github/zot
1
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2026-06-16 12:28:01 +08:00
Code Issues Packages Projects Releases Wiki Activity
605 Commits 38 Branches 132 Tags
c72b4fb643252ae6147d3ef7e31aaed0766b9799
Commit Graph

605 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nicol c72b4fb643 test: Add cosign and notations bats tests (#929) 
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
 2022-11-01 09:16:14 -07:00
peusebiu 2d877aaea1 fix(sync): also sync on demand digests, not only tags, closes #902 (#932) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-10-27 09:39:59 -07:00
Catalin-George Hofnar c6ffbce6cf refactor(tests): removed globals from digest test, removed some more hardcoded digests (#923) 
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
 2022-10-26 19:14:16 +03:00
Ramkumar Chinchani 4edecbb429 chore(deps): fix dependabot alerts (#919) 
https://github.com/project-zot/zot/pull/911
https://github.com/project-zot/zot/pull/912
https://github.com/project-zot/zot/pull/913
https://github.com/project-zot/zot/pull/914
https://github.com/project-zot/zot/pull/915
https://github.com/project-zot/zot/pull/916
https://github.com/project-zot/zot/pull/917

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-10-24 15:18:48 -07:00
Andrei Aaron 92afd86cbb feat(cve): better distinguish max severity on an image (#918) 
Values returned now by GetCVESummaryForImage
// not scannable / error during scan  - max severity ""            - cve count 0   - Errors
// scannable no issues found          - max severity "NONE"        - cve count 0   - no Errors
// scannable issues found             - max severity from Scanner  - cve count >0  - no Errors

Before this change the max severity in case #1 and #2 was "UNKNOWN" which is also possible value
for case #3. To better distinguish them return different max severities.

This feature would be consumed by the UI.

Signed-off-by: Andrei Aaron <andaaron@cisco.com>
 2022-10-24 12:27:26 -07:00
Andrei Aaron 1d9c88c313 fix(cli): do not show signatures and fix tls verification client side (#904) 
Issues fixed:
- the cli calls reaching out to the catalog endpoint used to request signature manifests
- resty was used instead of the cli http client to check if the discovery api was available
but it did not take into account TLS verification configuration
(testing locally withself-signed certificates did not work)

(cherry picked from commit ca42031ae9b1ceb459f5cd4f86cb82b3c9f78157)
Signed-off-by: Andrei Aaron <andaaron@cisco.com>
v1.4.3-rc4 		2022-10-22 23:44:20 -07:00
Andrei Aaron ac6c6a844c refactor(digests): standardise representation of digests to digest.Digest (#898) 
- Digests were represented by different ways
  - We needed a uniform way to represent the digests and enforce a format
  - also replace usage of github.com/google/go-containerregistry/pkg/v1
    with github.com/opencontainers/image-spec/specs-go/v1

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
(cherry picked from commit 96b2f29d6d57070a913ce419149cd481c0723815)
(cherry picked from commit 3d41b583daea654c98378ce3dcb78937d71538e8)

Co-authored-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2022-10-22 13:46:13 -07:00
peusebiu 5f99f9a445 fix(sync): fixed broken logic to get tags for repo (#900) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-10-22 00:26:14 -07:00
Lisca Ana-Roberta 26d982becb fix: replace time.sleep() with checking logs (#899) 
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
 2022-10-21 11:17:06 -07:00
Catalin-George Hofnar 00e65bd32b fix(coverage): scheduler coverage (#893) 
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
 2022-10-21 18:33:22 +03:00
Ramkumar Chinchani 763287873e fix(config): make all extension config consistent (#888) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-10-21 15:33:54 +03:00
Andrei Aaron 38b00e3507 chore(lint): gci to separate zot from other imports (#870) 
Signed-off-by: Andrei Aaron <andaaron@cisco.com>
 2022-10-20 09:39:20 -07:00
peusebiu 92d97d48d6 fix(s3): remove tracking multipart uploads (#883) 
Remove sticky sessions from clustering

