8789fb0008
chore: fix dependabot alerts ( #2837 )
...
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
* chore: update oras version
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2024-12-18 08:57:13 -08:00
8f5414a1f0
chore: update ui version ( #2827 )
...
chore: fix dependabot alerts (#2825 )
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2024-12-14 11:58:04 -08:00
0137f191be
chore: fix dependabot alerts ( #2825 )
...
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2024-12-07 00:14:50 -08:00
72c6e8afb3
chore: fix dependabot alerts ( #2810 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-12-06 09:04:46 -08:00
3657148273
chore: fix dependabot alerts ( #2783 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-11-18 20:27:37 -08:00
61fc1bc9c6
build(deps): bump github.com/notaryproject/notation-go from 1.1.1 to 1.2.1 ( #2785 )
...
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com >
2024-11-18 17:28:33 -08:00
334b121644
chore: fix dependabot alerts ( #2780 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-11-12 13:12:44 -08:00
c9914912d4
chore: fix dependabot alerts ( #2770 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-11-08 10:24:19 -08:00
a76bfd4283
chore: update Trivy and Trivy dependencies ( #2763 )
...
The Trivy library now supports multiple locations from where to download the DBs.
The zot code has been updated to properly call the updated library functions.
If at some point we would want to support multiple Trivy DBs in zot, we could look into it more.
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-11-07 09:03:37 -08:00
30ecceda8c
chore: fix dependabot alerts ( #2753 )
...
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* build: bump up ui version to commit-7bd1d7d
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-10-31 20:59:36 -07:00
cb2af94b0b
feat: add support for docker images ( #2714 )
...
* feat: add support for docker images
Issue #724
A new config section under "HTTP" called "Compat" is added which
currently takes a list of possible compatible legacy media-types.
https://github.com/opencontainers/image-spec/blob/main/media-types.md#compatibility-matrix
Only "docker2s2" (Docker Manifest V2 Schema V2) is currently supported.
Garbage collection also needs to be made aware of non-OCI compatible
layer types.
feat: add cve support for non-OCI compatible layer types
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
*
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* test: add more docker compat tests
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* feat: add additional validation checks for non-OCI images
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* ci: make "full" images docker-compatible
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-10-31 09:44:04 +02:00
403fd4eb61
chore: fix dependabot alerts ( #2750 )
2024-10-30 13:09:36 +02:00
f735680ce2
chore: fix dependabot alerts ( #2742 )
2024-10-23 08:43:07 +03:00
6471bed3a5
chore: fix dependabot alerts ( #2729 )
...
https://github.com/project-zot/zot/pull/2718
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-10-16 12:59:09 +03:00
c89be3ad31
chore: fix dependabot alerts ( #2709 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-10-07 16:20:37 -07:00
a31842bd7e
chore: fix dependabot alerts ( #2684 )
...
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* ci: fix clustering test by creating separate local dirs
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* ci: free up disk space in cluster tests
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* ci: revert to stacker v1.0.0-rc16
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* ci: fix revert to stacker v1.0.0-rc16
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
Co-authored-by: Andrei Aaron <aaaron@luxoft.com >
2024-10-01 11:11:27 +03:00
8553712613
chore: upgrade trivy to v0.55.2 and update the logic of waiting for zot to start in some jobs ( #2685 )
...
chore: upgrade trivy to v0.55.2, also update the logic of waiting for zot to start in some jobs
Seems like there's an increate in the time zot requires to start before servicing requests.
From my GitHub observations it is better check using curl instead of relying on hardcoded 5s or 10s values.
The logic in .github/workflows/cluster.yaml seems to be old and out of date.
Even on main right now there is only 1 our of 3 zots actualy running.
