mirror of
https://github.com/project-zot/zot.git
synced 2026-06-15 11:37:56 +08:00
Ramkumar Chinchani
934b22d124
* fix(security): enhance timeout configurations and body size limits for HTTP requests Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * fix(tests): refactor backend result handling in proxyHTTPRequest test Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * fix(security): preserve ContentLength in proxied requests to prevent server hang Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * fix(security): preserve explicit zero-length request bodies in proxyHTTPRequest fix(tests): add test for normalizedTimeout function to ensure default fallback Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * fix(security): prevent default HTTP timeout values from being set unless explicitly configured Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * fix(security): refactor timeout handling to use explicit checks for nil and non-positive values Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * fix(tests): add wait_for_event_count function to ensure expected event generation Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * fix(security): improve timeout handling and update error responses for large requests Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * fix(security): enhance HTTP timeout handling with explicit accessors and default values Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * fix(security): increase default API key body size and timeout values for improved performance Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * fix(security): unify timeout handling by replacing specific read/write timeouts with a single default timeout Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * fix(security): consolidate HTTP timeout accessors and enhance timeout handling Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> * fix(security): simplify HTTP timeout accessors and set default values for read/write timeouts Co-authored-by: Copilot <copilot@github.com> Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> --------- Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com> Co-authored-by: Copilot <copilot@github.com>
55 lines
1.3 KiB
Go
55 lines
1.3 KiB
Go
//go:build !metrics
|
|
|
|
package api
|
|
|
|
import "time"
|
|
|
|
// LogConfig and the other types below are exported so the cli package can read them from configuration file.
|
|
type LogConfig struct {
|
|
Level string
|
|
Output string
|
|
}
|
|
|
|
type MetricsConfig struct {
|
|
Path string
|
|
}
|
|
|
|
type ServerConfig struct {
|
|
Protocol string
|
|
Host string
|
|
Port string
|
|
// CACert is an optional path to a PEM-encoded CA certificate used to verify
|
|
// the zot server's TLS certificate. Required when the server uses a
|
|
// self-signed or private CA. Leave empty to use the system cert pool.
|
|
CACert string
|
|
}
|
|
|
|
type ExporterConfig struct {
|
|
Port string
|
|
ReadTimeout *time.Duration `mapstructure:"readTimeout,omitempty"`
|
|
WriteTimeout *time.Duration `mapstructure:"writeTimeout,omitempty"`
|
|
Log *LogConfig
|
|
Metrics *MetricsConfig
|
|
}
|
|
|
|
type Config struct {
|
|
Server ServerConfig
|
|
Exporter ExporterConfig
|
|
}
|
|
|
|
func DefaultConfig() *Config {
|
|
readTimeout := defaultTimeout
|
|
writeTimeout := defaultTimeout
|
|
|
|
return &Config{
|
|
Server: ServerConfig{Protocol: "http", Host: "localhost", Port: "8080"},
|
|
Exporter: ExporterConfig{
|
|
Port: "8081",
|
|
ReadTimeout: &readTimeout,
|
|
WriteTimeout: &writeTimeout,
|
|
Log: &LogConfig{Level: "debug"},
|
|
Metrics: &MetricsConfig{Path: "/metrics"},
|
|
},
|
|
}
|
|
}
|