TrueCloudLab/distribution
13
0
Fork 3
Code Issues 3 Pull requests Projects Releases 2 Packages Wiki Activity Actions
2771 commits 2 branches 61 tags 129 MiB
Commit graph

999 commits

Author SHA1 Message Date
Greg Rebholz
cdb62b2b77 Registry - make minimum TLS version user configurable 
Signed-off-by: J. Gregory Rebholz <gregrebholz@gmail.com>
 2019-01-11 18:11:03 -05:00
David Wu
eb1a2cd911 default autoredirect to false 
Signed-off-by: David Wu <david.wu@docker.com>
 2019-01-04 11:05:12 -08:00
Li Yi
90bed67126 Support BYOK for OSS storage driver 
Change-Id: I423ad03e63bd38aded3abfcba49079ff2fbb3b74
Signed-off-by: Li Yi <denverdino@gmail.com>
 2018-12-25 08:30:40 +08:00
Derek McGowan
aa985ba889
Merge pull request #2711 from davidswu/autoredirect 
add autoredirect auth config
 2018-11-27 15:48:25 -08:00
Manish Tomar
1251e51ad0 better name and updated tests 
- use ManifestDigests name instead of Indexes
- update tests to validate against multiple tags

Signed-off-by: Manish Tomar <manish.tomar@docker.com>
 2018-11-01 10:31:08 -07:00
Manish Tomar
9ebf151ac2 API to retrive tag's digests 
Add an interface alongside TagStore that provides API to retreive
digests of all manifests that a tag historically pointed to. It also
includes currently linked tag.

Signed-off-by: Manish Tomar <manish.tomar@docker.com>
 2018-10-29 18:19:05 -07:00
Matt Tescher
7c4d584e58 add bugsnag logrus hook 
Signed-off-by: Matt Tescher <matthew.tescher@docker.com>
 2018-10-25 14:52:10 -07:00
Yongxin Li
de8636b78c typo fix about overridden 
Signed-off-by: Yongxin Li <yxli@alauda.io>
 2018-09-27 20:27:09 +08:00
Rui Cao
569d18aef9 Fix some typos 
Signed-off-by: Rui Cao <ruicao@alauda.io>
 2018-09-24 09:05:44 +08:00
David Wu
2e1e6307dd add autoredirect to option 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-20 19:33:06 -07:00
David Wu
b2bd465760 fix checks 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-20 15:24:27 -07:00
Viktor Stanchev
f730f3ab77 add autoredirect auth config 
It redirects the user to to the Host header's domain whenever they try to use
token auth.

Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-20 14:47:43 -07:00
Olivier Gambier
16128bbac4
Merge pull request #2707 from davidswu/go-1.11 
remove dependencies on resumable
 2018-09-20 12:47:44 -07:00
liyongxin
6133840f49 typo fix from existant to existent 
Signed-off-by: liyongxin <yxli@alauda.io>
Signed-off-by: Yongxin Li <yxli@alauda.io>
 2018-09-13 19:37:13 +08:00
David Wu
a927fbdb9b track digest offset in blobwriter 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-12 14:53:27 -07:00
David Wu
bd41413d57 remove closenotifier 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-11 16:14:10 -07:00
David Wu
166874ade9 fix gofmt and goimports 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-11 16:14:10 -07:00
David Wu
877d706b38 remove dependencies on resumable 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-11 08:21:27 -07:00
Derek McGowan
642075f42c
Merge pull request #2631 from whoshuu/feature/improve-gcs-driver 
Improve gcs driver
 2018-09-05 17:48:03 -07:00
Derek McGowan
15de837aa8
Merge pull request #2704 from dmcgowan/fix-2703 
Fix registry stripping newlines from manifests
 2018-09-05 17:46:56 -07:00
Huu Nguyen
7a195dd5ca Add back include_gcs build constraint 
Signed-off-by: Huu Nguyen <whoshuu@gmail.com>
 2018-09-05 15:48:30 -07:00
Huu Nguyen
69299d93d9 Use existing jwtConf instead of creating a scoped one 
Signed-off-by: Huu Nguyen <whoshuu@gmail.com>
 2018-09-05 15:48:30 -07:00
Tony Holdstock-Brown
f9187b2572 Add regulator to GCS 
Signed-off-by: Huu Nguyen <whoshuu@gmail.com>
 2018-09-05 15:48:30 -07:00
Andrey Kostov
b424c3d870 Better error handling for GCS credential argument addition 
Signed-off-by: Andrey Kostov <kostov.andrey@gmail.com>
 2018-09-05 15:48:29 -07:00
Andrey Kostov
78238ef1a0 Add credentials argument for GCS driver 
Signed-off-by: Andrey Kostov <kostov.andrey@gmail.com>
 2018-09-05 15:48:29 -07:00
Derek McGowan
c88728f217
Fix registry stripping newlines from manifests 
Content must be preserved exactly

