6452bec403
chore: fix dependabot alerts ( #3595 )
...
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
* ci: bump up golang to 1.25.x
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
* fix: linter errors
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
* fix: stacker and docker build files to use golang 1.25
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-11-26 11:21:36 +02:00
a8a6d3be9e
fix: separate cipher suites and curve preferences into FIPS and non FIPS, and use them accordingly ( #3523 )
...
See: https://github.com/project-zot/zot/actions/runs/19209741002/job/54910194536
`failed to ping registry localhost:11448: Get "https://localhost:11448/v2/ ": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode`
Signed-off-by: Andrei Aaron <andreifdaaron@gmail.com >
2025-11-10 23:24:59 +02:00
97ab0e2568
chore: fix dependabot alerts ( #3380 )
...
* chore: fix dependabot alerts
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
* ci: bump up golang version to 1.24.x
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com >
2025-09-11 11:11:38 +03:00
5465aa0d51
build: migrate to golang 1.23.x ( #2701 )
...
* build: migrate to golang 1.23.x
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
* fix: golangci-lint reported errors
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
---------
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2024-11-08 08:58:55 -08:00
8553712613
chore: upgrade trivy to v0.55.2 and update the logic of waiting for zot to start in some jobs ( #2685 )
...
chore: upgrade trivy to v0.55.2, also update the logic of waiting for zot to start in some jobs
Seems like there's an increate in the time zot requires to start before servicing requests.
From my GitHub observations it is better check using curl instead of relying on hardcoded 5s or 10s values.
The logic in .github/workflows/cluster.yaml seems to be old and out of date.
Even on main right now there is only 1 our of 3 zots actualy running.
The other 2 are actually erroring: Error: operation timeout: boltdb file is already in use, path '/tmp/zot/cache.db'
This is unrelated to this PR, I am seeing the same issue in the olders workflow runs still showing the logs
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-09-30 10:37:53 -07:00
375c35c5a1
chore: update to go 1.22 ( #2330 )
...
* chore: update to go 1.22
Only go toolchain version is updated.
We compile with go 1.22, but we allow others to compile using language version 1.21 if they wish to.
If we also updated the go version in go.mod everyone would be forced to update, as that is enforced as a minimum allowed version.
This comment explains the difference well enough https://news.ycombinator.com/item?id=36455759
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
* chore: fix freeBSD AMD64 build
Looks like they made some cleanup in the logic allowing buildmode pie on various platforms.
Related to https://github.com/golang/go/issues/31544
See the code at: https://cs.opensource.google/go/go/+/master:src/internal/platform/supported.go;l=222-231;drc=d7fcb5cf80953f1d63246f1ae9defa60c5ce2d76;bpv=1;bpt=0
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
---------
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-03-20 11:53:11 -07:00
60dc8569ec
build(go): switch to go 1.21 ( #2049 )
...
Also update to the latest swaggo version, as the previous one did not work with go 1.21
Signed-off-by: Andrei Aaron <aaaron@luxoft.com >
2024-02-07 10:54:28 -08:00
44dfa8a210
chore: fix dependabot alerts ( #2133 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2023-12-12 12:44:28 +02:00
f3bb68ae15
fix: ci 'TLS check' job is broken ( #1970 )
...
Signed-off-by: Alexei Dodon <adodon@cisco.com >
2023-10-27 10:39:04 -07:00
f5b63963be
refactor: Reduce binary size of zot-minimal; Added CI check for binary size ( #1758 )
...
Signed-off-by: Alexei Dodon <adodon@cisco.com >
2023-09-06 19:58:00 +03:00
75a76005b4
chore: fix dependabot alerts ( #1763 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2023-09-05 22:30:49 +03:00
635d07ae04
chore: update golang (to 1.20.x) and golangci-linter ( #1388 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2023-04-27 00:09:46 -07:00
906f8ce621
chore(deps): fix dependabot alerts ( #1291 )
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2023-03-22 12:33:21 -07:00
33a431ef43
Update go version to 1.19 ( #829 )
...
* ci: Update go version to 1.19
Signed-off-by: Nicol Draghici <idraghic@cisco.com >
* ci: Fix lint issues
Signed-off-by: Nicol Draghici <idraghic@cisco.com >
* ci: Added needprivileges to lint, made needprivileges pass lint
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com >
Signed-off-by: Nicol Draghici <idraghic@cisco.com >
Signed-off-by: Nicol Draghici <idraghic@cisco.com >
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com >
Co-authored-by: Catalin Hofnar <catalin.hofnar@gmail.com >
2022-10-05 13:21:14 +03:00
595e1bca59
fix dependabot alerts
...
https://github.com/project-zot/zot/pull/624
https://github.com/project-zot/zot/pull/625
https://github.com/project-zot/zot/pull/626
https://github.com/project-zot/zot/pull/627
https://github.com/project-zot/zot/pull/628
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2022-07-15 12:03:08 -07:00
dc97096502
restrict workflow action permissions
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2022-07-13 11:34:57 -07:00
66484c8ca9
changed go version to 1.18
...
Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro >
2022-06-09 04:38:06 -07:00
3ada6af0de
tls: set min version to 1.2 and restrict cipher suites
...
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com >
2022-03-02 10:03:50 -08:00
Ramkumar Chinchani