TrueCloudLab/distribution
13
0
Fork 3
Code Issues 2 Pull requests Projects Releases 2 Packages Wiki Activity Actions
4634 commits 2 branches 61 tags 129 MiB
Commit graph

4634 commits

This branch
This branch
All branches
Author SHA1 Message Date
David Luu
1e625d0076 Added flag for user configurable cipher suites 
Configuration of list of cipher suites allows a user to disable use
of weak ciphers or continue to support them for legacy usage if they
so choose.

List of available cipher suites at:
https://golang.org/pkg/crypto/tls/#pkg-constants

Default cipher suites have been updated to:
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_AES_128_GCM_SHA256
- TLS_CHACHA20_POLY1305_SHA256
- TLS_AES_256_GCM_SHA384

MinimumTLS has also been updated to include TLS 1.3 as an option
and now defaults to TLS 1.2 since 1.0 and 1.1 have been deprecated.

Signed-off-by: David Luu <david@davidluu.info>
 2021-02-25 14:19:56 -06:00
Akihiro Suda
c432849e44
docs/spec/manifest-v2-2.md: fix ARM variant 
The correct `vairant` string for ARM v6 is "v6", not "armv6l".

There is no known implementation that actually uses "armv6l".

See the discussion in opencontainers/image-spec PR 817

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2021-02-25 17:51:26 +09:00
Wang Yan
785fe625ca
Merge pull request #3222 from olegburov/bump-golang-alpine 
Bump Golang to `1.15`.
 2021-02-25 14:34:20 +08:00
olegburov
49f7426dcb
Bump Golang to 1.15 and Alpine to 3.12. 
Signed-off-by: olegburov <oleg.burov@outlook.com>
 2021-02-21 14:56:54 -08:00
João Pereira
f89664f7d1
Merge pull request #3240 from olegburov/bump-logrus-logstash-hook 
Upgrade Logstash hook for Logrus to 1.0.0
 2021-02-21 13:09:51 +00:00
Chris Patterson
cac0eed76f
Merge pull request #3362 from thomasrockhu/codecov-badge 
Add Codecov badge
 2021-02-19 12:17:28 -05:00
Don Bowman
9c43ba9dcc
fix: disable DisableHTMLEscape on logrus json logging 
Fixes #3363

Without this, we emit illegal json logs, the user-agent
ends up as:

```
"http.request.useragent": "docker/19.03.4 go/go1.12.10 git-commit/9013bf583a kernel/5.10.10-051010-generic os/linux arch/amd64 UpstreamClient(Docker-Client/19.03.4 \(linux\))"
```

which is not valid according to [spec](https://www.json.org/json-en.html)

specifically, string: "<any codepoint except " or \ or control>*"

Signed-off-by: Don Bowman <don@agilicus.com>
 2021-02-15 13:16:27 -05:00
olegburov
907e7be545 Bump Logstash hook for logrus to v1.0.0. 
Signed-off-by: olegburov <oleg.burov@outlook.com>
 2021-02-11 21:51:13 -08:00
Tom Hu
c95293bbdf Add Codecov badge 
Signed-off-by: Tom Hu <tomhu1096@gmail.com>
 2021-02-10 13:38:38 -05:00
Wang Yan
22c074842e
Merge pull request #3225 from thaJeztah/fix_gomod 
go.mod: change imports to github.com/distribution/distribution/v3
 2021-02-09 12:28:32 +08:00
Sebastiaan van Stijn
1d33874951
go.mod: change imports to github.com/distribution/distribution/v3 
Go 1.13 and up enforce import paths to be versioned if a project
contains a go.mod and has released v2 or up.

The current v2.x branches (and releases) do not yet have a go.mod,
and therefore are still allowed to be imported with a non-versioned
import path (go modules add a `+incompatible` annotation in that case).

However, now that this project has a `go.mod` file, incompatible
import paths will not be accepted by go modules, and attempting
to use code from this repository will fail.