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
 2018-09-05 13:40:42 -07:00
Ryan Abrams
6b73a9ab89 Ignore missing paths during enumeration 
It's possible to run into a race condition in which the enumerator lists
lots of repositories and then starts the long process of enumerating through
them. In that time if someone deletes a repo, the enumerator may error out.

Signed-off-by: Ryan Abrams <rdabrams@gmail.com>
 2018-09-05 10:17:08 -07:00
David Wu
8d7e4cd388 fix goimports and gofmt 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-04 17:45:39 -07:00
Olivier Gambier
90705d2fb8
Merge pull request #2362 from twistlock/populate_htpasswd 
Create and populate htpasswd file if missing
 2018-08-31 00:25:37 -07:00
Derek McGowan
b12bd4004a
Merge pull request #2639 from andrew-leung/manifesteventlayers 
Add configurable layers in manifest events
 2018-08-28 16:03:05 -07:00
Derek McGowan
059f301d54
Merge pull request #2685 from manishtomar/mani-graceful-shutdown 
Graceful shutdown
 2018-08-27 14:24:53 -07:00
Olivier Gambier
3354cf98e3
Merge pull request #2680 from manishtomar/mani-fix-mem-leak 
fix memory leak introduced in PR #2648
 2018-08-24 14:35:12 -07:00
Derek McGowan
ef859e1b21
Merge pull request #2474 from vikstrous/disable-v1-master 
disable schema1 by default, add a config flag to enable it
 2018-08-24 10:58:39 -07:00
Olivier
53bd46af5c
Merge pull request #2651 from mikebrow/manifest-version-test-on-put 
adds validation testing for schema version values
 2018-08-20 12:19:40 -07:00
Olivier
6411087274
Merge pull request #2681 from dmcgowan/update-yaml 
Update yaml parser
 2018-08-20 12:18:21 -07:00
David Wu
0b0d470281 use aws sdk to validate regions 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-08-20 11:02:14 -07:00
Andrew Leung
5e4b81a578 Use references terminology instead of layers. 
Signed-off-by: Andrew Leung <anwleung@gmail.com>
 2018-08-20 10:01:40 -07:00
Manish Tomar
40efb602d6
Add support to gracefully shutdown the server 
This is done by draining the connections for configured time after registry receives a SIGTERM signal.
This adds a `draintimeout` setting under `HTTP`. Registry doesn't drain
if draintimeout is not provided.

Signed-off-by: Manish Tomar <manish.tomar@docker.com>
 2018-08-20 10:01:26 -07:00
Derek McGowan
f0ee5720a5
Update yaml parser 
Mark the top level Loglevel field as deprecated

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
 2018-08-14 16:42:36 -07:00
Manish Tomar
13f8189f2a fix memory leak introduced in PR #2648 
context.App.repoRemover is single registry instance stored throughout
app run. It was wrapped in another remover when processing each request.
This remover happened to be remover got from previous request. This way
every remover created was stored in infinite linked list causing memory
leak. Fixing it by storing the wrapped remover inside the request context
which will get gced when request context is gced. This was introduced in
PR #2648.

