6a22640bfa
Fix dependabot alerts ( #3188 )
...
* chore: update github.com/redis/go-redis/v9 to v9.9.0
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* chore: update trivy to v0.63.0
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* chore: update github.com/spf13/cast to v1.9.2
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* chore: update ossf/scorecard-action from 2.4.1 to 2.4.2
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* chore: fix multiple dependabot alerts
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
---------
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2025-06-09 10:40:13 -07:00
167f7e34cd
chore: fix dependabot alerts ( #3155 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-05-27 18:58:50 +03:00
7291b88896
chore: fix dependabot alerts ( #3154 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-05-12 22:21:42 -07:00
32a5eee521
chore: fix dependabot alerts ( #3141 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-05-05 22:06:22 -07:00
bc5fd1a357
feat(events): add events extension ( #3045 )
...
* feat: add events config
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* feat: implement event support with log sink
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* feat: integrate events and update tests
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* refactor: update event config
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* feat: implement http and nats sinks. remove log sink
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* refactor: events extension setup
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: cleanup tests to use nil event recorder
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: update events config example and add more logging
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* refactor: better use of build tags for minimal binary
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* fix: missing store param in evelated privileges tests
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* fix: regression in config decoding
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: update check logs script to enable cross-platform usage via GREP_BIN_PATH envvar
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: fix log lint issue for events
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: fix failing events disabled test
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* test: add blackbox tests for events
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: specify architecture when downloading binaries in Makefile
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: improve failure handling when no valid sinks are provided
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* test: fix data race in events test
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: cleanup event decoding
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* test: fix logging tests
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* test: make nats server test more reliable
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: go mod cleanup
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* test: add sleep when setting up nats client
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* fix: ensure event sink errors do not propogate
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* test: increase coverage for events
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* feat(events): Refactor events to be non-blocking from caller.
Signed-off-by: Asgeir Nilsen <asgeir.nilsen@bouvet.no >
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: remove harded-coded linux
Co-authored-by: Andrei Aaron <andreifdaaron@gmail.com >
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* feat(events): fail to start if incorrect event sink is configured
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* test: allow cli tests to return errors instead of panic
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
* chore: bump nats server to v2.11.3
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
---------
Signed-off-by: Piaras Hoban <phoban01@gmail.com >
Signed-off-by: Asgeir Nilsen <asgeir.nilsen@bouvet.no >
Co-authored-by: Asgeir Nilsen <asgeir.nilsen@bouvet.no >
Co-authored-by: Andrei Aaron <andreifdaaron@gmail.com >
2025-05-02 12:30:06 -07:00
06a0cd5220
chore: fix dependabot alerts ( #3127 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-04-30 21:47:54 +03:00
b780b36841
chore: fix dependabot alerts ( #3112 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-04-22 23:16:40 -07:00
0e2aa81439
feat(sync): use regclient for sync extension ( #2903 )
...
* feat(sync): use regclient for sync extension
replaced containers/image package with regclient/regclient package
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
* fix(sync): fixed converting innner docker list mediatype
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
* feat(sync): added option to preserve digest
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
* fix(sync): added coverage and various fixes
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
* fix(metadb): fixed converting manifest list not setting platform and annotations
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
* fix(sync): remove read lock on storage, not used concurrently
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
* feat(sync): added cache for repo tags
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
* fix(sync): fixed Makefile
removed opengpg tag
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
* fix(sync): add test for on demand referrer
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
---------
Signed-off-by: Eusebiu Petu <petu.eusebiu@gmail.com >
2025-04-15 16:58:15 -07:00
2592d4c784
chore: fix dependabot alerts ( #3099 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-04-14 22:43:56 -07:00
62af65b07d
chore: fix dependabot alerts ( #3084 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-04-08 22:57:22 -07:00
bb7039f138
chore: fix dependabot alerts ( #3072 )
...
* chore: fix dependabot alerts
* chore: update container builds to use golang 1.24
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-04-05 00:57:20 -07:00
fd761c0254
chore: fix dependabot alerts ( #3070 )
...
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
* ci: fix linter config
* fix: linter fixes
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-04-04 00:31:02 -07:00
b9d453ca93
chore: fix dependabot alerts ( #3051 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-03-21 18:28:59 -07:00
ff50aab9b3
chore: fix dependabot alerts ( #3041 )
...
