Commit graph

4735 commits

Author SHA1 Message Date
Milos Gajdos
5a76dc8df1
Merge pull request #3169 from d-luu/configurable_ciphersuites
Added flag for user-configurable cipher suites

Thanks, @d-luu for putting the effort into this. Much appreciated!
2021-02-26 08:17:32 +00:00
David Luu
1e625d0076 Added flag for user configurable cipher suites
Configuration of list of cipher suites allows a user to disable use
of weak ciphers or continue to support them for legacy usage if they
so choose.

List of available cipher suites at:
https://golang.org/pkg/crypto/tls/#pkg-constants

Default cipher suites have been updated to:
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_AES_128_GCM_SHA256
- TLS_CHACHA20_POLY1305_SHA256
- TLS_AES_256_GCM_SHA384

MinimumTLS has also been updated to include TLS 1.3 as an option
and now defaults to TLS 1.2 since 1.0 and 1.1 have been deprecated.

Signed-off-by: David Luu <david@davidluu.info>
2021-02-25 14:19:56 -06:00
Akihiro Suda
c432849e44
docs/spec/manifest-v2-2.md: fix ARM variant
The correct `vairant` string for ARM v6 is "v6", not "armv6l".

There is no known implementation that actually uses "armv6l".

See the discussion in opencontainers/image-spec PR 817

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2021-02-25 17:51:26 +09:00
Wang Yan
785fe625ca
Merge pull request #3222 from olegburov/bump-golang-alpine
Bump Golang to `1.15`.
2021-02-25 14:34:20 +08:00
olegburov
49f7426dcb
Bump Golang to 1.15 and Alpine to 3.12.
Signed-off-by: olegburov <oleg.burov@outlook.com>
2021-02-21 14:56:54 -08:00
João Pereira
f89664f7d1
Merge pull request #3240 from olegburov/bump-logrus-logstash-hook
Upgrade Logstash hook for Logrus to 1.0.0
2021-02-21 13:09:51 +00:00
Chris Patterson
cac0eed76f
Merge pull request #3362 from thomasrockhu/codecov-badge
Add Codecov badge
2021-02-19 12:17:28 -05:00
Don Bowman
9c43ba9dcc
fix: disable DisableHTMLEscape on logrus json logging
Fixes #3363

Without this, we emit illegal json logs, the user-agent
ends up as:

```
"http.request.useragent": "docker/19.03.4 go/go1.12.10 git-commit/9013bf583a kernel/5.10.10-051010-generic os/linux arch/amd64 UpstreamClient(Docker-Client/19.03.4 \(linux\))"
```

which is not valid according to [spec](https://www.json.org/json-en.html)

specifically, string: "<any codepoint except " or \ or control>*"

Signed-off-by: Don Bowman <don@agilicus.com>
2021-02-15 13:16:27 -05:00
olegburov
907e7be545 Bump Logstash hook for logrus to v1.0.0.
Signed-off-by: olegburov <oleg.burov@outlook.com>
2021-02-11 21:51:13 -08:00
Tom Hu
c95293bbdf Add Codecov badge
Signed-off-by: Tom Hu <tomhu1096@gmail.com>
2021-02-10 13:38:38 -05:00
Wang Yan
22c074842e
Merge pull request #3225 from thaJeztah/fix_gomod
go.mod: change imports to github.com/distribution/distribution/v3
2021-02-09 12:28:32 +08:00
Sebastiaan van Stijn
1d33874951
go.mod: change imports to github.com/distribution/distribution/v3
Go 1.13 and up enforce import paths to be versioned if a project
contains a go.mod and has released v2 or up.

The current v2.x branches (and releases) do not yet have a go.mod,
and therefore are still allowed to be imported with a non-versioned
import path (go modules add a `+incompatible` annotation in that case).

However, now that this project has a `go.mod` file, incompatible
import paths will not be accepted by go modules, and attempting
to use code from this repository will fail.

This patch uses `v3` for the import-paths (not `v2`), because changing
import paths itself is a breaking change, which means that  the
next release should increment the "major" version to comply with
SemVer (as go modules dictate).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-08 18:30:46 +01:00
João Pereira
6200038bc7
Merge pull request #3204 from stefannica/fsDriverRelaxedPermissions
Relax filesystem driver folder permissions to 0777
2021-02-06 16:12:02 +00:00
João Pereira
66fae5e443
Merge pull request #3265 from cydu-cloud/master
Update repo normalize error message to include name
2021-02-06 16:10:21 +00:00
João Pereira
f82e1c2332
Merge pull request #3300 from jubalh/sp
Fix minor spelling mistakes
2021-02-06 16:03:09 +00:00
João Pereira
d7476f67c1
Merge pull request #3229 from thaJeztah/remove_md2man
scripts: remove unused md2man from dev-tools
2021-02-06 16:02:20 +00:00
João Pereira
65279ea676
Merge pull request #3305 from justincormack/update-readme
Update README
2021-02-06 15:29:59 +00:00
João Pereira
a18ebf9f78
Merge pull request #3146 from andriisoldatenko/get-rid-apache2-utils
Remove apache2-utils from Dockerfile
2021-02-06 15:26:45 +00:00
João Pereira
038a5060de
Merge pull request #2905 from 2opremio/master
Honor contexts passed to registry client methods
2021-02-06 15:25:03 +00:00
João Pereira
3f0d066b5d
Merge pull request #3244 from patrickeasters/patch-1
Fix typo for image digest regular expression in spec
2021-02-06 11:28:55 +00:00
Novak Ivanovski
e7dc768ae5 Self-signed certificate with Kubernetes fix
In Go 1.15 there is common name deprecation for using Common name:
https://golang.google.cn/doc/go1.15#commonname

