TrueCloudLab
/
distribution
12
0
Fork 3
Code Issues 2 Pull Requests Packages Projects Releases 1 Wiki Activity
2,731 Commits
2 Branches
59 Tags
134 MiB
Commit Graph

957 Commits (v2.8.0)

Author SHA1 Message Date
Wang Yan 9a3ff11330 fix go check issues 
G404: Replace math rand with crypto rand

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-11-16 17:46:08 +08:00
Milos Gajdos 18230b7b34
Merge pull request #3384 from wy65701436/release/2.7-cp-3169 
[backport release/2.7]Added flag for user configurable cipher suites
 2021-03-23 15:23:04 +00:00
Derek McGowan 09109ab50a Fix gosimple checks 
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-03-23 21:03:20 +08:00
Manish Tomar 89e6568e34 Remove err nil check 
since type checking nil will not panic and return appropriately

Signed-off-by: Manish Tomar <manish.tomar@docker.com>
Signed-off-by: wang yan <wangyan@vmware.com>
 2021-03-23 21:03:16 +08:00
Manish Tomar 3c64ff10bb Fix gometalint errors 
Signed-off-by: Manish Tomar <manish.tomar@docker.com>
Signed-off-by: wang yan <wangyan@vmware.com>
 2021-03-23 21:03:10 +08:00
sayboras f807afbf85 Migrate to golangci-lint 
Signed-off-by: Tam Mach <sayboras@yahoo.com>
Signed-off-by: wang yan <wangyan@vmware.com>
 2021-03-23 21:02:54 +08:00
David Luu cc341b0110 Added flag for user configurable cipher suites 
Configuration of list of cipher suites allows a user to disable use
of weak ciphers or continue to support them for legacy usage if they
so choose.

List of available cipher suites at:
https://golang.org/pkg/crypto/tls/#pkg-constants

Default cipher suites have been updated to:
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_AES_128_GCM_SHA256
- TLS_CHACHA20_POLY1305_SHA256
- TLS_AES_256_GCM_SHA384

MinimumTLS has also been updated to include TLS 1.3 as an option
and now defaults to TLS 1.2 since 1.0 and 1.1 have been deprecated.

Signed-off-by: David Luu <david@davidluu.info>
 2021-03-23 18:42:12 +08:00
Wang Yan 3fe1d67ace close the io.ReadCloser from storage driver 
Backport PR #3309 to release/2.7

Signed-off-by: Wang Yan <wangyan@vmware.com>
 2021-02-23 18:48:00 +08:00
Smasherr cf8615dedf
Remove empty Content-Type header 
Fixes #3288

Signed-off-by: Smasherr <soundcracker@gmail.com>
(cherry picked from commit c8d90f904f)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-11-16 11:15:10 +01:00
Thomas Berger e2f006ac2b S3 Driver: added comment for missing KeyCount workaround 
Signed-off-by: Thomas Berger <loki@lokis-chaos.de>
Signed-off-by: wang yan <wangyan@vmware.com>
 2020-03-10 22:41:10 +08:00
Eohyung Lee 0a1e4a57e2 Fix s3 driver for supporting ceph radosgw 
Radosgw does not support S3 `GET Bucket` API v2 API but v1.
This API has backward compatibility, so most of this API is working
correctly but we can not get `KeyCount` in v1 API and which is only
for v2 API.

Signed-off-by: Eohyung Lee <liquidnuker@gmail.com>
 2020-03-10 22:35:31 +08:00
Vishesh Jindal afa91463d6
Bugfix: Make ipfilteredby not required 
Signed-off-by: Vishesh Jindal <vishesh92@gmail.com>
(cherry picked from commit f9a0506191)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2020-01-28 19:41:02 +01:00
David Wu caf43bbcc2 default autoredirect to false 
Signed-off-by: David Wu <david.wu@docker.com>
 2019-01-04 13:47:17 -08:00
Derek McGowan aa985ba889
Merge pull request #2711 from davidswu/autoredirect 
add autoredirect auth config
 2018-11-27 15:48:25 -08:00
Matt Tescher 7c4d584e58 add bugsnag logrus hook 
Signed-off-by: Matt Tescher <matthew.tescher@docker.com>
 2018-10-25 14:52:10 -07:00
Yongxin Li de8636b78c typo fix about overridden 
Signed-off-by: Yongxin Li <yxli@alauda.io>
 2018-09-27 20:27:09 +08:00
Rui Cao 569d18aef9 Fix some typos 
Signed-off-by: Rui Cao <ruicao@alauda.io>
 2018-09-24 09:05:44 +08:00
David Wu 2e1e6307dd add autoredirect to option 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-20 19:33:06 -07:00
David Wu b2bd465760 fix checks 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-20 15:24:27 -07:00
Viktor Stanchev f730f3ab77 add autoredirect auth config 
It redirects the user to to the Host header's domain whenever they try to use
token auth.

Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-20 14:47:43 -07:00
Olivier Gambier 16128bbac4
Merge pull request #2707 from davidswu/go-1.11 
remove dependencies on resumable
 2018-09-20 12:47:44 -07:00
liyongxin 6133840f49 typo fix from existant to existent 
Signed-off-by: liyongxin <yxli@alauda.io>
Signed-off-by: Yongxin Li <yxli@alauda.io>
 2018-09-13 19:37:13 +08:00
David Wu a927fbdb9b track digest offset in blobwriter 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-12 14:53:27 -07:00
David Wu bd41413d57 remove closenotifier 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-11 16:14:10 -07:00
David Wu 166874ade9 fix gofmt and goimports 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-11 16:14:10 -07:00
David Wu 877d706b38 remove dependencies on resumable 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-11 08:21:27 -07:00
Derek McGowan 642075f42c
Merge pull request #2631 from whoshuu/feature/improve-gcs-driver 
Improve gcs driver
 2018-09-05 17:48:03 -07:00
Derek McGowan 15de837aa8
Merge pull request #2704 from dmcgowan/fix-2703 
Fix registry stripping newlines from manifests
 2018-09-05 17:46:56 -07:00
Huu Nguyen 7a195dd5ca Add back include_gcs build constraint 
Signed-off-by: Huu Nguyen <whoshuu@gmail.com>
 2018-09-05 15:48:30 -07:00
Huu Nguyen 69299d93d9 Use existing jwtConf instead of creating a scoped one 
Signed-off-by: Huu Nguyen <whoshuu@gmail.com>
 2018-09-05 15:48:30 -07:00
Tony Holdstock-Brown f9187b2572 Add regulator to GCS 
Signed-off-by: Huu Nguyen <whoshuu@gmail.com>
 2018-09-05 15:48:30 -07:00
Andrey Kostov b424c3d870 Better error handling for GCS credential argument addition 
Signed-off-by: Andrey Kostov <kostov.andrey@gmail.com>
 2018-09-05 15:48:29 -07:00
Andrey Kostov 78238ef1a0 Add credentials argument for GCS driver 
Signed-off-by: Andrey Kostov <kostov.andrey@gmail.com>
 2018-09-05 15:48:29 -07:00
Derek McGowan c88728f217
Fix registry stripping newlines from manifests 
Content must be preserved exactly

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
 2018-09-05 13:40:42 -07:00
Ryan Abrams 6b73a9ab89 Ignore missing paths during enumeration 
It's possible to run into a race condition in which the enumerator lists
lots of repositories and then starts the long process of enumerating through
them. In that time if someone deletes a repo, the enumerator may error out.

Signed-off-by: Ryan Abrams <rdabrams@gmail.com>
 2018-09-05 10:17:08 -07:00
David Wu 8d7e4cd388 fix goimports and gofmt 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-09-04 17:45:39 -07:00
Olivier Gambier 90705d2fb8
Merge pull request #2362 from twistlock/populate_htpasswd 
Create and populate htpasswd file if missing
 2018-08-31 00:25:37 -07:00
Derek McGowan b12bd4004a
Merge pull request #2639 from andrew-leung/manifesteventlayers 
Add configurable layers in manifest events
 2018-08-28 16:03:05 -07:00
Derek McGowan 059f301d54
Merge pull request #2685 from manishtomar/mani-graceful-shutdown 
Graceful shutdown
 2018-08-27 14:24:53 -07:00
Olivier Gambier 3354cf98e3
Merge pull request #2680 from manishtomar/mani-fix-mem-leak 
fix memory leak introduced in PR #2648
 2018-08-24 14:35:12 -07:00
Derek McGowan ef859e1b21
Merge pull request #2474 from vikstrous/disable-v1-master 
disable schema1 by default, add a config flag to enable it
 2018-08-24 10:58:39 -07:00
Olivier 53bd46af5c
Merge pull request #2651 from mikebrow/manifest-version-test-on-put 
adds validation testing for schema version values
 2018-08-20 12:19:40 -07:00
Olivier 6411087274
Merge pull request #2681 from dmcgowan/update-yaml 
Update yaml parser
 2018-08-20 12:18:21 -07:00
David Wu 0b0d470281 use aws sdk to validate regions 
Signed-off-by: David Wu <david.wu@docker.com>
 2018-08-20 11:02:14 -07:00
Andrew Leung 5e4b81a578 Use references terminology instead of layers. 
Signed-off-by: Andrew Leung <anwleung@gmail.com>
 2018-08-20 10:01:40 -07:00
Manish Tomar 40efb602d6
Add support to gracefully shutdown the server 
This is done by draining the connections for configured time after registry receives a SIGTERM signal.
This adds a `draintimeout` setting under `HTTP`. Registry doesn't drain
if draintimeout is not provided.

Signed-off-by: Manish Tomar <manish.tomar@docker.com>
 2018-08-20 10:01:26 -07:00
Derek McGowan f0ee5720a5
Update yaml parser 
Mark the top level Loglevel field as deprecated

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
 2018-08-14 16:42:36 -07:00
Manish Tomar 13f8189f2a fix memory leak introduced in PR #2648 
context.App.repoRemover is single registry instance stored throughout
app run. It was wrapped in another remover when processing each request.
This remover happened to be remover got from previous request. This way
every remover created was stored in infinite linked list causing memory
leak. Fixing it by storing the wrapped remover inside the request context
which will get gced when request context is gced. This was introduced in
PR #2648.

Signed-off-by: Manish Tomar <manish.tomar@docker.com>
 2018-08-14 16:41:45 -07:00
Mike Brown 2fdb2ac270 adds validation testing for schema version values 
Signed-off-by: Mike Brown <brownwm@us.ibm.com>
 2018-08-14 08:53:54 -05:00
Derek McGowan 5f37adaa41
Merge pull request #2673 from dmp42/TLS 
Remove ciphers that do not support perfect forward secrecy
 2018-08-10 16:03:59 -07:00