1
0
mirror of https://github.com/distribution/distribution synced 2024-12-25 15:05:51 +01:00
Commit Graph

5516 Commits

Author SHA1 Message Date
Sebastiaan van Stijn
92b483efca
Make Descriptor an alias for oci.Descriptor
With the removal of the Describable interface from this type, and
deprecation of the Versioned type, the Descriptor is now an exact
equivalent of the oci.Descriptor.

This patch makes Descriptor an alias for oci.Descriptor.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-10-03 20:00:11 +02:00
João Pereira
0bfa293eea
docs: removed description of ELB as an example of an not sophisticated Load Balancer (#4476) 2024-10-03 13:20:44 +01:00
Milos Gajdos
44be16a883
TestProxyManifestsMetrics: use actual size of manifest (#4467) 2024-10-03 10:02:30 +01:00
tomoya-kawaguchi
fdb5abb940
docs: removed description of ELB as an example of an not sophisticated Load Balancer
Signed-off-by: tomoya-kawaguchi <yamo7yamoto@gmail.com>
2024-10-03 09:00:15 +09:00
Milos Gajdos
2c7d93a0b6
fix: Add the token's rootcert public key to the list of known keys (#4471) 2024-10-02 18:51:54 +01:00
Jose D. Gomez R
b53946ded3
fix: Add the token's rootcert public key to the list of known keys
- Add Unit tests for `token.newAccessController`
  + Implemented swappable implementations for `token.getRootCerts` and
    `getJwks` to unit test their behavior over the accessController
    struct.

- Use RFC7638 [0] mechanics to compute the KeyID of the rootcertbundle
  provided in the token auth config.

- Extends token authentication docs:
  + Extend `jwt.md` write up on JWT headers & JWT Validation
  + Updated old reference to a draft that's now RFC7515.
  + Extended the JWT validation steps with the JWT Header validation.
  + Reference `jwt.md` in `token.md`

[0]: https://datatracker.ietf.org/doc/html/rfc7638#autoid-13

Signed-off-by: Jose D. Gomez R <jose.gomez@suse.com>
2024-10-02 11:58:41 +02:00
Milos Gajdos
b74618692d
Add a note regarding redirects to pre-signed URLs (#4466) 2024-09-19 20:13:26 +01:00
Mikhail f. Shiryaev
63cfb18729
Add a note regarding redirects to pre-signed URLs
Signed-off-by: Mikhail f. Shiryaev <mr.felixoid@gmail.com>
2024-09-19 18:23:56 +02:00
Sebastiaan van Stijn
4a0e027e4d
TestProxyManifestsMetrics: use actual size of manifest
This test was using a hard-coded value for the size of the manifest,
which made it difficult to correlate the tested value with what it
was testing.

This patch updates populateRepo to return the actual size when
serialized, and updates manifestStoreTestEnv to include the
size to test for.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-18 22:10:15 +02:00
Milos Gajdos
2314320a70
Remove deprecated version field (#4459) 2024-09-13 19:59:00 +01:00
Tibor
38553eaaf8
chang docker-compose to docker compose
Signed-off-by: Tibor <tiborcasteleijn@gmail.com>
2024-09-07 11:47:59 +02:00
Tibor
49fad51775
chang docker-compose to docker compose
Signed-off-by: Tibor <tiborcasteleijn@gmail.com>
2024-09-07 11:47:11 +02:00
Tibor
e41848cc97
chang docker-compose to docker compose
Signed-off-by: Tibor <tiborcasteleijn@gmail.com>
2024-09-07 11:46:28 +02:00
Tibor
4615d302df
Remove deprecated version field
https://www.docker.com/blog/new-docker-compose-v2-and-v1-deprecation/

Signed-off-by: Tibor <tiborcasteleijn@gmail.com>
2024-09-06 09:23:05 +02:00
João Pereira
93e6b90d29
chore: bump golangci-lint and fix govet issues (#4454) 2024-09-02 09:51:00 +01:00
Milos Gajdos
a940e61623
Fix silly testing format mistakes
Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
2024-08-30 11:18:18 +01:00
Milos Gajdos
170ac07a5e
chore: bump golangci-lint and fix govert issues
The latest golangci-lint spits out some govet issues.
This commit fixes them. We are also bumping the linter version.

Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
2024-08-30 10:28:24 +01:00
João Pereira
ba2841b0ce
build(deps): bump github/codeql-action from 3.26.3 to 3.26.5 (#4446) 2024-08-28 23:19:24 +01:00
Milos Gajdos
6e56b3ae3c
Build artifacts and images for linux/riscv64 (#4444) 2024-08-28 07:56:03 +01:00
dependabot[bot]
44ddae31c0
build(deps): bump github/codeql-action from 3.26.3 to 3.26.5
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.3 to 3.26.5.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v3.26.3...v3.26.5)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-26 01:28:27 +00:00
Matheus Macabu
b2626e0623 Build artifacts and images for linux/riscv64
Signed-off-by: Matheus Macabu <macabu.matheus@gmail.com>
2024-08-22 22:21:53 +02:00
Milos Gajdos
3da306340a
build(deps): bump github/codeql-action from 3.26.2 to 3.26.3 (#4441) 2024-08-20 09:56:25 +01:00
Milos Gajdos
f0826f5796
chore: fix typo in rewrite storage middleware init (#4435) 2024-08-20 09:55:43 +01:00
dependabot[bot]
aabceeb985
build(deps): bump github/codeql-action from 3.26.2 to 3.26.3
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.2 to 3.26.3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v3.26.2...v3.26.3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-20 01:29:14 +00:00
Milos Gajdos
d8199f451b
chore: fix typo in rewrite storage middleware init
https://github.com/distribution/distribution/pull/4146 introduced a new
rewrite storage middleware but somehow missed to update the init logging
message. This commit fixes that.

Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
2024-08-15 08:59:30 +01:00
Milos Gajdos
fc0b89c6f7
build(deps): bump github/codeql-action from 3.26.0 to 3.26.2 (#4434) 2024-08-15 08:30:00 +01:00
dependabot[bot]
2f86b47531
build(deps): bump github/codeql-action from 3.26.0 to 3.26.2
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.0 to 3.26.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v3.26.0...v3.26.2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-15 01:09:24 +00:00
João Pereira
74b07a945f
build(deps): bump github/codeql-action from 3.25.15 to 3.26.0 (#4431) 2024-08-12 19:45:44 +01:00
João Pereira
c4ee2c1693
build(deps): bump actions/upload-artifact from 4.3.5 to 4.3.6 (#4430) 2024-08-07 09:36:51 +01:00
dependabot[bot]
64b036e085
build(deps): bump github/codeql-action from 3.25.15 to 3.26.0
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.15 to 3.26.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v3.25.15...v3.26.0)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-07 01:34:13 +00:00
dependabot[bot]
786c583689
build(deps): bump actions/upload-artifact from 4.3.5 to 4.3.6
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.5 to 4.3.6.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v4.3.5...v4.3.6)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-07 01:33:55 +00:00
Milos Gajdos
2801004c94
Use x.y.0 format for the go module version (#4423) 2024-08-06 11:57:11 +01:00
Milos Gajdos
0b7e091f89
build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.5 (#4428) 2024-08-05 16:27:20 +01:00
Milos Gajdos
ad737939a1
fix: skip removing layer's link file when '--dry-run' option specified (#4425) 2024-08-05 11:55:46 +01:00
dependabot[bot]
b3f4f3272f
build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.5
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.0 to 4.3.5.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v4.3.0...v4.3.5)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-05 01:50:18 +00:00
Milos Gajdos
6ced241207
build(deps): bump actions/configure-pages from 4 to 5 (#4409) 2024-08-01 17:30:14 +01:00
João Pereira
2728ce00bd
build(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 (#4422) 2024-08-01 16:50:43 +01:00
João Pereira
6adbec777f
build(deps): bump github/codeql-action from 2.22.12 to 3.25.15 (#4426) 2024-08-01 10:43:44 +01:00
dependabot[bot]
32e5b044f4
build(deps): bump github/codeql-action from 2.22.12 to 3.25.15
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.12 to 3.25.15.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Commits](https://github.com/github/codeql-action/compare/v2.22.12...v3.25.15)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-08-01 01:53:49 +00:00
Liang Zheng
db5c303e7e fix: skip removing layer's link file when '--dry-run' option spcified
Signed-off-by: Liang Zheng <zhengliang0901@gmail.com>
2024-07-31 23:21:45 +08:00
Milos Gajdos
f0bd0f6899
auth: fix token verification chain (#4415) 2024-07-29 18:56:44 +01:00
Milos Gajdos
70e0d8850c
auth: fix token verification chain
There was a small regression introduced in
https://github.com/distribution/distribution/pull/4349.

Specifically, if the certificate chain verification succeeds we should
return immediately instead of following up with further token verification
checks.

This commit fixes that: we only follow up with further token
verifications if x5c header is missing.

We've also refactored this method so it's hopefully clearer.

Co-authored-by: Kyle Squizzato <ksquizz@gmail.com>
Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
2024-07-29 18:48:09 +01:00
Ismail Alidzhikov
ba8e539b03 Use x.y.0 format for the go module version
Signed-off-by: Ismail Alidzhikov <i.alidjikov@gmail.com>
2024-07-29 13:20:39 +03:00
dependabot[bot]
b6016d788f
build(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.3 to 2.4.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](dc50aa9510...62b2cac7ed)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-29 01:20:28 +00:00
Milos Gajdos
3fe707de5c
chore: fix typos returned in some errors (#4414) 2024-07-22 09:13:30 +01:00
Milos Gajdos
0c4d622374
build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 (#4416) 2024-07-22 09:13:06 +01:00
dependabot[bot]
f072af9573
build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.1 to 2.3.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](0864cf1902...dc50aa9510)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-22 01:17:16 +00:00
Milos Gajdos
91eda593ef
chore: fix typos returned in some errors
Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
2024-07-21 10:12:15 +01:00
Milos Gajdos
21f3291612
build(deps): bump docker/bake-action from 4 to 5 (#4410) 2024-07-20 07:56:23 +01:00
Milos Gajdos
fde4b7d664
build(deps): bump softprops/action-gh-release from 1 to 2 (#4407) 2024-07-19 16:10:24 +01:00