github/zot
1
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2026-06-16 04:17:55 +08:00
Code Issues Packages Projects Releases Wiki Activity
731 Commits 38 Branches 132 Tags
336526065f7954b00983c217005012f08ca9a26c
T
Clone
Open with VS Code Open with VSCodium
Download ZIP Download TAR.GZ Download BUNDLE
Lisca Ana-Roberta 336526065f feat(groups)!: added "groups" mechanism for authZ (#1123) 
BREAKING CHANGE: repository paths are now specified under a new config key called "repositories" under "accessControl" section in order to handle "groups" feature. Previously the repository paths were specified directly under "accessControl".

This PR adds the ability to create groups of users which can be used for authZ policies, instead of just users.

{
"http": {
   "accessControl": {
       "groups": {

Just like the users, groups can be part of repository policies/default policies/admin policies. The 'groups' field in accessControl can be missing if there are no groups. The permissions priority is user>group>default>admin policy, verified in this order (in authz.go), and permissions are cumulative. It works with LDAP too, and the group attribute name is configurable. The DN of the group is used as the group name and the functionality is the same. All groups for the given user are added to the context in authn.go. Repository paths are now specified under a new keyword called "repositories" under "accessControl" section in order to handle "groups" feature.

Signed-off-by: Ana-Roberta Lisca <ana.kagome@yahoo.com>
2023-03-08 11:47:15 -08:00
.github
chore(go.mod): fix dependabot alerts (#1247)
2023-03-06 11:05:19 -08:00
.zap
test(ui): add owasp zap scanner in ci/cd (#1224)
2023-02-27 11:25:47 -08:00
build
build(ui): the ui is now included in the zot binary by default (#1202)
2023-02-23 22:28:08 +02:00
cmd
perf(zb): cleanup tool output (#1033)
2022-11-29 14:04:36 -08:00
demos
oras fix:
2022-08-30 21:39:16 +03:00
docs
swagger: rename 'docs/' to 'swagger/'
2021-10-21 13:46:14 -07:00
errors
feat(repodb): Multiarch Image support (#1147)
2023-02-27 11:23:18 -08:00
examples
feat(groups)!: added "groups" mechanism for authZ (#1123)
2023-03-08 11:47:15 -08:00
pkg
feat(groups)!: added "groups" mechanism for authZ (#1123)
2023-03-08 11:47:15 -08:00
swagger
fix: removed references to old dist-spec (#1128)
2023-01-31 09:35:33 -08:00
test
feat(groups)!: added "groups" mechanism for authZ (#1123)
2023-03-08 11:47:15 -08:00
.gitignore
feat(ui): package zui within zot binary (#1161)
2023-02-10 14:52:54 -08:00
CODE_OF_CONDUCT.md
doc: add a CODE_OF_CONDUCT.md
2020-12-15 11:20:45 -08:00
codecov.yml
test(swagger): remove autogenerated swagger code from code coverage (#993)
2022-11-13 16:43:28 +02:00
CODEOWNERS
add a CODEOWNERS file
2022-05-04 11:52:28 -07:00
COMPARISON.md
move references to zotregistry.io and project-zot
2021-12-05 10:52:27 -08:00
CONTRIBUTING.md
build(tags): remove redundant build tag ui_base (#857)
2022-10-10 15:05:55 +03:00
go.mod
chore(go.mod): fix dependabot alerts (#1251)
2023-03-07 09:59:59 +02:00
go.sum
chore(go.mod): fix dependabot alerts (#1251)
2023-03-07 09:59:59 +02:00
golangcilint.yaml
fix(go.mod): replace opencontainers/umoci dependency with project-stacker/umoci (#1240)
2023-03-05 21:11:07 -08:00
LICENSE
docs: fix copyright related info for cncf onboarding (#1117)
2023-01-17 15:43:45 -08:00
MAINTAINERS.md
docs: fix CNCF related documentation (#1099)
2023-01-10 15:52:11 -08:00
Makefile
feat(ui): update to the latest zui version which supports new multiarch image APIs (#1246)
2023-03-06 09:42:05 -08:00
NOTICE
docs: fix copyright related info for cncf onboarding (#1117)
2023-01-17 15:43:45 -08:00
README_fuzz.md
Add fuzz tests for storage_fs (#601)
2022-07-27 20:37:55 +03:00
README.md
docs: update README.md (#1078)
2022-12-21 10:46:31 +02:00
SECURITY.md
add a security policy document
2022-07-12 14:25:57 -07:00
THIRD-PARTY-LICENSES.md
update 3rd party licenses
2022-04-08 09:48:13 -07:00
tools.go
chore(trivy): update trivy version and enforce OCI compliant repo names in local image storage (#1068)
2023-01-18 08:24:44 -08:00
zot.go
zot: initial commit
2019-06-21 15:29:19 -07:00

README.md

zot build-test codecov.io Conformance Results CodeQL CII Best Practices Go Reference

zot: a production-ready vendor-neutral OCI image registry - images stored in OCI image format, distribution specification on-the-wire, that's it!

Docs

Documentation for zot is located at: https://zotregistry.io

Code of Conduct

Details are in the code of conduct

Reference in New Issue View Git Blame Copy Permalink
S
Description
No description provided
distribution-spechelmkubernetesocioci-distributionopencontainerszot
Readme Apache-2.0 803 MiB
Languages
Go 93.6%
Shell 5.8%
Makefile 0.4%