The other 2 are actually erroring: Error: operation timeout: boltdb file is already in use, path '/tmp/zot/cache.db'
This is unrelated to this PR, I am seeing the same issue in the olders workflow runs still showing the logs
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-09-30 10:37:53 -07:00
9cf6b0205d
chore: fix dependabot alerts ( #2681 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-09-27 09:05:14 +03:00
ae185f497c
chore: fix dependabot alerts ( #2670 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-09-25 11:07:27 -07:00
db888fa385
chore: fix dependabot alerts ( #2664 )
...
https://github.com/project-zot/zot/pull/2660
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-09-19 23:50:08 -07:00
d73081191d
chore: fix dependabot alerts ( #2648 )
...
https://github.com/project-zot/zot/pull/2646
https://github.com/project-zot/zot/pull/2647
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-09-12 08:53:12 -07:00
58c9c9c29b
chore: fix dependabot alerts ( #2645 )
...
https://github.com/project-zot/zot/pull/2632
https://github.com/project-zot/zot/pull/2633
https://github.com/project-zot/zot/pull/2636
https://github.com/project-zot/zot/pull/2637
https://github.com/project-zot/zot/pull/2638
https://github.com/project-zot/zot/pull/2639
https://github.com/project-zot/zot/pull/2640
https://github.com/project-zot/zot/pull/2642
https://github.com/project-zot/zot/pull/2643
https://github.com/project-zot/zot/pull/2644
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-09-09 18:32:57 -07:00
9c01204e24
chore: fix dependabot alerts ( #2630 )
...
https://github.com/project-zot/zot/pull/2622
https://github.com/project-zot/zot/pull/2623
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-09-05 16:00:00 -07:00
bfafe01c38
Fix deps ( #2621 )
...
* chore: update go.mod deps
Fix outdated pkgs reported in issue #2522
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* chore: fix dependabot alerts
https://github.com/project-zot/zot/pull/2612
https://github.com/project-zot/zot/pull/2613
https://github.com/project-zot/zot/pull/2614
https://github.com/project-zot/zot/pull/2615
https://github.com/project-zot/zot/pull/2616
https://github.com/project-zot/zot/pull/2617
https://github.com/project-zot/zot/pull/2618
https://github.com/project-zot/zot/pull/2619
https://github.com/project-zot/zot/pull/2620
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-08-20 21:34:43 +03:00
2a164cc56b
chore: update go.mod deps ( #2609 )
...
Fix outdated pkgs reported in issue #2522
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-08-13 11:28:51 -07:00
17dbb56ea1
chore: fix dependabot alerts ( #2594 )
...
https://github.com/project-zot/zot/pull/2592
https://github.com/project-zot/zot/pull/2601
https://github.com/project-zot/zot/pull/2602
https://github.com/project-zot/zot/pull/2603
https://github.com/project-zot/zot/pull/2604
https://github.com/project-zot/zot/pull/2605
https://github.com/project-zot/zot/pull/2606
https://github.com/project-zot/zot/pull/2607
https://github.com/project-zot/zot/pull/2608
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-08-12 15:07:05 -07:00
2dea22f74a
chore: Update github.com/zitadel/oidc v1 to v3 ( #2585 )
...
Also removes dependency on gopkg.in/square/go-jose.v2
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-08-05 09:11:00 -07:00
fa4b69954d
build(deps): bump all dependencies ( #2532 )
...
* build(deps): bump all dependencies
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de >
* build(deps): bump all dependencies
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de >
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* build(deps): bump all dependencies
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de >
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
* build(deps): bump all dependencies
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de >
---------
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de >
Signed-off-by: Jan-Otto Kröpke <joe@cloudeteer.de >
2024-08-02 14:23:53 -07:00
3b3f5458d4
chore: fix dependabot alerts ( #2580 )
...
https://github.com/project-zot/zot/pull/2572
https://github.com/project-zot/zot/pull/2573
https://github.com/project-zot/zot/pull/2574
https://github.com/project-zot/zot/pull/2575
https://github.com/project-zot/zot/pull/2576
https://github.com/project-zot/zot/pull/2577
https://github.com/project-zot/zot/pull/2578
https://github.com/project-zot/zot/pull/2579
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-07-30 11:37:33 -07:00
a7ab16b31e
chore: fix dependabot alerts ( #2569 )
...
https://github.com/project-zot/zot/pull/2559
https://github.com/project-zot/zot/pull/2560
https://github.com/project-zot/zot/pull/2561
https://github.com/project-zot/zot/pull/2562
https://github.com/project-zot/zot/pull/2563
https://github.com/project-zot/zot/pull/2564
https://github.com/project-zot/zot/pull/2565
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-07-23 13:30:11 -07:00
e68baa42e3
chore: fix dependabot alerts ( #2551 )
...
