github/zot
1
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2026-06-16 04:17:55 +08:00
Code Issues Packages Projects Releases Wiki Activity
574 Commits 38 Branches 132 Tags
ffc9929c1a73ffcaa1dd97f07b975f33752aa02b
Commit Graph

574 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Catalin Hofnar ffc9929c1a feat(GraphQL): playground, served by zot in specific binary (#753) 
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
 2022-10-05 12:56:41 -07:00
peusebiu c146448f01 fix(sync): revert code which removed image destination feature (#840) 
Added an end to end test for this feature, closes #793

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-10-05 11:03:24 -07:00
Nicol 33a431ef43 Update go version to 1.19 (#829) 
* ci: Update go version to 1.19

Signed-off-by: Nicol Draghici <idraghic@cisco.com>

* ci: Fix lint issues

Signed-off-by: Nicol Draghici <idraghic@cisco.com>

* ci: Added needprivileges to lint, made needprivileges pass lint

Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
Signed-off-by: Nicol Draghici <idraghic@cisco.com>

Signed-off-by: Nicol Draghici <idraghic@cisco.com>
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
Co-authored-by: Catalin Hofnar <catalin.hofnar@gmail.com>
 2022-10-05 13:21:14 +03:00
Ramkumar Chinchani 50aacb6e07 fix(license-check): also account for another result condition (#848) 
Earlier checks did not report non-golang code dependencies. Now they do,
so account for that.

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-10-04 13:36:19 -07:00
Ramkumar Chinchani 65df973f70 fix(ci/cd): update the commit msg checker settings (#846) 
Update the checker to check for length limits and against all commits.

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-10-04 09:56:07 +03:00
Ramkumar Chinchani f235f88426 chore(deps): update dependabot dependency update alerts (#845) 
https://github.com/project-zot/zot/pull/819
https://github.com/project-zot/zot/pull/841
https://github.com/project-zot/zot/pull/842
https://github.com/project-zot/zot/pull/843
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-10-03 14:33:52 -07:00
Catalin Hofnar bd9e6fc7e3 Removed swagger requirement from binary-minimal and binary (#838) 
Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
 2022-10-03 09:53:44 -07:00
Ramkumar Chinchani f658ef66ee style(ci/cd): add a commit msg style checker (#796) 
https://www.conventionalcommits.org/en/v1.0.0-beta.4/#summary

The commit message should be structured as follows:

<type>[optional scope]: <description>

[optional body]

[optional footer]

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-09-30 16:08:23 -07:00
peusebiu 8237f8d20a storage: Move common code in helper functions, closes #730 (#820) 
Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-09-30 10:35:16 -07:00
Bogdan Bivolaru 67294cc669 Add graphql query for retrieving imgSummary based on repo:tag image id. (#814) 
Refactor Image GqlResolver to better suit GetManifest.
Changed GetManifest to also return digest.

Signed-off-by: Bogdan BIVOLARU <104334+bogdanbiv@users.noreply.github.com>
 2022-09-30 10:32:32 -07:00
LaurentiuNiculae 885f139e0e Remove forking logger (#825) 
- no longer needed, the race conditions were fixed

Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2022-09-29 13:28:39 -07:00
Andrei Aaron e0d808b196 Include image vulnerability information in ImageSummary (#798) 
Return this data as part of GlobalSearch and RepoListWithNewestImage
query results.
This commit also includes refactoring of the CVE scanning logic in
order to better encapsulate trivy specific logic, remove CVE scanning
logic from the graphql resolver.

Signed-off-by: Andrei Aaron <andaaron@cisco.com>
 2022-09-28 11:39:54 -07:00
Ramkumar Chinchani 69753aa39a add sponsors info (#828) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-09-27 19:57:52 -07:00
Andreea Lupu 5ef023dbc1 add enable/disable option for scrub extension (#827) 
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
 2022-09-27 18:06:50 -07:00
Ramkumar Chinchani 18d17f5d4c also sync golang 1.19 (#826) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
v1.4.3-rc1 		2022-09-27 11:31:54 -07:00
LaurentiuNiculae b9d878e013 Fix logger race condition (#817) 
Signed-off-by: Laurentiu Niculae <niculae.laurentiu1@gmail.com>
 2022-09-26 18:18:28 +03:00
Nicol 6b1d8925c2 Validate Annotations present in image manifest and fallback to annotations in the config if not available (#790) 
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
 2022-09-23 09:28:30 -07:00
Lisca Ana-Roberta 1bad90bb9d add debug flag for zli commands (#785) 
Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
 2022-09-23 09:24:01 -07:00
Lisca Ana-Roberta 0f7b174fc0 Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com> (#713) 
list all images that have are base images for the given image + zli command

