… ( #2699 )
...
feat(graphql): Add LastPullTimestamp and PushTimestamp in ImageSummary resposne
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
2024-10-03 12:27:03 -07:00
8553712613
chore: upgrade trivy to v0.55.2 and update the logic of waiting for zot to start in some jobs ( #2685 )
...
chore: upgrade trivy to v0.55.2, also update the logic of waiting for zot to start in some jobs
Seems like there's an increate in the time zot requires to start before servicing requests.
From my GitHub observations it is better check using curl instead of relying on hardcoded 5s or 10s values.
The logic in .github/workflows/cluster.yaml seems to be old and out of date.
Even on main right now there is only 1 our of 3 zots actualy running.
The other 2 are actually erroring: Error: operation timeout: boltdb file is already in use, path '/tmp/zot/cache.db'
This is unrelated to this PR, I am seeing the same issue in the olders workflow runs still showing the logs
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-09-30 10:37:53 -07:00
9cf6b0205d
chore: fix dependabot alerts ( #2681 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-09-27 09:05:14 +03:00
f618b1d4ef
ci(deps): upgrade golangci-lint ( #2556 )
...
* ci(deps): upgrade golangci-lint
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de >
* build(deps): removed disabled linters
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de >
* build(deps): go run github.com/daixiang0/gci@latest write .
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* build(deps): go run golang.org/x/tools/cmd/goimports@latest -l -w .
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* build(deps): go run github.com/bombsimon/wsl/v4/cmd...@latest -strict-append -test=true -fix ./...
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* build(deps): go run github.com/catenacyber/perfsprint@latest -fix ./...
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* build(deps): replace gomnd by mnd
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* build(deps): make gqlgen
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* build: Revert "build(deps): go run github.com/daixiang0/gci@latest write ."
This reverts commit 5bf8c42e1fjoe@cloudeteer.de >
* build(deps): go run github.com/daixiang0/gci@latest write -s 'standard' -s default -s 'prefix(zotregistry.dev/zot)' .
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* build(deps): make gqlgen
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: wsl issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: check-log issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: gci issues
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* fix: tests
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
---------
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de >
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
2024-07-29 10:32:51 -07:00
fb2edcc269
chore: fix dependabot alerts ( #2486 )
...
https://github.com/project-zot/zot/pull/2475
https://github.com/project-zot/zot/pull/2477
https://github.com/project-zot/zot/pull/2478
https://github.com/project-zot/zot/pull/2479
https://github.com/project-zot/zot/pull/2480
https://github.com/project-zot/zot/pull/2481
https://github.com/project-zot/zot/pull/2482
https://github.com/project-zot/zot/pull/2483
https://github.com/project-zot/zot/pull/2484
https://github.com/project-zot/zot/pull/2485
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-06-17 20:31:01 +03:00
e023936e8e
fix(ui): fix image details view ( #2470 )
...
when a UI client tries to view image details
for an image with multiple tags pointing to the same digest
we make a query to dynamodb having duplicate keys (same digest)
resulting in an error and the client is redirect back to image
overview.
closes : #2464
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com >
2024-06-14 09:22:48 -07:00
1594852428
chore: fix dependabot alerts ( #2446 )
...
* chore: fix dependabot alerts
https://github.com/project-zot/zot/pull/2435
https://github.com/project-zot/zot/pull/2436
https://github.com/project-zot/zot/pull/2437
https://github.com/project-zot/zot/pull/2438
https://github.com/project-zot/zot/pull/2439
https://github.com/project-zot/zot/pull/2440
https://github.com/project-zot/zot/pull/2441
https://github.com/project-zot/zot/pull/2442
https://github.com/project-zot/zot/pull/2443
https://github.com/project-zot/zot/pull/2444
https://github.com/project-zot/zot/pull/2445
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* fix(zli): _schema query in zli code should not use empty parens
Fix also some tests
See https://github.com/vektah/gqlparser/issues/292 and https://github.com/vektah/gqlparser/pull/293
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
Co-authored-by: Andrei Aaron <aaaron@luxoft.com >
2024-06-04 13:54:30 +03:00
2bb46b0562
chore: fix dependabot alerts ( #2431 )
...