https://github.com/project-zot/zot/pull/2535
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-07-15 13:04:37 -07:00
e5eacaa082
chore: fix dependabot alerts ( #2531 )
...
https://github.com/project-zot/zot/pull/2519
https://github.com/project-zot/zot/pull/2528
https://github.com/project-zot/zot/pull/2529
https://github.com/project-zot/zot/pull/2530
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-07-09 19:49:33 +03:00
002ff05f6e
chore: fix dependabot alerts ( #2504 )
...
https://github.com/project-zot/zot/pull/2502
https://github.com/project-zot/zot/pull/2507
https://github.com/project-zot/zot/pull/2508
https://github.com/project-zot/zot/pull/2509
https://github.com/project-zot/zot/pull/2510
https://github.com/project-zot/zot/pull/2511
https://github.com/project-zot/zot/pull/2512
https://github.com/project-zot/zot/pull/2514
https://github.com/project-zot/zot/pull/2515
https://github.com/project-zot/zot/pull/2516
https://github.com/project-zot/zot/pull/2517
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-07-01 13:29:39 -07:00
0d0eae502e
chore: fix dependabot alerts ( #2499 )
...
https://github.com/project-zot/zot/pull/2489
https://github.com/project-zot/zot/pull/2490
https://github.com/project-zot/zot/pull/2491
https://github.com/project-zot/zot/pull/2492
https://github.com/project-zot/zot/pull/2493
https://github.com/project-zot/zot/pull/2494
https://github.com/project-zot/zot/pull/2495
https://github.com/project-zot/zot/pull/2496
https://github.com/project-zot/zot/pull/2497
https://github.com/project-zot/zot/pull/2498
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-06-25 13:17:27 -07:00
fb2edcc269
chore: fix dependabot alerts ( #2486 )
...
https://github.com/project-zot/zot/pull/2475
https://github.com/project-zot/zot/pull/2477
https://github.com/project-zot/zot/pull/2478
https://github.com/project-zot/zot/pull/2479
https://github.com/project-zot/zot/pull/2480
https://github.com/project-zot/zot/pull/2481
https://github.com/project-zot/zot/pull/2482
https://github.com/project-zot/zot/pull/2483
https://github.com/project-zot/zot/pull/2484
https://github.com/project-zot/zot/pull/2485
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-06-17 20:31:01 +03:00
a460e7f441
chore: fix dependabot alerts ( #2474 )
2024-06-15 07:14:44 +03:00
56f41dcc15
chore: fix dependabot alerts ( #2471 )
2024-06-14 07:09:59 +03:00
f5fef2384a
chore: fix dependabot alerts ( #2462 )
...
* chore: fix dependabot alerts
https://github.com/project-zot/zot/pull/2451
https://github.com/project-zot/zot/pull/2452
https://github.com/project-zot/zot/pull/2453
https://github.com/project-zot/zot/pull/2454
https://github.com/project-zot/zot/pull/2455
https://github.com/project-zot/zot/pull/2456
https://github.com/project-zot/zot/pull/2457
https://github.com/project-zot/zot/pull/2458
https://github.com/project-zot/zot/pull/2459
https://github.com/project-zot/zot/pull/2460
https://github.com/project-zot/zot/pull/2461
https://github.com/project-zot/zot/pull/2463
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* chore: mockoidc has moved to github.com/go-jose/go-jose/v3
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* chore: quiet aws/s3 golang api deprecations
These need to be addressed in a separate PR.
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-06-12 22:51:32 -07:00
1594852428
chore: fix dependabot alerts ( #2446 )
...
* chore: fix dependabot alerts
https://github.com/project-zot/zot/pull/2435
https://github.com/project-zot/zot/pull/2436
https://github.com/project-zot/zot/pull/2437
https://github.com/project-zot/zot/pull/2438
https://github.com/project-zot/zot/pull/2439
https://github.com/project-zot/zot/pull/2440
https://github.com/project-zot/zot/pull/2441
https://github.com/project-zot/zot/pull/2442
https://github.com/project-zot/zot/pull/2443
https://github.com/project-zot/zot/pull/2444
https://github.com/project-zot/zot/pull/2445
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* fix(zli): _schema query in zli code should not use empty parens
Fix also some tests
See https://github.com/vektah/gqlparser/issues/292 and https://github.com/vektah/gqlparser/pull/293
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
Co-authored-by: Andrei Aaron <aaaron@luxoft.com >
2024-06-04 13:54:30 +03:00
2bb46b0562
chore: fix dependabot alerts ( #2431 )
...