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-10-20 09:36:58 -07:00
Lisca Ana-Roberta 7f9052972d fix: zli images show if signed instead of signature (#886) 
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
 2022-10-20 09:35:24 -07:00
peusebiu 76714d53f8 fix(tests): consolidate routes tests (#892) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-10-19 09:26:46 -07:00
Nicol d93c68af33 test: Build images with annotations (#872) 
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
 2022-10-18 20:47:41 -07:00
peusebiu 91dd5496fc chore: rename search route prefix (#887) 
* chore: rename search route prefix

* chore: use builtin time.Duration.Truncate() on latencies

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-10-18 20:46:06 -07:00
Catalin Hofnar caf88ddb1e refactor(tests): remove hardcoded digests (#871) 
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
 2022-10-18 20:43:56 -07:00
Ramkumar Chinchani 7d08985f75 chore(deps): fix dependabot alerts (#885) 
https://github.com/project-zot/zot/pull/879
https://github.com/project-zot/zot/pull/880
https://github.com/project-zot/zot/pull/881
https://github.com/project-zot/zot/pull/882

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-10-18 10:06:14 +03:00
Catalin Hofnar 794a4aabd3 fix(workflow): add fetch depth, removed running at release (#873) 
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
 2022-10-17 10:41:53 -07:00
Ramkumar Chinchani 14954596cb ci: fix image build/release workflow (#874) 
Fix typo in the workflow.
Pass RELEASE_TAG env var.

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-10-15 11:14:15 +03:00
peusebiu fd87a22829 fix(storage): resolve cache/storage inconsistencies on HEAD request (#794) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
v1.4.3-rc3 		2022-10-11 10:05:39 -07:00
Catalin Hofnar f3b1913fbd build: add commit hash to Config at build for proper discovery readme (#854) 
* build: add commit hash to Config at build for proper discovery readme link

* fix: use tag instead of commit hash, add to release build

Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
 2022-10-11 09:01:59 -07:00
Lisca Ana-Roberta 4bc7a2c824 fix: images command not truncating image name/tag (#851) 
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
 2022-10-11 08:56:03 -07:00
Andrei Aaron 815366024b fix(lastUpdated): fix image lastUpdated timestamp logic (#863) 
The lastUpdated field was picked from the first entry in image history
Now it is the created time of the image, or the last entry in
image history, if created time is unavailable

Signed-off-by: Andrei Aaron <andaaron@cisco.com>
 2022-10-10 17:43:05 -07:00
Ramkumar Chinchani 5494208556 chore(deps): fix dependabot alerts (#868) 
https://github.com/project-zot/zot/pull/864
https://github.com/project-zot/zot/pull/865
https://github.com/project-zot/zot/pull/866

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-10-10 12:19:05 -07:00
Andrei Aaron 98854337ff build(tags): remove redundant build tag ui_base (#857) 
It was not used for UI, it had become a CLI dependency
with the same functionality as search

Signed-off-by: Andrei Aaron <andaaron@cisco.com>
 2022-10-10 15:05:55 +03:00
Andrei Aaron 1afc5c8c3f test(authz): add an extra test for authz (#859) 
Should help with test flakiness
(the order in which the policies are read from the map impacted tested codepath)

Signed-off-by: Andrei Aaron <andaaron@cisco.com>

Signed-off-by: Andrei Aaron <andaaron@cisco.com>
 2022-10-07 15:31:18 +03:00
Catalin Hofnar 261615c880 fix: incorrect path for playground template (#858) 
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
 2022-10-07 11:29:11 +03:00
Catalin Hofnar 9916449d88 ci(workflows): changed ci-cd workflow to generate introspection json when gql schema changed (#810) 
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
 2022-10-06 12:17:41 -07:00
peusebiu 3c0c51fcbe fix(sync): also sync image index mediatype (#847) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
v1.4.3-rc2 		2022-10-06 09:41:16 -07:00
Catalin Hofnar ffc9929c1a feat(GraphQL): playground, served by zot in specific binary (#753) 
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
 2022-10-05 12:56:41 -07:00
peusebiu c146448f01 fix(sync): revert code which removed image destination feature (#840) 
Added an end to end test for this feature, closes #793