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-05-27 14:37:27 -07:00
186855b5f8
fix: additional input validation for CVE graphQL query ( #2408 )
...
It is possible to ask for a very large limit size which can exhaust
memory.
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-04-24 09:23:17 +03:00
28e9aabecf
chore: fix dependabot alerts ( #2331 )
...
https://github.com/project-zot/zot/pull/2324
https://github.com/project-zot/zot/pull/2325
https://github.com/project-zot/zot/pull/2326
https://github.com/project-zot/zot/pull/2327
https://github.com/project-zot/zot/pull/2328
https://github.com/project-zot/zot/pull/2329
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-03-20 07:37:29 +02:00
5039128723
feat(cve): cli cve diff ( #2242 )
...
* feat(gql): add new query for diff of cves for 2 images
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com >
* feat(cli): add cli for cve diff
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com >
---------
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com >
2024-03-06 10:40:29 +02:00
6f00e843a0
fix(sync): sync generator now backs off on errors ( #2272 )
...
handle unsupported features like oci artifacts.
closes : #2238
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com >
2024-03-04 09:44:11 -08:00
565eca2609
chore: fix dependabot alerts ( #2268 )
...
https://github.com/project-zot/zot/pull/2258
https://github.com/project-zot/zot/pull/2259
https://github.com/project-zot/zot/pull/2260
https://github.com/project-zot/zot/pull/2261
https://github.com/project-zot/zot/pull/2262
https://github.com/project-zot/zot/pull/2263
https://github.com/project-zot/zot/pull/2264
https://github.com/project-zot/zot/pull/2265
https://github.com/project-zot/zot/pull/2266
https://github.com/project-zot/zot/pull/2267
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-02-20 21:51:40 +02:00
0aa6bf0fff
feat: include PackagePath data in CVEs for image queries ( #2241 )
...
Signed-off-by: Vishwas Rajashekar <vrajashe@cisco.com >
2024-02-15 13:19:49 -08:00
d0eb043be5
feat: Get the image LastUpdated timestamp from annotations ( #2240 )
...
Fallback to Created field and the History entries in the image config
only if the annotation "org.opencontainers.image.created" is not available
closes #2210
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-02-14 09:14:24 -08:00
55acce6923
feat(graphql): filter CVEs by severity ( #2246 )
...
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com >
2024-02-14 09:11:57 -08:00
de90abd5dc
style(metadb): use type aliases for metadb types to be easier to read ( #2043 )
...
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com >
2024-02-14 09:08:08 -08:00
6a83dd47c0
fix(scheduler): the session cleanup generator is reset too often ( #2220 )
...
This causes the "fair" scheduler to run it too often in the detriment of other generators.
The intention was to run it every 2 hours but the measurement unit for 7200 was not specified.
Add more logs, including showing a generator name, in order to troubleshoot this kind of issues easier in the future.
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-02-01 09:15:53 -08:00
ce4924f841
refactor: rename go module from zotregistry.io/zot to zotregistry.dev/zot ( #2187 )
...
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-01-31 20:34:07 -08:00
a2b923b6fd
feat(search): search for a specific tag cross-repo ( #2211 )
...
Syntax to search for `<tag_name>` accross all repos is `:<tag_name>`
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-01-30 09:12:41 -08:00
ed6be0580e
refactor: replace deprecated APIs for creating images in the search tests ( #2173 )
...
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-01-22 09:10:34 -08:00
3f97f878fd
feat(cve): add option to exclude string from cve search ( #2163 )
...
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com >
2024-01-19 12:59:42 -08:00
8467a80a50
refactor: update tests to use the newer API for creating test images ( #2168 )
...
- update cve tests
- update scrub tests
- update tests for parsing storage and loading into meta DB
- update controller tests
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-01-17 10:20:07 -08:00
Ramkumar Chinchani