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-05-27 14:37:27 -07:00
5ae7a028d9
feat(cluster): Add support for request proxying for scale out ( #2385 )
...
* feat(cluster): initial commit for scale-out cluster
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* feat(cluster): support shared storage scale out
This change introduces support for shared storage backed
zot cluster scale out.
New feature
Multiple stateless zot instances can run using the same shared
storage backend where each instance looks at a specific set
of repositories based on a siphash of the repository name to improve
scale as the load is distributed across multiple instances.
For a given config, there will only be one instance that can perform
dist-spec read/write on a given repository.
What's changed?
- introduced a transparent request proxy for dist-spec endpoints based on
siphash of repository name.
- new config for scale out cluster that specifies list of
cluster members.
Signed-off-by: Vishwas Rajashekar <vrajashe@cisco.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
Signed-off-by: Vishwas Rajashekar <vrajashe@cisco.com >
Co-authored-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-05-20 09:05:21 -07:00
4671e412fc
chore: fix dependabot alerts ( #2411 )
...
GHSA-jw44-4f3j-q396
https://github.com/project-zot/zot/pull/2406
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-04-30 11:10:38 +03:00
7b1fc0450e
chore: fix dependabot alerts ( #2399 )
...
https://github.com/project-zot/zot/pull/2395
https://github.com/project-zot/zot/pull/2395
https://github.com/project-zot/zot/pull/2396
https://github.com/project-zot/zot/pull/2397
https://github.com/project-zot/zot/pull/2401
https://github.com/project-zot/zot/pull/2402
https://github.com/project-zot/zot/pull/2403
https://github.com/project-zot/zot/pull/2404
https://github.com/project-zot/zot/pull/2405
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-04-22 12:52:46 -07:00
6898b31842
chore: fix dependabot alerts ( #2393 )
2024-04-19 07:58:25 +03:00
6b3c160176
chore: fix dependabot alerts ( #2377 )
...
https://github.com/project-zot/zot/pull/2368
https://github.com/project-zot/zot/pull/2369
https://github.com/project-zot/zot/pull/2370
https://github.com/project-zot/zot/pull/2371
https://github.com/project-zot/zot/pull/2372
https://github.com/project-zot/zot/pull/2373
https://github.com/project-zot/zot/pull/2374
https://github.com/project-zot/zot/pull/2375
https://github.com/project-zot/zot/pull/2376
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-04-09 10:40:16 +03:00
6f8c058dc6
chore: fix dependabot alerts ( #2366 )
...
https://github.com/project-zot/zot/pull/2355
https://github.com/project-zot/zot/pull/2356
https://github.com/project-zot/zot/pull/2357
https://github.com/project-zot/zot/pull/2358
https://github.com/project-zot/zot/pull/2359
https://github.com/project-zot/zot/pull/2360
https://github.com/project-zot/zot/pull/2361
https://github.com/project-zot/zot/pull/2362
https://github.com/project-zot/zot/pull/2363
https://github.com/project-zot/zot/pull/2364
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-04-03 09:57:05 +03:00
819994cca1
chore: fix dependabot alerts ( #2352 )
...
https://github.com/project-zot/zot/pull/2343
https://github.com/project-zot/zot/pull/2349
https://github.com/project-zot/zot/pull/2350
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-03-26 11:33:25 -07:00
5639dfb2a9
chore: fix dependabot alerts ( #2348 )
2024-03-26 06:48:22 +02:00
28e9aabecf
chore: fix dependabot alerts ( #2331 )
...
https://github.com/project-zot/zot/pull/2324
https://github.com/project-zot/zot/pull/2325
https://github.com/project-zot/zot/pull/2326
https://github.com/project-zot/zot/pull/2327
https://github.com/project-zot/zot/pull/2328
https://github.com/project-zot/zot/pull/2329
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-03-20 07:37:29 +02:00
413514c0d4
chore: fix dependabot alerts ( #2317 )
2024-03-12 08:03:29 +02:00
Ramkumar Chinchani