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-10-05 11:03:24 -07:00
Nicol 33a431ef43 Update go version to 1.19 (#829) 
* ci: Update go version to 1.19

Signed-off-by: Nicol Draghici <idraghic@cisco.com>

* ci: Fix lint issues

Signed-off-by: Nicol Draghici <idraghic@cisco.com>

* ci: Added needprivileges to lint, made needprivileges pass lint

Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
Signed-off-by: Nicol Draghici <idraghic@cisco.com>

Signed-off-by: Nicol Draghici <idraghic@cisco.com>
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
Co-authored-by: Catalin Hofnar <catalin.hofnar@gmail.com>
 2022-10-05 13:21:14 +03:00
Ramkumar Chinchani 50aacb6e07 fix(license-check): also account for another result condition (#848) 
Earlier checks did not report non-golang code dependencies. Now they do,
so account for that.

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-10-04 13:36:19 -07:00
Ramkumar Chinchani 65df973f70 fix(ci/cd): update the commit msg checker settings (#846) 
Update the checker to check for length limits and against all commits.

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-10-04 09:56:07 +03:00
Ramkumar Chinchani f235f88426 chore(deps): update dependabot dependency update alerts (#845) 
https://github.com/project-zot/zot/pull/819
https://github.com/project-zot/zot/pull/841
https://github.com/project-zot/zot/pull/842
https://github.com/project-zot/zot/pull/843
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-10-03 14:33:52 -07:00
Catalin Hofnar bd9e6fc7e3 Removed swagger requirement from binary-minimal and binary (#838) 
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
 2022-10-03 09:53:44 -07:00
Ramkumar Chinchani f658ef66ee style(ci/cd): add a commit msg style checker (#796) 
https://www.conventionalcommits.org/en/v1.0.0-beta.4/#summary

The commit message should be structured as follows:

<type>[optional scope]: <description>

[optional body]

[optional footer]

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-09-30 16:08:23 -07:00
peusebiu 8237f8d20a storage: Move common code in helper functions, closes #730 (#820) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-09-30 10:35:16 -07:00
Bogdan Bivolaru 67294cc669 Add graphql query for retrieving imgSummary based on repo:tag image id. (#814) 
Refactor Image GqlResolver to better suit GetManifest.
Changed GetManifest to also return digest.

Signed-off-by: Bogdan BIVOLARU <104334+bogdanbiv@users.noreply.github.com>
 2022-09-30 10:32:32 -07:00
LaurentiuNiculae 885f139e0e Remove forking logger (#825) 
- no longer needed, the race conditions were fixed

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2022-09-29 13:28:39 -07:00
Andrei Aaron e0d808b196 Include image vulnerability information in ImageSummary (#798) 
Return this data as part of GlobalSearch and RepoListWithNewestImage
query results.
This commit also includes refactoring of the CVE scanning logic in
order to better encapsulate trivy specific logic, remove CVE scanning
logic from the graphql resolver.

Signed-off-by: Andrei Aaron <andaaron@cisco.com>
 2022-09-28 11:39:54 -07:00
Ramkumar Chinchani 69753aa39a add sponsors info (#828) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-09-27 19:57:52 -07:00
Andreea Lupu 5ef023dbc1 add enable/disable option for scrub extension (#827) 
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
 2022-09-27 18:06:50 -07:00
Ramkumar Chinchani 18d17f5d4c also sync golang 1.19 (#826) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
v1.4.3-rc1 		2022-09-27 11:31:54 -07:00
LaurentiuNiculae b9d878e013 Fix logger race condition (#817) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2022-09-26 18:18:28 +03:00
Nicol 6b1d8925c2 Validate Annotations present in image manifest and fallback to annotations in the config if not available (#790) 
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
 2022-09-23 09:28:30 -07:00
Lisca Ana-Roberta 1bad90bb9d add debug flag for zli commands (#785) 
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
 2022-09-23 09:24:01 -07:00
Lisca Ana-Roberta 0f7b174fc0 Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com> (#713) 
list all images that have are base images for the given image + zli command

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
 2022-09-23 09:23:31 -07:00