This patch uses `v3` for the import-paths (not `v2`), because changing
import paths itself is a breaking change, which means that  the
next release should increment the "major" version to comply with
SemVer (as go modules dictate).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2021-02-08 18:30:46 +01:00
João Pereira
6200038bc7
Merge pull request #3204 from stefannica/fsDriverRelaxedPermissions 
Relax filesystem driver folder permissions to 0777
 2021-02-06 16:12:02 +00:00
João Pereira
66fae5e443
Merge pull request #3265 from cydu-cloud/master 
Update repo normalize error message to include name
 2021-02-06 16:10:21 +00:00
João Pereira
f82e1c2332
Merge pull request #3300 from jubalh/sp 
Fix minor spelling mistakes
 2021-02-06 16:03:09 +00:00
João Pereira
d7476f67c1
Merge pull request #3229 from thaJeztah/remove_md2man 
scripts: remove unused md2man from dev-tools
 2021-02-06 16:02:20 +00:00
João Pereira
65279ea676
Merge pull request #3305 from justincormack/update-readme 
Update README
 2021-02-06 15:29:59 +00:00
João Pereira
a18ebf9f78
Merge pull request #3146 from andriisoldatenko/get-rid-apache2-utils 
Remove apache2-utils from Dockerfile
 2021-02-06 15:26:45 +00:00
João Pereira
038a5060de
Merge pull request #2905 from 2opremio/master 
Honor contexts passed to registry client methods
 2021-02-06 15:25:03 +00:00
João Pereira
3f0d066b5d
Merge pull request #3244 from patrickeasters/patch-1 
Fix typo for image digest regular expression in spec
 2021-02-06 11:28:55 +00:00
Novak Ivanovski
e7dc768ae5 Self-signed certificate with Kubernetes fix 
In Go 1.15 there is common name deprecation for using Common name:
https://golang.google.cn/doc/go1.15#commonname

This causes the self-signed cert to be rejected by some Kubernetes platforms:
https://stackoverflow.com/questions/64814173/how-do-i-use-sans-with-openssl-instead-of-common-name

Fix is to add this field to the cert.
 2021-02-05 23:58:09 -05:00
Patrick Easters
639de6a02f Fix typo for digest regexp 
Signed-off-by: Patrick Easters <peasters@redhat.com>
 2021-02-05 14:52:27 -05:00
João Pereira
a637ebcd01
Merge pull request #3242 from olegburov/bump-gorilla-handlers 
Upgrade Gorilla Handlers to 1.5.1
 2021-02-03 18:58:04 +00:00
João Pereira
e15438df55
Merge pull request #3201 from davidwarshaw/patch-1 
Clarify repo name regex intention
 2021-02-03 18:55:55 +00:00
Michael Vetter
4d34a31762 Correct spelling: decription -> description 
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
 2021-02-03 13:12:23 +01:00
Michael Vetter
084c0bd100 Fix typo in docu of NewURLBuilderFromString() 
And one more minor typo.

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
 2021-02-03 13:12:16 +01:00
Michael Vetter
f0c93f65a2 Fix typo in NewSimpleManager() documentation 
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
 2021-02-03 13:11:53 +01:00
Milos Gajdos
4269ab721f
Merge pull request #3352 from milosgajdos/update-badges 
Update README badges
 2021-02-03 09:08:47 +00:00
Milos Gajdos
ce2aacfcd5
Merge pull request #3353 from justincormack/mirantis 
Propose two maintainers from Mirantis
 2021-02-03 09:05:15 +00:00
Milos Gajdos
5a3f698f87
Change Build Status badge URL 
Co-authored-by: Chris Patterson <chrispat@github.com>

Signed-off-by: Milos Gajdos <milosgajdos83@gmail.com>
 2021-02-02 16:21:51 +00:00
Justin Cormack
0517a1c779
Propose two maintainers from Mirantis 
Mirantis Secure Registry (once Docker Trusted Registry) also uses
Distribution as its core code. Propose two maintainers from Mirantis
as Distribution maintainers.

