Commit graph

85 commits

Author SHA1 Message Date
Mark Sagi-Kazar
3472f7a8e3
feat: accept lists in the token audience claim
Signed-off-by: Mark Sagi-Kazar <mark.sagikazar@gmail.com>
2022-09-27 15:34:26 +02:00
Sebastiaan van Stijn
6e8dd268a8
update to go 1.18 (continue testing against 1.17)
Go 1.16 reached end of life, so update to the current version of Go, but also
run CI on the previous version (which is still supported).

We should probably also decide wether or not we want the Dockerfiles to pin to
a specific minor version; this makes the releases more deterministic.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-05-05 10:36:28 +02:00
Wang Yan
f637481c67 fix go check issues
1, Fix GoSec G404: Use of weak random number generator (math/rand instead of crypto/rand)
2, Fix Static check: ST1019: package "github.com/sirupsen/logrus" is being imported more than once

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-11-15 17:31:33 +08:00
Wang Yan
3f4c558dac bump up golang v1.17
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-10-27 15:51:30 +08:00
Sebastiaan van Stijn
a07b54eb68
Update to go 1.16, and run CI on 1.15.x and 1.16.x
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-10 12:12:28 +02:00
olegburov
49f7426dcb
Bump Golang to 1.15 and Alpine to 3.12.
Signed-off-by: olegburov <oleg.burov@outlook.com>
2021-02-21 14:56:54 -08:00
Sebastiaan van Stijn
1d33874951
go.mod: change imports to github.com/distribution/distribution/v3
Go 1.13 and up enforce import paths to be versioned if a project
contains a go.mod and has released v2 or up.

The current v2.x branches (and releases) do not yet have a go.mod,
and therefore are still allowed to be imported with a non-versioned
import path (go modules add a `+incompatible` annotation in that case).

However, now that this project has a `go.mod` file, incompatible
import paths will not be accepted by go modules, and attempting
to use code from this repository will fail.

This patch uses `v3` for the import-paths (not `v2`), because changing
import paths itself is a breaking change, which means that  the
next release should increment the "major" version to comply with
SemVer (as go modules dictate).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-08 18:30:46 +01:00
Derek McGowan
e65b3f1316
Fix CI for test updates
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
2020-02-22 17:27:55 -08:00
Naveed Jamil
efdba4f210
Increase Unit Test Code Coverage
Unit test coverge was increased to cover the usages of crypto. This helps to ensure that everything is working fine with fips mode enabled.
Also updated sha1 to sha256 in registry/storage/driver/testsuites/testsuites.go because sha1 is not supported in fips mode.

Signed-off-by: Naveed Jamil <naveed.jamil@tenpearl.com>
2020-02-22 17:09:00 -08:00
Luca Bruno
15b0204758
registry: fix binary JSON content-type
This fixes registry endpoints to return the proper `application/json`
content-type for JSON content, also updating spec examples for that.

As per IETF specification and IANA registry [0], the `application/json`
type is a binary media, so the content-type label does not need any
text-charset selector. Additionally, the media type definition
explicitly states that it has no required nor optional parameters,
which makes the current registry headers non-compliant.

[0]: https://www.iana.org/assignments/media-types/application/json

Signed-off-by: Luca Bruno <lucab@debian.org>
2019-01-14 09:04:42 +00:00
Derek McGowan
aa985ba889
Merge pull request #2711 from davidswu/autoredirect
add autoredirect auth config
2018-11-27 15:48:25 -08:00
Grachev Mikhail
cd1648d62c Fix typo
Signed-off-by: Mikhail Grachev <work@mgrachev.com>
2018-10-18 17:54:19 +03:00
Rui Cao
6335cc258f Fix typo: commmand -> command
Signed-off-by: Rui Cao <ruicao@alauda.io>
2018-09-29 15:12:10 +08:00
David Wu
b2bd465760 fix checks
Signed-off-by: David Wu <david.wu@docker.com>
2018-09-20 15:24:27 -07:00
Derek McGowan
ef859e1b21
Merge pull request #2474 from vikstrous/disable-v1-master
disable schema1 by default, add a config flag to enable it
2018-08-24 10:58:39 -07:00
Ryan Abrams
0101db11ef Replace tab with space in nginx config
Quick follow-up to #9223. This gives better consistency and readability to the
file.

Signed-off-by: Ryan Abrams <rdabrams@gmail.com>
2018-08-23 16:06:46 -07:00
Olivier Gambier
16eb3b658d
Merge pull request #2368 from monikakatiyar16/patch-1
Added nginx config for uploading large sized blobs
2018-08-23 15:59:47 -07:00
Derek McGowan
b4dd9b4376
Update certificates
Set expiration to 10 years

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
2018-05-21 16:00:52 -07:00
Viktor Stanchev
e9864ce8b9 disable schema1 by default, add a config flag to enable it
port of #2473

Signed-off-by: Viktor Stanchev <me@viktorstanchev.com>
2017-12-19 10:23:25 -08:00
Monika Katiyar
118c8ee1f1 Added nginx configuration for uploading large sized blobs (layer size) to registry when using nginx as reverse proxy from monikakatiyar16
Signed-off-by: Monika Katiyar <monika@jeavio.com>
2017-11-20 15:17:47 +05:30
Stephen J Day
9c88801a12
context: remove definition of Context
Back in the before time, the best practices surrounding usage of Context
weren't quite worked out. We defined our own type to make usage easier.
As this packaged was used elsewhere, it make it more and more
challenging to integrate with the forked `Context` type. Now that it is
available in the standard library, we can just use that one directly.