This causes the self-signed cert to be rejected by some Kubernetes platforms:
https://stackoverflow.com/questions/64814173/how-do-i-use-sans-with-openssl-instead-of-common-name

Fix is to add this field to the cert.
2021-02-05 23:58:09 -05:00
Patrick Easters
639de6a02f Fix typo for digest regexp
Signed-off-by: Patrick Easters <peasters@redhat.com>
2021-02-05 14:52:27 -05:00
João Pereira
a637ebcd01
Merge pull request #3242 from olegburov/bump-gorilla-handlers
Upgrade Gorilla Handlers to 1.5.1
2021-02-03 18:58:04 +00:00
João Pereira
e15438df55
Merge pull request #3201 from davidwarshaw/patch-1
Clarify repo name regex intention
2021-02-03 18:55:55 +00:00
Michael Vetter
4d34a31762 Correct spelling: decription -> description
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2021-02-03 13:12:23 +01:00
Michael Vetter
084c0bd100 Fix typo in docu of NewURLBuilderFromString()
And one more minor typo.

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2021-02-03 13:12:16 +01:00
Michael Vetter
f0c93f65a2 Fix typo in NewSimpleManager() documentation
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2021-02-03 13:11:53 +01:00
Milos Gajdos
4269ab721f
Merge pull request #3352 from milosgajdos/update-badges
Update README badges
2021-02-03 09:08:47 +00:00
Milos Gajdos
ce2aacfcd5
Merge pull request #3353 from justincormack/mirantis
Propose two maintainers from Mirantis
2021-02-03 09:05:15 +00:00
Milos Gajdos
5a3f698f87
Change Build Status badge URL
Co-authored-by: Chris Patterson <chrispat@github.com>

Signed-off-by: Milos Gajdos <milosgajdos83@gmail.com>
2021-02-02 16:21:51 +00:00
Justin Cormack
0517a1c779
Propose two maintainers from Mirantis
Mirantis Secure Registry (once Docker Trusted Registry) also uses
Distribution as its core code. Propose two maintainers from Mirantis
as Distribution maintainers.

Signed-off-by: Justin Cormack <justin@specialbusservice.com>
2021-02-02 14:57:53 +00:00
Andrii Soldatenko
fa2894067c
get rid of apache2-utils
Signed-off-by: Andrii Soldatenko <andrii.soldatenko@gmail.com>
2021-02-02 15:42:07 +02:00
Milos Gajdos
6e4e8298de
Update README badges
* Build status points to CI action
* GoDoc points to pkg.go.dev
* License points to License file

Signed-off-by: Milos Gajdos <milosgajdos83@gmail.com>
2021-02-02 11:44:06 +00:00
Chris Patterson
cc4d27f681
Merge pull request #3350 from distribution/remove-travis 2021-02-01 20:12:09 -05:00
Chris Patterson
bddb8d42ea Removing travis
Signed-off-by: Chris Patterson <chrispat@github.com>
2021-02-01 11:00:56 -05:00
Chris Patterson
edf4afcbeb Revert "Merge branch 'main' of https://github.com/distribution/distribution into main"
This reverts commit 1100e30e1c, reversing
changes made to b659eb060f.

Signed-off-by: Chris Patterson <chrispat@github.com>
2021-02-01 10:52:22 -05:00
Chris Patterson
1100e30e1c Merge branch 'main' of https://github.com/distribution/distribution into main 2021-02-01 08:29:00 -05:00
Wang Yan
9886800868 Add a basic e2e test for CI
Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-02-01 16:15:45 +08:00
João Pereira
e2ee31405d
Merge pull request #3343 from thaJeztah/update_slack_channel
Update slack channel to CNCF slack
2021-01-30 10:20:46 +00:00
Chris Patterson
ae2bedd3b9
Merge pull request #3344 from distribution/actions-fix-push
Fixing push workflow
2021-01-29 15:56:47 -05:00
Chris Patterson
402d3c943a Fixing push workflow
Signed-off-by: Chris Patterson <chrispat@github.com>
2021-01-29 15:48:07 -05:00
Chris Patterson
b659eb060f
Update ci.yml 2021-01-29 15:42:19 -05:00
Chris Patterson
da9a88bc97 Fixing push workflow
Signed-off-by: Chris Patterson <chrispat@github.com>
2021-01-29 15:38:04 -05:00
Chris Patterson
be3670387f
Merge pull request #3338 from chrispat/actions-ci
Adding first draft of CI on GitHub Actions
2021-01-29 15:06:59 -05:00
Chris Patterson
64874d17b1 First draft of actions based ci
Signed-off-by: Chris Patterson <chrispat@github.com>
2021-01-29 14:40:09 -05:00
Sebastiaan van Stijn
b431b34fb8
update slack channel to CNCF slack
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-01-28 22:53:44 +01:00
Chris Aniszczyk
a63bd4d3f1
Add CodeQL Security Scanning
Signed-off-by: Chris Aniszczyk <caniszczyk@gmail.com>
2021-01-28 11:38:29 -06:00
Justin Cormack
13407c9e33
Merge pull request #3337 from SteveLasker/maintainer-update
Adding Steve Lasker as a maintainer
2021-01-28 13:48:53 +00:00
Usha Mandya
96357c9616 Merge pull request #12195 from usha-mandya/12193-patch
Fix broken links
2021-01-28 12:41:34 +00:00
Usha Mandya
977c98e06f Fix broken links
Signed-off-by: Usha Mandya <usha.mandya@docker.com>
2021-01-28 10:07:41 +00:00