Signed-off-by: Manish Tomar <manish.tomar@docker.com>
 2018-08-14 16:41:45 -07:00
Mike Brown
2fdb2ac270 adds validation testing for schema version values 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-08-14 08:53:54 -05:00
Derek McGowan
5f37adaa41
Merge pull request #2673 from dmp42/TLS 
Remove ciphers that do not support perfect forward secrecy
 2018-08-10 16:03:59 -07:00
Derek McGowan
88530ef7a0
Merge pull request #2671 from dmp42/goamz 
Remove goamz
 2018-08-10 15:54:04 -07:00
Olivier
7d9f067716
Merge pull request #2632 from whoshuu/feature/improve-s3-driver 
Improve s3 driver
 2018-08-10 15:01:11 -07:00
Olivier
d260b18f2f Remove ciphers that do not support perfect forward secrecy 
Signed-off-by: Olivier <o+github@gambier.email>
 2018-08-10 14:58:51 -07:00
dmp
9caa7a81bc Remove goamz 
Signed-off-by: Olivier <o+github@gambier.email>
 2018-08-10 11:11:53 -07:00
Olivier
b7446e89bf
Merge pull request #2599 from legionus/storage-inmemory-deadlock 
Fix deadlock in the inmemory storage driver
 2018-08-09 15:26:12 -07:00
Olivier
0cbe144826
Merge pull request #2602 from dmage/errmessage 
Use e.Message field instead of e.Code.Message()
 2018-08-09 15:21:32 -07:00
Olivier
4a75b72fd3
Merge pull request #2662 from dmcgowan/enable-structcheck 
Enable static checks
 2018-08-07 19:01:38 -07:00
Olivier
eefe9670bd
Merge pull request #2661 from dmcgowan/enable-goimports 
Enable goimports check
 2018-08-07 14:59:49 -07:00
Derek McGowan
003aa051b4
Merge pull request #2648 from manishtomar/tag-deleted-event 
add repo and tag deletion event
 2018-08-07 11:50:56 -07:00
Derek McGowan
db0a4ec1c8
Enable static checks 
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
 2018-08-06 14:49:11 -07:00
Derek McGowan
795e11d5fb
Enable goimports check 
Validates that goimports has been run on all files

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
 2018-08-06 14:37:44 -07:00
Derek McGowan
32e2260be2
Enable struct check 
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
 2018-08-06 13:55:43 -07:00
Manish Tomar
8c05756141 lint fix 
Signed-off-by: Manish Tomar <manish.tomar@docker.com>
 2018-08-06 09:46:42 -07:00
Manish Tomar
8f6758278d take handler update 
forgot to commit this earlier

Signed-off-by: Manish Tomar <manish.tomar@docker.com>
 2018-08-02 23:13:37 -07:00
Manish Tomar
328069bb4d add support for repo deleted event also 
by having another interface RepositoryRemover that is implemented by
registry instance and is injected in app context for event tracking

Signed-off-by: Manish Tomar <manish.tomar@docker.com>
 2018-08-02 23:05:05 -07:00
Mike Brown
20aecf1d7b added test for initial oci schema version 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-07-19 19:41:31 -05:00
Mike Brown
5f588fbf9b address review comment regarding panic use 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-07-19 16:07:26 -05:00
Andrew Leung
276fdce3d9 Add configurable layers in manifest events 
Signed-off-by: Andrew Leung <anwleung@gmail.com>
 2018-06-27 09:27:24 -07:00
Mike Brown
e8d7941ca6 address lint and gofmt issues 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-06-25 15:45:15 -05:00
Huu Nguyen
f5c6357c6d Update s3_test to account for SkipVerify parameter 
Signed-off-by: Huu Nguyen <whoshuu@gmail.com>
 2018-06-22 12:00:28 -07:00
Huu Nguyen
7655a3d91f Add option to skip certificate verification for the s3 driver 
Signed-off-by: Huu Nguyen <whoshuu@gmail.com>
 2018-06-22 12:00:21 -07:00
Owen W. Taylor
132abc6de5 Test storing OCI image manifests and indexes with/without a media type 
OCI Image manifests and indexes are supported both with and without
an embeded MediaType (the field is reserved according to the spec).
Test storing and retrieving both types from the manifest store.

Signed-off-by: Owen W. Taylor <otaylor@fishsoup.net>
 2018-06-19 11:24:25 -04:00
Owen W. Taylor
60d9c5dfad Handle OCI manifests and image indexes without a media type 
In the OCI image specification, the MediaType field is reserved
and otherwise undefined; assume that manifests without a media
in storage are OCI images or image indexes, and determine which
by looking at what fields are in the JSON. We do keep a check
that when unmarshalling an OCI image or image index, if it has
a MediaType field, it must match that media type of the upload.