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
 2022-09-23 09:23:31 -07:00
Ramkumar Chinchani 944ae66844 fix incorrect http transport to work with proxies (#802) 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-09-23 11:16:35 +03:00
Andreea Lupu f686ab6bf6 initial design for task scheduler (#700) 
Signed-off-by: Andreea-Lupu <andreealupu1470@yahoo.com>
 2022-09-22 22:27:56 -07:00
Andrei Aaron 7517f2a5bb list all images that have all layers of the base image included (2) (#813) 
* list all images that are base images for the given image + zli command

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>

* Fix a failing test

The test expected the image size to be the size of the layer, not the manifest+config+layer

Signed-off-by: Andrei Aaron <andaaron@cisco.com>

Signed-off-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
Signed-off-by: Andrei Aaron <andaaron@cisco.com>
Co-authored-by: Lisca Ana-Roberta <ana.kagome@yahoo.com>
 2022-09-22 22:08:58 +03:00
Ramkumar Chinchani b919279eef dco: enable DCO checks only on PRs (#812) 
GitHub allows a "Squash and Merge" model which does an automatic rebase
but commit GPG signature is from GitHub. So disable DCO checks only when
merging.

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-09-22 20:13:53 +03:00
Ramkumar Chinchani 04da7fb1b7 fix dependabot alerts (#809) 
https://github.com/project-zot/zot/pull/805

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-09-22 11:27:55 +03:00
Ramkumar Chinchani e5decaa47e fix dependabot alerts 
https://github.com/project-zot/zot/pull/800
https://github.com/project-zot/zot/pull/801
https://github.com/project-zot/zot/pull/805

https://github.com/project-zot/zot/security/dependabot/26
https://github.com/project-zot/zot/security/dependabot/30

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-09-21 16:07:04 -07:00
Alex Stan 42c947fa03 Enrich ImageSummary with a new field representing image History 
Closing #748

Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>
 2022-09-21 12:50:11 -07:00
Ramkumar Chinchani 7804ba7ce0 fix dependabot alerts (#795) 
https://github.com/project-zot/zot/pull/778
https://github.com/project-zot/zot/pull/780
https://github.com/project-zot/zot/pull/781
https://github.com/project-zot/zot/pull/782
https://github.com/project-zot/zot/security/dependabot/27
https://github.com/project-zot/zot/security/dependabot/29

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-09-21 10:04:08 +03:00
Ramkumar Chinchani 3cf7cccf50 update presentation links 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-09-20 17:20:15 -07:00
Petu Eusebiu 601e4fcad4 graphql: Populate ImageSummary missing fields: 
Description, Labels, Licenses, Title, Documentation, Source

closes #786

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-09-20 11:04:45 -07:00
Ramkumar Chinchani 19410e20e5 update README.md for release 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
v1.4.2 		2022-09-15 23:15:57 -07:00
Ramkumar Chinchani 90c8390c29 routes: support resumable pull 
Some embedded clients use the "Range" header for blob pulls in order to
resume downloads.

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
v1.4.2-rc6 		2022-09-15 15:51:47 -07:00
Petu Eusebiu 7912b6a3fb Refactor s3 dedupe 
Under digest bucket create 2 buckets, one for storing origin blob
and one for storing deduped blobs.

PutBlob() - puts an origin blob in both buckets
          - puts a deduped blob in deduped bucket
GetBlob() - returns blobs only from origin bucket
DeleteBlob() - deletes an origin blob from both buckets
             and moves one deduped blob into origin bucket
             - deletes a deduped blob from deduped bucket

[storage] When deleting an origin blob, next time we GetBlob() we get a
deduped blob with no content and we will move the content from
the deleted origin blob to it (inside s3.go).