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
* test: fix http status code check
Related to gqlgen changes
- github.com/99designs/gqlgen v0.17.66
+ github.com/99designs/gqlgen v0.17.68
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-03-18 20:10:55 -07:00
2a4edde637
chore: update image and dist specs to v1.1.1 ( #3023 )
...
chore: update image-spec and dist-spec to v1.1.1
As side effect the warnings mentioned in https://github.com/project-zot/zui/issues/475#issuecomment-2715802363 should no longer show up.
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2025-03-13 10:06:02 +02:00
d87cdc9840
chore: fix dependabot alerts ( #3026 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-03-12 20:30:53 -07:00
651d123731
chore: fix dependabot alerts ( #3021 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-03-11 01:40:27 -07:00
e7fb9c5e60
chore: fix dependabot alerts ( #3002 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-03-04 22:53:21 -08:00
7e07bae4d6
chore: fix dependabot alerts ( #2991 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-02-26 23:27:01 -08:00
546a7ea425
chore: fix dependabot alerts ( #2988 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-02-25 20:39:45 -08:00
328606def0
chore: fix dependabot alerts ( #2978 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-02-22 22:28:23 -08:00
528c2e5f6d
chore: fix dependabot alerts ( #2961 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-02-11 20:11:41 -08:00
d0ad93532f
chore: fix dependabot alerts ( #2945 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-02-03 23:34:01 -08:00
05823cd74f
redis driver for blob cache information and metadb ( #2865 )
...
* feat: add redis cache support
https://github.com/project-zot/zot/pull/2005
Fixes https://github.com/project-zot/zot/issues/2004
* feat: add redis cache support
Currently, we have dynamoDB as the remote shared cache but ideal only
for the cloud use case.
For on-prem use case, add support for redis.
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* feat(redis): added blackbox tests for redis
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com >
* feat(redis): dummy implementation of MetaDB interface for redis cache
Signed-off-by: Alexei Dodon <adodon@cisco.com >
* feat: check validity of driver configuration on metadb instantiation
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat: multiple fixes for redis cache driver implementation
- add missing method GetAllBlobs
- add redis cache tests, with and without mocking
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): redis implementation for MetaDB
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): use redsync to block concurrent write access to the redis DB
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): update .github/workflows/cluster.yaml to also test redis
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(metadb): add keyPrefix parameter for redis and remove unneeded method meta.Crate()
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): support RedisCluster configuration and add unit tests
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): more tests for redis metadb implementation
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): add more examples and update examples/README.md
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): move option parsing and redis client initialization under pkg/api/config/redis
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* chore(cachedb): move Cache interface to pkg/storage/types
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): reorganize code in pkg/storage/cache.go
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): call redis.SetLogger() with the zot logger as parameter
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* feat(redis): rename pkg/meta/redisdb to pkg/meta/redis
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com >
Signed-off-by: Alexei Dodon <adodon@cisco.com >
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
Co-authored-by: a <a@tuxpa.in >
Co-authored-by: Ramkumar Chinchani <rchincha@cisco.com >
Co-authored-by: Petu Eusebiu <peusebiu@cisco.com >
Co-authored-by: Alexei Dodon <adodon@cisco.com >
2025-01-30 11:00:52 -08:00
67231230e5
chore: fix dependabot alerts ( #2922 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-01-29 09:42:27 -08:00
c6d343a730
chore: fix dependabot alerts ( #2904 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-01-21 20:02:03 -08:00
717091a058
chore: fix dependabot alerts ( #2889 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-01-17 11:03:32 -08:00
97fd43e2b0
chore: fix dependabot alerts ( #2881 )
2025-01-14 08:36:30 +02:00
7f593b8896
chore: fix dependabot alerts ( #2869 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-01-13 01:20:29 -08:00
e410f3952c
chore: fix dependabot alerts ( #2861 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-01-03 16:47:33 -08:00
6ca9c66260
chore: fix dependabot alerts ( #2851 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2024-12-23 21:10:23 -08:00
b6dff76107
ci: fix sync job after oras/ubuntu upgrade ( #2839 )
...