Signed-off-by: Justin Cormack <justin@specialbusservice.com>
 2021-02-02 14:57:53 +00:00
Andrii Soldatenko
fa2894067c
get rid of apache2-utils 
Signed-off-by: Andrii Soldatenko <andrii.soldatenko@gmail.com>
 2021-02-02 15:42:07 +02:00
Milos Gajdos
6e4e8298de
Update README badges 
* Build status points to CI action
* GoDoc points to pkg.go.dev
* License points to License file

Signed-off-by: Milos Gajdos <milosgajdos83@gmail.com>
 2021-02-02 11:44:06 +00:00
Chris Patterson
cc4d27f681
Merge pull request #3350 from distribution/remove-travis 2021-02-01 20:12:09 -05:00
Chris Patterson
bddb8d42ea Removing travis 
Signed-off-by: Chris Patterson <chrispat@github.com>
 2021-02-01 11:00:56 -05:00
Chris Patterson
edf4afcbeb Revert "Merge branch 'main' of https://github.com/distribution/distribution into main" 
This reverts commit 1100e30e1c, reversing
changes made to b659eb060f.

Signed-off-by: Chris Patterson <chrispat@github.com>
 2021-02-01 10:52:22 -05:00
Chris Patterson
1100e30e1c Merge branch 'main' of https://github.com/distribution/distribution into main 2021-02-01 08:29:00 -05:00
Wang Yan
9886800868 Add a basic e2e test for CI 
Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-02-01 16:15:45 +08:00
João Pereira
e2ee31405d
Merge pull request #3343 from thaJeztah/update_slack_channel 
Update slack channel to CNCF slack
 2021-01-30 10:20:46 +00:00
Chris Patterson
ae2bedd3b9
Merge pull request #3344 from distribution/actions-fix-push 
Fixing push workflow
 2021-01-29 15:56:47 -05:00
Chris Patterson
402d3c943a Fixing push workflow 
Signed-off-by: Chris Patterson <chrispat@github.com>
 2021-01-29 15:48:07 -05:00
Chris Patterson
b659eb060f
Update ci.yml 2021-01-29 15:42:19 -05:00
Chris Patterson
da9a88bc97 Fixing push workflow 
Signed-off-by: Chris Patterson <chrispat@github.com>
 2021-01-29 15:38:04 -05:00
Chris Patterson
be3670387f
Merge pull request #3338 from chrispat/actions-ci 
Adding first draft of CI on GitHub Actions
 2021-01-29 15:06:59 -05:00
Chris Patterson
64874d17b1 First draft of actions based ci 
Signed-off-by: Chris Patterson <chrispat@github.com>
 2021-01-29 14:40:09 -05:00
Sebastiaan van Stijn
b431b34fb8
update slack channel to CNCF slack 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2021-01-28 22:53:44 +01:00
Chris Aniszczyk
a63bd4d3f1
Add CodeQL Security Scanning 
Signed-off-by: Chris Aniszczyk <caniszczyk@gmail.com>
 2021-01-28 11:38:29 -06:00
Justin Cormack
13407c9e33
Merge pull request #3337 from SteveLasker/maintainer-update 
Adding Steve Lasker as a maintainer
 2021-01-28 13:48:53 +00:00
Usha Mandya
96357c9616 Merge pull request #12195 from usha-mandya/12193-patch 
Fix broken links
 2021-01-28 12:41:34 +00:00
Usha Mandya
977c98e06f Fix broken links 
Signed-off-by: Usha Mandya <usha.mandya@docker.com>
 2021-01-28 10:07:41 +00:00
Steve Lasker
239c368ff6
Per distribution call, adding Steve Lasker as a maintainer to help with OCI and Notary collaboration. 
Signed-off-by: Steve Lasker <stevenlasker@hotmail.com>
 2021-01-27 09:38:17 -08:00