TrueCloudLab/distribution
13
0
Fork 3
Code Issues 3 Pull requests Projects Releases 2 Packages Wiki Activity Actions
2724 commits 2 branches 61 tags 129 MiB
Commit graph

957 commits

Author SHA1 Message Date
Wang Yan
9a3ff11330 fix go check issues 
G404: Replace math rand with crypto rand

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-11-16 17:46:08 +08:00
Milos Gajdos
18230b7b34
Merge pull request #3384 from wy65701436/release/2.7-cp-3169 
[backport release/2.7]Added flag for user configurable cipher suites
 2021-03-23 15:23:04 +00:00
Derek McGowan
09109ab50a Fix gosimple checks 
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-03-23 21:03:20 +08:00
Manish Tomar
89e6568e34 Remove err nil check 
since type checking nil will not panic and return appropriately

Signed-off-by: Manish Tomar <manish.tomar@docker.com>
Signed-off-by: wang yan <wangyan@vmware.com>
 2021-03-23 21:03:16 +08:00
Manish Tomar
3c64ff10bb Fix gometalint errors 
Signed-off-by: Manish Tomar <manish.tomar@docker.com>
Signed-off-by: wang yan <wangyan@vmware.com>
 2021-03-23 21:03:10 +08:00
sayboras
f807afbf85 Migrate to golangci-lint 
Signed-off-by: Tam Mach <sayboras@yahoo.com>
Signed-off-by: wang yan <wangyan@vmware.com>
 2021-03-23 21:02:54 +08:00
David Luu
cc341b0110 Added flag for user configurable cipher suites 
Configuration of list of cipher suites allows a user to disable use
of weak ciphers or continue to support them for legacy usage if they
so choose.

List of available cipher suites at:
https://golang.org/pkg/crypto/tls/#pkg-constants

Default cipher suites have been updated to:
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_AES_128_GCM_SHA256
- TLS_CHACHA20_POLY1305_SHA256
- TLS_AES_256_GCM_SHA384

MinimumTLS has also been updated to include TLS 1.3 as an option
and now defaults to TLS 1.2 since 1.0 and 1.1 have been deprecated.

Signed-off-by: David Luu <david@davidluu.info>
 2021-03-23 18:42:12 +08:00
Wang Yan
3fe1d67ace close the io.ReadCloser from storage driver 
Backport PR #3309 to release/2.7

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-02-23 18:48:00 +08:00
Smasherr
cf8615dedf
Remove empty Content-Type header 
Fixes #3288

Signed-off-by: Smasherr <soundcracker@gmail.com>
(cherry picked from commit c8d90f904f)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-11-16 11:15:10 +01:00
Thomas Berger
e2f006ac2b S3 Driver: added comment for missing KeyCount workaround 
Signed-off-by: Thomas Berger <loki@lokis-chaos.de>
Signed-off-by: wang yan <wangyan@vmware.com>
 2020-03-10 22:41:10 +08:00
Eohyung Lee
0a1e4a57e2 Fix s3 driver for supporting ceph radosgw 
Radosgw does not support S3 `GET Bucket` API v2 API but v1.
This API has backward compatibility, so most of this API is working
correctly but we can not get `KeyCount` in v1 API and which is only
for v2 API.

Signed-off-by: Eohyung Lee <liquidnuker@gmail.com>
 2020-03-10 22:35:31 +08:00
Vishesh Jindal
afa91463d6
Bugfix: Make ipfilteredby not required 
Signed-off-by: Vishesh Jindal <vishesh92@gmail.com>
(cherry picked from commit f9a0506191)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-01-28 19:41:02 +01:00
David Wu
caf43bbcc2 default autoredirect to false 
Signed-off-by: David Wu <david.wu@docker.com>
 2019-01-04 13:47:17 -08:00
Derek McGowan
aa985ba889
Merge pull request #2711 from davidswu/autoredirect 
add autoredirect auth config
 2018-11-27 15:48:25 -08:00
Matt Tescher
7c4d584e58 add bugsnag logrus hook 
Signed-off-by: Matt Tescher <matthew.tescher@docker.com>
 2018-10-25 14:52:10 -07:00
Yongxin Li
de8636b78c typo fix about overridden 
Signed-off-by: Yongxin Li <yxli@alauda.io>
 2018-09-27 20:27:09 +08:00
Rui Cao
569d18aef9 Fix some typos 
Signed-off-by: Rui Cao <ruicao@alauda.io>
 2018-09-24 09:05:44 +08:00
David Wu
2e1e6307dd add autoredirect to option 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-20 19:33:06 -07:00
David Wu
b2bd465760 fix checks 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-20 15:24:27 -07:00
Viktor Stanchev
f730f3ab77 add autoredirect auth config 
It redirects the user to to the Host header's domain whenever they try to use
token auth.

Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-20 14:47:43 -07:00
Olivier Gambier
16128bbac4
Merge pull request #2707 from davidswu/go-1.11 
remove dependencies on resumable
 2018-09-20 12:47:44 -07:00
liyongxin
6133840f49 typo fix from existant to existent 
Signed-off-by: liyongxin <yxli@alauda.io>
Signed-off-by: Yongxin Li <yxli@alauda.io>
 2018-09-13 19:37:13 +08:00
David Wu
a927fbdb9b track digest offset in blobwriter 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-12 14:53:27 -07:00
David Wu
bd41413d57 remove closenotifier 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-11 16:14:10 -07:00
David Wu
166874ade9 fix gofmt and goimports 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-11 16:14:10 -07:00
David Wu
877d706b38 remove dependencies on resumable 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-11 08:21:27 -07:00
Derek McGowan
642075f42c
Merge pull request #2631 from whoshuu/feature/improve-gcs-driver 
Improve gcs driver
 2018-09-05 17:48:03 -07:00
Derek McGowan
15de837aa8
Merge pull request #2704 from dmcgowan/fix-2703 
Fix registry stripping newlines from manifests
 2018-09-05 17:46:56 -07:00
Huu Nguyen
7a195dd5ca Add back include_gcs build constraint 
Signed-off-by: Huu Nguyen <whoshuu@gmail.com>
 2018-09-05 15:48:30 -07:00
Huu Nguyen
69299d93d9 Use existing jwtConf instead of creating a scoped one 
Signed-off-by: Huu Nguyen <whoshuu@gmail.com>
 2018-09-05 15:48:30 -07:00
Tony Holdstock-Brown
f9187b2572 Add regulator to GCS 
Signed-off-by: Huu Nguyen <whoshuu@gmail.com>
 2018-09-05 15:48:30 -07:00
Andrey Kostov
b424c3d870 Better error handling for GCS credential argument addition 
Signed-off-by: Andrey Kostov <kostov.andrey@gmail.com>
 2018-09-05 15:48:29 -07:00
Andrey Kostov
78238ef1a0 Add credentials argument for GCS driver 
Signed-off-by: Andrey Kostov <kostov.andrey@gmail.com>
 2018-09-05 15:48:29 -07:00
Derek McGowan
c88728f217
Fix registry stripping newlines from manifests 
Content must be preserved exactly

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
 2018-09-05 13:40:42 -07:00
Ryan Abrams
6b73a9ab89 Ignore missing paths during enumeration 
It's possible to run into a race condition in which the enumerator lists
lots of repositories and then starts the long process of enumerating through
them. In that time if someone deletes a repo, the enumerator may error out.

Signed-off-by: Ryan Abrams <rdabrams@gmail.com>
 2018-09-05 10:17:08 -07:00
David Wu
8d7e4cd388 fix goimports and gofmt 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-04 17:45:39 -07:00
Olivier Gambier
90705d2fb8
Merge pull request #2362 from twistlock/populate_htpasswd 
Create and populate htpasswd file if missing
 2018-08-31 00:25:37 -07:00
Derek McGowan
b12bd4004a
Merge pull request #2639 from andrew-leung/manifesteventlayers 
Add configurable layers in manifest events
 2018-08-28 16:03:05 -07:00
Derek McGowan
059f301d54
Merge pull request #2685 from manishtomar/mani-graceful-shutdown 
Graceful shutdown
 2018-08-27 14:24:53 -07:00
Olivier Gambier
3354cf98e3
Merge pull request #2680 from manishtomar/mani-fix-mem-leak 
fix memory leak introduced in PR #2648
 2018-08-24 14:35:12 -07:00
Derek McGowan
ef859e1b21
Merge pull request #2474 from vikstrous/disable-v1-master 
disable schema1 by default, add a config flag to enable it
 2018-08-24 10:58:39 -07:00
Olivier
53bd46af5c
Merge pull request #2651 from mikebrow/manifest-version-test-on-put 
adds validation testing for schema version values
 2018-08-20 12:19:40 -07:00
Olivier
6411087274
Merge pull request #2681 from dmcgowan/update-yaml 
Update yaml parser
 2018-08-20 12:18:21 -07:00
David Wu
0b0d470281 use aws sdk to validate regions 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-08-20 11:02:14 -07:00
Andrew Leung
5e4b81a578 Use references terminology instead of layers. 
Signed-off-by: Andrew Leung <anwleung@gmail.com>
 2018-08-20 10:01:40 -07:00
Manish Tomar
40efb602d6
Add support to gracefully shutdown the server 
This is done by draining the connections for configured time after registry receives a SIGTERM signal.
This adds a `draintimeout` setting under `HTTP`. Registry doesn't drain
if draintimeout is not provided.

Signed-off-by: Manish Tomar <manish.tomar@docker.com>
 2018-08-20 10:01:26 -07:00
Derek McGowan
f0ee5720a5
Update yaml parser 
Mark the top level Loglevel field as deprecated

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
 2018-08-14 16:42:36 -07:00
Manish Tomar
13f8189f2a fix memory leak introduced in PR #2648 
context.App.repoRemover is single registry instance stored throughout
app run. It was wrapped in another remover when processing each request.
This remover happened to be remover got from previous request. This way
every remover created was stored in infinite linked list causing memory
leak. Fixing it by storing the wrapped remover inside the request context
which will get gced when request context is gced. This was introduced in
PR #2648.

Signed-off-by: Manish Tomar <manish.tomar@docker.com>
 2018-08-14 16:41:45 -07:00
Mike Brown
2fdb2ac270 adds validation testing for schema version values 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-08-14 08:53:54 -05:00
Derek McGowan
5f37adaa41
Merge pull request #2673 from dmp42/TLS 
Remove ciphers that do not support perfect forward secrecy
 2018-08-10 16:03:59 -07:00