* ci: fix sync job after oras/ubuntu upgrade
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2024-12-20 01:25:48 +02:00
8789fb0008
chore: fix dependabot alerts ( #2837 )
...
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
* chore: update oras version
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2024-12-18 08:57:13 -08:00
8f5414a1f0
chore: update ui version ( #2827 )
...
chore: fix dependabot alerts (#2825 )
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2024-12-14 11:58:04 -08:00
0137f191be
chore: fix dependabot alerts ( #2825 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2024-12-07 00:14:50 -08:00
72c6e8afb3
chore: fix dependabot alerts ( #2810 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-12-06 09:04:46 -08:00
3657148273
chore: fix dependabot alerts ( #2783 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-11-18 20:27:37 -08:00
61fc1bc9c6
build(deps): bump github.com/notaryproject/notation-go from 1.1.1 to 1.2.1 ( #2785 )
...
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com >
2024-11-18 17:28:33 -08:00
334b121644
chore: fix dependabot alerts ( #2780 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-11-12 13:12:44 -08:00
c9914912d4
chore: fix dependabot alerts ( #2770 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-11-08 10:24:19 -08:00
a76bfd4283
chore: update Trivy and Trivy dependencies ( #2763 )
...
The Trivy library now supports multiple locations from where to download the DBs.
The zot code has been updated to properly call the updated library functions.
If at some point we would want to support multiple Trivy DBs in zot, we could look into it more.
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-11-07 09:03:37 -08:00
30ecceda8c
chore: fix dependabot alerts ( #2753 )
...
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* build: bump up ui version to commit-7bd1d7d
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-10-31 20:59:36 -07:00
cb2af94b0b
feat: add support for docker images ( #2714 )
...
* feat: add support for docker images
Issue #724
A new config section under "HTTP" called "Compat" is added which
currently takes a list of possible compatible legacy media-types.
https://github.com/opencontainers/image-spec/blob/main/media-types.md#compatibility-matrix
Only "docker2s2" (Docker Manifest V2 Schema V2) is currently supported.
Garbage collection also needs to be made aware of non-OCI compatible
layer types.
feat: add cve support for non-OCI compatible layer types
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
*
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* test: add more docker compat tests
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* feat: add additional validation checks for non-OCI images
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* ci: make "full" images docker-compatible
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-10-31 09:44:04 +02:00
403fd4eb61
chore: fix dependabot alerts ( #2750 )
2024-10-30 13:09:36 +02:00
f735680ce2
chore: fix dependabot alerts ( #2742 )
2024-10-23 08:43:07 +03:00
6471bed3a5
chore: fix dependabot alerts ( #2729 )
...
https://github.com/project-zot/zot/pull/2718
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-10-16 12:59:09 +03:00
c89be3ad31
chore: fix dependabot alerts ( #2709 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-10-07 16:20:37 -07:00
a31842bd7e
chore: fix dependabot alerts ( #2684 )
...
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* ci: fix clustering test by creating separate local dirs
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* ci: free up disk space in cluster tests
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* ci: revert to stacker v1.0.0-rc16
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* ci: fix revert to stacker v1.0.0-rc16
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
Co-authored-by: Andrei Aaron <aaaron@luxoft.com >
2024-10-01 11:11:27 +03:00
8553712613
chore: upgrade trivy to v0.55.2 and update the logic of waiting for zot to start in some jobs ( #2685 )
...
chore: upgrade trivy to v0.55.2, also update the logic of waiting for zot to start in some jobs
Seems like there's an increate in the time zot requires to start before servicing requests.
From my GitHub observations it is better check using curl instead of relying on hardcoded 5s or 10s values.
The logic in .github/workflows/cluster.yaml seems to be old and out of date.
Even on main right now there is only 1 our of 3 zots actualy running.
The other 2 are actually erroring: Error: operation timeout: boltdb file is already in use, path '/tmp/zot/cache.db'
This is unrelated to this PR, I am seeing the same issue in the olders workflow runs still showing the logs
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-09-30 10:37:53 -07:00
9cf6b0205d
chore: fix dependabot alerts ( #2681 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-09-27 09:05:14 +03:00
Andrei Aaron