Signed-off-by: Owen W. Taylor <otaylor@fishsoup.net>
 2018-06-19 11:24:25 -04:00
Mike Brown
ad7ab0853c folow commit 9c88801a12 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-06-18 13:55:24 -05:00
Mike Brown
7b47fb13cf update url policy support; testing for annoations in index 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-06-18 13:55:24 -05:00
Mike Brown
ec2aa05cdf addressing comments from stevvooe 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-06-18 13:55:24 -05:00
Mike Brown
6bae7ca597 refactor adding enum for storage types 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-06-18 13:55:24 -05:00
Mike Brown
9e3f78b8c8 addresses minor debug comments 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-06-18 13:55:24 -05:00
Mike Brown
b0cef05626 removes oci. namespace feature 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-06-18 13:55:24 -05:00
Mike Brown
426afb3a4c address get manifest issue with oci. namespace; and comment descriptions 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-06-18 13:55:24 -05:00
Mike Brown
c94f28805e OCI media types; annotation support; oci index 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-06-18 13:48:58 -05:00
Mike Brown
6fcea22b0a add an ocischema manifest handler for the registry 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-06-18 13:48:58 -05:00
Mike Brown
9986e8ca7c adds support for oci manifests and manifestlists 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-06-18 13:48:58 -05:00
Yu Wang
62797237b9 closes #2496 and #2552 
Update Azure SDK with release v16.2.1
Update Azure autorest SDK with release v10.8.1

Signed-off-by: Yu Wang <yuwa@microsoft.com>
 2018-06-08 16:53:02 -07:00
Oleg Bulatov
7bc438a534
Use e.Message field instead of e.Code.Message() 
Signed-off-by: Oleg Bulatov <oleg@bulatov.me>
 2018-06-04 17:29:46 +02:00
Gladkov Alexey
fc7e8f42d7 Fix deadlock in the inmemory storage driver 
According golang documentation [1]: no goroutine should expect to be
able to acquire a read lock until the initial read lock is released.

[1] https://golang.org/pkg/sync/#RWMutex

Signed-off-by: Gladkov Alexey <agladkov@redhat.com>
 2018-05-30 18:01:08 +02:00
Olivier Gambier
23bef416bd
Merge pull request #2538 from tianon/challanges 
Fix minor "Challanges" typo
 2018-03-21 09:58:14 -07:00
Derek McGowan
607ae5d128
Merge pull request #2501 from xiaonancc77/master 
Added ignore event types into notifications
 2018-03-14 10:37:02 -07:00
Michal Minář
492844e09c redis: delete right size attribute 
Signed-off-by: Michal Minář <miminar@redhat.com>
 2018-03-13 15:25:32 +01:00
elsanli(李楠)
fc1d3647c6 Added ignore event typs into notifications 
Signed-off-by: elsanli(李楠) <elsanli@tencent.com>
 2018-03-13 16:00:44 +08:00
Tianon Gravi
f2805894c8 Fix minor "Challanges" typo 
Signed-off-by: Tianon Gravi <admwiggin@gmail.com>
 2018-03-01 11:25:05 -08:00
Stephen Day
6664ec7039
Merge pull request #2466 from tifayuki/prometheus_go_metrics 
add prometheus metrics
 2018-02-09 15:49:04 -08:00
tifayuki
e3c37a46e2 Add Prometheus Metrics 
at the first iteration, only the following metrics are collected:

  - HTTP metrics of each API endpoint
  - cache counter for request/hit/miss
  - histogram of storage actions, including:
    GetContent, PutContent, Stat, List, Move, and Delete

Signed-off-by: tifayuki <tifayuki@gmail.com>
 2018-02-09 14:27:51 -08:00
Derek McGowan
13076371a6
Merge pull request #2520 from ywk253100/ignore_path_not_found_error 
Ignore path not found error when look up tags
 2018-02-09 11:19:52 -08:00
Wenkai Yin
005c6e0236 ignore path not found error when look up tags 
Signed-off-by: Wenkai Yin <yinw@vmware.com>
 2018-02-08 17:32:25 +08:00
Stephen Day
d707ea2428
Merge pull request #2469 from felixbuenemann/letsencrypt-host-whitelist-support 
Let's Encrypt Host Whitelist Support
 2018-02-06 16:11:20 -08:00
Stephen J Day
1ba5b3b553
registry/storage: ignore missing tag on delete 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2018-02-06 15:25:51 -08:00
Stephen Day
fea8bd5114
Merge pull request #2471 from GarageDeveloper/master 
fixes #2249: sanitize tenant and tenantid
 2018-02-02 16:29:34 -08:00
Felix Bünemann
4ecb17cc4c registry: support whitelisting letsencrypt hosts 
This adds a configuration setting `HTTP.TLS.LetsEncrypt.Hosts` which can
be set to a list of hosts that the registry will whitelist for retrieving
certificates from Let's Encrypt. HTTPS connections with SNI hostnames
that are not whitelisted will be closed with an "unknown host" error.
It is required to avoid lots of unsuccessful registrations attempts that
are triggered by malicious clients connecting with bogus SNI hostnames.