To make usage more consistent, we now use `dcontext` when referring to
the distribution context package.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2017-08-11 15:53:31 -07:00
Igor Morozov
a97d7c0c15 moved Sirupsen to sirupsen on a case sensitive system
Signed-off-by: Igor Morozov <igor@adhoc05-sjc1.prod.uber.internal>
2017-06-23 20:28:48 +00:00
Nycholas de Oliveira e Oliveira
5573a13f15 Update README.md
Signed-off-by: Nycholas de Oliveira e Oliveira <nycholas@gmail.com>
2017-05-18 10:11:41 -03:00
Derek McGowan
fd13a2e0a6
Remove container after export
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-01-09 16:44:37 -08:00
Derek McGowan
37758029fb
Add test for 1.13
Use rc4 for support with plugins change

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-01-09 16:44:37 -08:00
Derek McGowan
effe01aeae
Add plugin push/pull tests
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-01-09 16:44:37 -08:00
Derek McGowan
cfff433744
Update login helpers to handle email removal
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2017-01-09 16:44:36 -08:00
Derek McGowan
f2620ca7c1
Bump call to use 1.12.3
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-11-23 13:33:19 -08:00
Derek McGowan
00a505bc42
Support docker 1.12
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-11-23 13:33:19 -08:00
Derek McGowan
61e65ecd9d
Update contrib token server to support repository class
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-11-21 13:32:12 -08:00
Derek McGowan
d35d94dcec
Update to fix lint errors
Context should use type values instead of strings.
Updated direct calls to WithValue, but still other uses of string keys.
Update Acl to ACL in s3 driver.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-10-05 17:47:12 -07:00
Derek McGowan
fc07e0380e Add v1 search with v2 token auth test
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-07-13 17:03:14 -07:00
Derek McGowan
022416c502 Add support for registry type in scope
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-07-12 17:13:43 -07:00
Richard Scothern
fb106e167a Merge pull request #1465 from dmcgowan/token-server-oauth
Integration token server supporting oauth
2016-06-13 15:01:06 -07:00
Derek McGowan
db713e127b Generate the certificate directory with a pretest script
fixes #1690

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-05-09 14:21:53 -07:00
Derek McGowan
8cded9db0d Use official docker 1.11.1 image to test docker 1.11
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-04-28 14:51:13 -07:00
Derek McGowan
ab2394446c Integration test readme update
Updates the readme to mention running the tests using golem.
Also provides instructions for making test development easier.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-04-12 14:03:56 -07:00
Derek McGowan
2ea61dc04f Add temporary cache directory
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-04-04 19:57:40 -07:00
Derek McGowan
17f7f60d77 Update docker integration tests to use golem
Use registry example from golem repository.
Use the golem test runner for the docker integration environment

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-04-04 19:57:40 -07:00
Brian Bland
5967d33342 Removes ceph rados driver in favor of Swift API gateway support
Signed-off-by: Brian Bland <brian.bland@docker.com>
2016-03-10 16:49:08 -08:00
Derek McGowan
1126e32234 Add post token implementation
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-03-04 13:53:06 -08:00
Richard Scothern
bf1398e514 Attempt to unblock the ceph build process
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-02-05 14:02:01 -08:00
Derek McGowan
e28c288444 Update to address comments
Add logging to resolve scope
Clarify response logs
Better messaging for tls setup error

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-01-28 15:47:22 -08:00
Derek McGowan
08d1f035f0 Update create token to auth/token types
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-01-25 20:12:07 -08:00
Derek McGowan
eaa9da0be3 Add simple implementation of token server
Token server implementation currently functional with existing docker 1.9.x release and latest distribution release.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-01-25 15:42:05 -08:00
Derek McGowan
8d1c44f148 Fix broken daemon startup with master
Since the daemon flag was deprecated and replaced by the daemon subcommand, the run engine should use the subcommand and only the flag for older versions

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-01-04 16:32:12 -08:00
Sebastiaan van Stijn
bacfea16bb Update links to documentation
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2015-12-21 01:22:01 +01:00
Aaron Lehmann
2b42e98a98 Download dind from v1.8.1 tag of docker/docker repo
Fixes #898.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-09-08 17:48:13 -07:00
Olivier Gambier
5df53c0681 Documentation enhancements
Making metadata:
- more consistent
- more specific (fixed copy pasting)
- refine coverage

Insecure information cleanup

Removing no longer used files:
- mkdocs is gone
- the registry diagram is not used, and is a bit silly :)

Minor fixes

Fixing links

Recipes:
- harmonized code sections style to the rest of the docs
- harmonized recipe "style"
- listing new recipes

Enhance deploying

Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-08-28 12:46:53 -07:00
Derek McGowan
1a6949134e Fix mismatched version error on integration tests
When running a different version of docker outside of the default in the integration image, then commands will fail with mismatched version unless the docker binary is specified to the correct version.

Add various cleanups to run script.
Run all commands interacting with docker inside the container in an exec.
Remove port binding to outside of container since all commands run inside.
Trap docker rm to exit in case of failure which prevents final command from running.
Do no copy images when $DOCKER_VOLUME is specified, this allows for faster runs when mounting a volume with a warm image cache.
Move exec and graph driver defaulting into run engine script.
Remove duplicated update of /etc/hosts.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-08-17 17:00:58 -07:00