We want to be consistent in our deps so tracking down issue does not end
up in a murder mystery hunt. This commit picks a specific otel versions
that are unified in this codebase.
Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
Some S3 compatible object storage systems like R2 require that all
multipart chunks are the same size. This was mostly true before, except
the final chunk was larger than the requested chunk size which causes
uploads to fail.
In addition, the two byte slices have been replaced with a single
*bytes.Buffer and the surrounding code simplified significantly.
Fixes: #3873
Signed-off-by: Thomas Way <thomas@6f.io>
In preparation to the next release we're going to bump some deps such as
various cloud SDKs we can test i.e. AWS, Google Cloud, etc.
Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
It would appear that requesting Go 1.21 in the build matrix has no
effect whatsoever on what go toolchain is actually used to build the
project.
Specifying 1.22.0 in the go.mod go directive forces the 1.22 toolchain
to be used for building Go source files, ignoring whatever Go version we
set in the GHA CI matrix.
Luckily we can enforce the right setting by setting GOTOOLCHAIN=local
which forces Go to use the locally available toolchain instead of
downloading the one requested by go.mod.
Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
when a directory is empty, the s3 api lists it with a trailing slash.
this causes the path to be appended twice to the walkInfo slice, causing
purge uploads path transformations to panic when the `_uploads` is
emtpy.
this adds a check for file paths ending on slash, and do not append
those as regular files to the walkInfo slice.
fixes#4358
Signed-off-by: Flavian Missi <fmissi@redhat.com>
With the removal of the Describable interface from this type, and
deprecation of the Versioned type, the Descriptor is now an exact
equivalent of the oci.Descriptor.
This patch makes Descriptor an alias for oci.Descriptor.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- Add Unit tests for `token.newAccessController`
+ Implemented swappable implementations for `token.getRootCerts` and
`getJwks` to unit test their behavior over the accessController
struct.
- Use RFC7638 [0] mechanics to compute the KeyID of the rootcertbundle
provided in the token auth config.
- Extends token authentication docs:
+ Extend `jwt.md` write up on JWT headers & JWT Validation
+ Updated old reference to a draft that's now RFC7515.
+ Extended the JWT validation steps with the JWT Header validation.
+ Reference `jwt.md` in `token.md`
[0]: https://datatracker.ietf.org/doc/html/rfc7638#autoid-13
Signed-off-by: Jose D. Gomez R <jose.gomez@suse.com>
This test was using a hard-coded value for the size of the manifest,
which made it difficult to correlate the tested value with what it
was testing.
This patch updates populateRepo to return the actual size when
serialized, and updates manifestStoreTestEnv to include the
size to test for.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The latest golangci-lint spits out some govet issues.
This commit fixes them. We are also bumping the linter version.
Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
This change allows users to run the registry as a pull-through cache
that can use a credential helper to authenticate against the upstream
registry.
Signed-off-by: Chun-Hung Hsiao <chhsiao@google.com>
