github/zot
1
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2026-06-15 11:37:56 +08:00
Code Issues Packages Projects Releases Wiki Activity
1,523 Commits 37 Branches 132 Tags
cb9d682a6936695d1d82d1a29b553775f24906f2
T
Clone
Open with VS Code Open with VSCodium
Download ZIP Download TAR.GZ Download BUNDLE
Akash Kumar cb9d682a69 feat(auth): map OpenID groups claim (#3999) 
* feat(auth): map OpenID groups claim

Signed-off-by: Akash Kumar <meakash7902@gmail.com>

* fix(auth): refine OIDC claim mapping logs

Signed-off-by: Akash Kumar <meakash7902@gmail.com>

* refactor(auth): collapse OIDC username fallback into nested if

Reuse the empty-username branch for the email fallback so the value is
checked once and the failure path lives next to the recovery attempt.

Signed-off-by: Akash Kumar <meakash7902@gmail.com>

* refactor(auth): consolidate OIDC claim extraction into authn.go

Move getOpenIDClaimMapping, getOpenIDUsername, and appendOpenIDGroups
out of routes.go into authn.go alongside a new extractOpenIDIdentity
helper that owns the username/groups extraction flow. This keeps the
HTTP callback in routes.go thin and groups OIDC plumbing with the rest
of the authentication code.

Also:
- Filter nil and empty entries consistently across the []any, []string,
  and string branches of appendOpenIDGroups, with new test cases
  covering []any{nil, ""} and []string{"admin","",...}.
- Surface a Warn log when an operator-configured username claim is
  missing/empty so the fallback to email isn't silent.
- Rename openid_claim_mapping_internal_test.go to authn_internal_test.go
  and drop the build tags that aren't needed for the internal tests.

Signed-off-by: Akash Kumar <meakash7902@gmail.com>

---------

Signed-off-by: Akash Kumar <meakash7902@gmail.com>
2026-05-01 11:59:51 +03:00
.github
fix(ci): pass GITHUB_TOKEN explicitly to oras login in sync-trivy step (#3961)
2026-04-12 11:17:41 +03:00
.zap
feat(ui): update zui version (#2162)
2024-01-17 17:22:33 +02:00
build
fix(build): upgrade zot runtime base image to distroless debian13 (#3791)
2026-02-12 13:22:55 +02:00
cmd
feat(zb): Support for TTFB measurement + on-demand sync tests (#3929)
2026-04-24 09:03:11 -07:00
demos
feat(sync): use regclient for sync extension (#2903)
2025-04-15 16:58:15 -07:00
docs
swagger: rename 'docs/' to 'swagger/'
2021-10-21 13:46:14 -07:00
errors
feat(auth): support OIDC RP-Initiated Logout (#3975)
2026-04-25 23:19:29 +03:00
examples
feat(auth): map OpenID groups claim (#3999)
2026-05-01 11:59:51 +03:00
pkg
feat(auth): map OpenID groups claim (#3999)
2026-05-01 11:59:51 +03:00
scripts
feat(events): add events extension (#3045)
2025-05-02 12:30:06 -07:00
swagger
fix(security): enhance timeout configurations and body size limits fo… (#3984)
2026-04-26 22:23:48 +03:00
test
feat(cosign): add support for cosign bundle (#4023)
2026-05-01 10:21:06 +03:00
.gitattributes
build(deps): bump all dependencies (#2532)
2024-08-02 14:23:53 -07:00
.gitignore
fix: migrate from github.com/rs/zerolog to golang-native log/slog (#3405)
2025-10-03 12:34:03 -07:00
.golangci.yaml
feat: support pushing multiple tags for a single manifest (#3885)
2026-03-29 21:13:24 +03:00
CODE_OF_CONDUCT.md
doc: add a CODE_OF_CONDUCT.md
2020-12-15 11:20:45 -08:00
codecov.yml
refactor(metadb): improve UX by speeding up metadb serialize/deserialize (#1842)
2023-10-30 13:06:04 -07:00
CODEOWNERS
docs: update maintainers and codeowners info (#3502)
2025-10-31 12:47:10 -07:00
COMPARISON.md
move references to zotregistry.io and project-zot
2021-12-05 10:52:27 -08:00
CONTRIBUTING.md
build: fix container image targets (#1856)
2023-10-04 09:12:56 -07:00
go.mod
chore: fix dependabot alerts (#4020)
2026-04-26 21:52:54 -07:00
go.sum
chore: fix dependabot alerts (#4020)
2026-04-26 21:52:54 -07:00
LICENSE
fix: license copyright update (#3167)
2025-05-25 11:57:49 +03:00
MAINTAINERS.md
docs: update maintainers and codeowners info (#3502)
2025-10-31 12:47:10 -07:00
Makefile
feat(cosign): add support for cosign bundle (#4023)
2026-05-01 10:21:06 +03:00
NOTICE
docs: fix copyright related info for cncf onboarding (#1117)
2023-01-17 15:43:45 -08:00
README_fuzz.md
Add fuzz tests for storage_fs (#601)
2022-07-27 20:37:55 +03:00
README.md
fix: migrate to Go module v2 for proper semantic versioning (#3462)
2025-10-16 22:43:47 -07:00
SECURITY.md
chore: update support matrix
2024-03-14 09:43:42 -07:00
THIRD-PARTY-LICENSES.md
chore: fix dependabot alerts (#2645)
2024-09-09 18:32:57 -07:00
tools.go
chore: update golangci-lint and fix all issues (#3575)
2025-11-22 23:36:48 +02:00
zot.go
zot: initial commit
2019-06-21 15:29:19 -07:00

README.md

zot

build test nightly jobs codecov conformance CodeQL CII Best Practices OpenSSF Scorecard Go Reference FOSSA Status

zot: a production-ready vendor-neutral OCI image registry - images stored in OCI image format, distribution specification on-the-wire, that's it!

Documentation for zot is located at: https://zotregistry.dev

Code of conduct details are here.

License

FOSSA Status

Reference in New Issue View Git Blame Copy Permalink
S
Description
No description provided
distribution-spechelmkubernetesocioci-distributionopencontainerszot
Readme Apache-2.0 803 MiB
Languages
Go 93%
Shell 6.4%
Makefile 0.4%