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-09-14 14:43:58 -07:00
Ramkumar Chinchani f3faae0e09 report listening port when chosen by kernel (#770) 
Based off of the PR by @thesayyn
https://github.com/project-zot/zot/pull/720

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-09-09 08:41:13 +03:00
Ramkumar Chinchani d68bbf6743 fix security alerts from artifacthub 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-09-08 09:24:33 +03:00
peusebiu 5479e2c785 s3: fix dedupe failing to manage blobs correctly (#772) 
in order to know which blob is 'real' (has content)
we need to know which was the first blob inserted in cache,
because that is always the real one.

because we can not modify the keys order in boltdb we'll do this
by marking the first blob inserted with a value

when GetBlob() return the blob which is marked
when PutBlob() if is the first one, mark it
when DeleteBlob() in case deleted is marked then mark the next blob

Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
 2022-09-08 01:12:14 +03:00
Nicol Draghici 6471add89d Read log path and verify content separately to avoid failed tests 
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
 2022-09-05 12:41:33 -07:00
slab713 8ffb053cec Replaced deprecated io/ioutil functions (#768) 
Signed-off-by: slab713 <109306207+slab713@users.noreply.github.com>
 2022-09-02 15:56:02 +03:00
Alex Stan 6ae793eb51 skip manifests inside index.json that don't have an tag annotation 
Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>
 2022-09-01 10:32:19 -07:00
Shivam Mishra 6c293719e3 storage: different subpaths can point to same root directory 
currently different subpaths can only point to same root directory only
when one or both of the storage config does not enable dedupe

different subpath should be able to point to same root directory and in
that case their storage config should be same i.e GC,Dedupe, GC delay
and GC interval

Signed-off-by: Shivam Mishra <shimish2@cisco.com>
 2022-08-31 15:43:43 -07:00
Roxana Nemulescu 3bccea7aa2 oras fix: 
newer version of oras: https://github.com/oras-project/oras/releases/tag/v0.14.0
	rename the --manifest-config to --config for push command

Signed-off-by: Roxana Nemulescu <roxana.nemulescu@gmail.com>
 2022-08-30 21:39:16 +03:00
Andrei Aaron 5dda12b6a7 Fix syntax errors in benchmark and cluster workflows 
Signed-off-by: Andrei Aaron <andaaron@cisco.com>
 2022-08-30 19:20:56 +03:00
Roxana Nemulescu 8ed34608e4 GetCatalog() - Populate _catalog with mix of many small, medium and large images 
Signed-off-by: Roxana Nemulescu <roxana.nemulescu@gmail.com>
 2022-08-30 16:48:38 +03:00
Ramkumar Chinchani cda1f4989d fix dependabot alerts 
https://github.com/project-zot/zot/pull/755
https://github.com/project-zot/zot/pull/758
https://github.com/project-zot/zot/pull/759
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-08-29 22:28:17 -07:00
Catalin Hofnar 9ca5fa1029 Implement RepoListWithNewestImage to return [RepoSummary] 
Removed access by index in repoListWithNewestImage

Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com>
 2022-08-29 13:06:17 +03:00
Ramkumar Chinchani 981ca6ddb4 fix make binary-stacker Makefile target 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-08-26 23:33:45 +03:00
Alex Stan 49e8167dbe graphql: Apply authorization on /_search endpoint 
- AccessControlContext now resides in a separate package from where it can be imported,
along with the contextKey that will be used to set and retrieve this context value.

- AccessControlContext has a new field called Username, that will be of use for future
implementations in graphQL resolvers.

- GlobalSearch resolver now uses this context to filter repos available to the logged user.

- moved logic for uploading images in tests so that it can be used in every package

- tests were added for multiple request scenarios, when zot-server requires authz
on specific repos

- added tests with injected errors for extended coverage

- added tests for status code error injection utilities

Closes https://github.com/project-zot/zot/issues/615

Signed-off-by: Alex Stan <alexandrustan96@yahoo.ro>
 2022-08-26 21:31:26 +03:00
Nicol Draghici 5450139ba1 Get identity when using TLS certificates 
Signed-off-by: Nicol Draghici <idraghic@cisco.com>
 2022-08-26 19:52:51 +03:00
Ramkumar Chinchani f9f388f32e fix artifact upload action in github workflow 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
v1.4.2-rc5 		2022-08-24 10:04:34 +03:00
Ramkumar Chinchani 399dc307e6 add a copyright notice 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-08-23 18:10:50 -07:00
Ramkumar Chinchani 2ff8e8b7d2 fix dependabot alerts 
https://github.com/project-zot/zot/pull/737
https://github.com/project-zot/zot/pull/738
https://github.com/project-zot/zot/pull/739
https://github.com/project-zot/zot/pull/740

Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
 2022-08-23 09:38:30 -07:00