mirror of
https://github.com/project-zot/zot.git
synced 2026-06-17 12:58:02 +08:00
Bachir Khiati
ba8575d960
Adds a configurable maximum repository count per registry instance. When maxRepos is set on StorageConfig, manifest pushes that would create a new repository beyond the limit are rejected with HTTP 429 TOOMANYREQUESTS. Pushes to existing repositories are always allowed. Implemented as an always-available feature in pkg/api (not a build-tag extension). MaxRepos is a field on StorageConfig, enabled when > 0. - repoQuotaMiddleware on the dist-spec router intercepts manifest PUTs. New-repo pushes are serialized with a sync.Mutex to prevent concurrent requests from exceeding the limit. - Adds CountRepos(ctx) to the MetaDB interface with efficient implementations: BoltDB (Stats().KeyN), Redis (HLen), DynamoDB (Scan with Select=COUNT). - Config.IsQuotaEnabled() added, wired into controller.go metaDB init. - Four integration tests (enforcement, concurrency, disabled, unconfigured) and backend-specific CountRepos tests for BoltDB, Redis, and DynamoDB. Signed-off-by: Bachir Khiati <bachir.khiati@gmail.com>
48 lines
1.6 KiB
Bash
Executable File
48 lines
1.6 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
set -e
|
|
|
|
# Docker build env: single platform, no attestations (avoids OCI index / attestation manifest list)
|
|
export BUILDX_NO_DEFAULT_ATTESTATIONS=1
|
|
export DOCKER_DEFAULT_PLATFORM=linux/amd64
|
|
|
|
BATS_FLAGS=${BATS_FLAGS:-"--print-output-on-failure"}
|
|
SCRIPTPATH="$( cd -- "$(dirname "$0")" >/dev/null 2>&1 ; pwd -P )"
|
|
BATS=${SCRIPTPATH}/../../hack/tools/bin/bats
|
|
PATH=$PATH:${SCRIPTPATH}/../../hack/tools/bin
|
|
|
|
# Pre-download Docker images before running tests
|
|
echo "Setting up Docker images..."
|
|
${SCRIPTPATH}/setup_images.sh
|
|
|
|
tests=("pushpull" "pushpull_authn" "delete_images" "referrers" "metadata" "anonymous_policy"
|
|
"annotations" "detect_manifest_collision" "cve" "sync" "sync_docker" "sync_replica_cluster"
|
|
"scrub" "garbage_collect" "metrics" "metrics_minimal" "multiarch_index" "docker_compat" "redis_local" "redis_session_store"
|
|
"events_nats" "events_http" "events_nats_lint_failure" "events_http_lint_failure" "events_sink_failure" "events_config_decoding"
|
|
"fips140" "fips140_authn" "openid_claim_mapping" "upgrade" "upgrade_minimal" "dynamic_tls" "quota")
|
|
|
|
for test in ${tests[*]}; do
|
|
${BATS} ${BATS_FLAGS} ${SCRIPTPATH}/${test}.bats > ${test}.log & pids+=($!)
|
|
done
|
|
|
|
i=0
|
|
success="true"
|
|
for pid in ${pids[*]}; do
|
|
if ! wait $pid; then
|
|
echo "${tests[$i]} test returns an error !!!"
|
|
cat ${tests[$i]}.log
|
|
success="false"
|
|
# we still need to wait for other PIDs to finish for the script to return properly
|
|
else
|
|
echo "${tests[$i]} test completed successfully."
|
|
fi
|
|
rm ${tests[$i]}.log
|
|
i=$((i+1))
|
|
done
|
|
|
|
if [ "$success" == "false" ]; then
|
|
exit 1
|
|
fi
|
|
|
|
echo "Successfully run all tests"
|