NOTE: Due to a bug in the deprecated vendored rsc.io/letsencrypt library
clearing the host list requires deleting or editing of the cachefile to
reset the hosts list to null.

Signed-off-by: Felix Buenemann <felix.buenemann@gmail.com>
 2018-02-01 21:16:58 +01:00
Derek McGowan
5cb406d511
Merge pull request #2455 from sargun/make-walk-faster 
s3: improve walk performance
 2018-01-19 13:00:03 -08:00
Sargun Dhillon
cbcbcb02c5 Remove old walk function 
This removes the old global walk function, and changes all
the code to use the per-driver walk functions.

Signed-off-by: Sargun Dhillon <sargun@sargun.me>
 2018-01-18 13:06:07 -08:00
Sargun Dhillon
c7b0da2622 Use the new walk method for catalog enumeration 
This change is primarily to make GC faster.

Signed-off-by: Sargun Dhillon <sargun@sargun.me>
 2018-01-18 11:58:46 -08:00
Stephen J Day
585cdeb571
context, registry/handlers: remove net/context references 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2018-01-17 16:01:41 -08:00
Sargun Dhillon
35b29a609e Use the New Driver Walk method for catalog enumeration 
This changes the Walk Method used for catalog enumeration. Just to show
how much an effect this has on our s3 storage:
Original:
List calls: 6839

real    3m16.636s
user    0m0.000s
sys    0m0.016s

New:
ListObjectsV2 Calls: 1805

real    0m49.970s
user    0m0.008s
sys    0m0.000s

This is because it no longer performs a list and stat per item, and instead
is able to use the metadata gained from the list as a replacement to stat.

Signed-off-by: Sargun Dhillon <sargun@sargun.me>
 2018-01-07 22:45:17 -08:00
Sargun Dhillon
32ac467992 Introduce Walk Method Per Storage Driver 
Move the Walk types into registry/storage/driver, and add a Walk method to each
storage driver. Although this is yet another API to implement, there is a fall
back implementation that relies on List and Stat. For some filesystems this is
very slow.

Also, this WalkDir Method conforms better do a traditional WalkDir (a la filepath).

This change is in preparation for refactoring.

Signed-off-by: Sargun Dhillon <sargun@sargun.me>
 2018-01-07 22:45:17 -08:00
Jesse Haka
ff87ad884c add possibility to clean untagged manifests 
add tests

add possibility to clean untagged manifests

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

add dry tests

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

remove underscores

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

fixes

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

opts struct+use camelcase

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

doublecheck manifest in paths.go

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

add gofmt

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

fix lint

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

add log print

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

move log to dryrun as well

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

remove counter

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

remove manifest tag references

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

add tag to tests

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

manifestsWithoutTags -> removeUntagged

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

remove RemoveManifestTagReferences and use removemanifests

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

remove comment

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

remove pathfor

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

move removemanifest out of manifestenumerator, it does not work correctly if we delete stuff in it

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

add comment

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

fix context -> dcontext

Signed-off-by: Jesse Haka <haka.jesse@gmail.com>

fix gofmt
 2018-01-05 12:20:01 +02:00
Viktor Stanchev
e9864ce8b9 disable schema1 by default, add a config flag to enable it 
port of #2473

Signed-off-by: Viktor Stanchev <me@viktorstanchev.com>
 2017-12-19 10:23:25 -08:00
Raphaël Enrici
8777e97b72 fixes #2249: sanitize tenant and tenantid 
If tenant or tenantid are passed as env variables, we systematically use Sprint to make sure they are string and not integer as it would make mapstructure fail.

Signed-off-by: Raphaël Enrici <raphael@root-42.com>
 2017-12-17 18:33:34 +01:00