Commit graph

5350 commits

Author SHA1 Message Date
Milos Gajdos
7a6b9e3042
Merge pull request #3640 from crazy-max/lint
lint target and workflow job
2022-05-04 19:04:56 +01:00
CrazyMax
7548c315f8
cleanup old check behavior
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-05-04 11:12:19 +02:00
CrazyMax
26a586cf39
lint target and workflow job
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-05-04 11:12:19 +02:00
Milos Gajdos
7846381718
Merge pull request #3641 from crazy-max/use-xx
Dockerfile: switch to xx
2022-05-04 08:25:34 +01:00
CrazyMax
87f93ede9e
Dockerfile: switch to xx
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-05-03 20:07:07 +02:00
Milos Gajdos
edf5aa3c39
Merge pull request #3634 from crazy-max/dev-vendor
validate and update vendor targets
2022-04-27 08:49:07 +01:00
João Pereira
a7fc49b067
Merge pull request #3622 from ddelange/patch-1
Support all S3 instant retrieval storage classes
2022-04-26 10:23:14 +01:00
Bracken Dawson
b2b3f86039
Remove workaround from 2.1.1 for faulty 2.1.0 manifest links
This reverts commit 06a098c632

This changes the function of linkedBlobStatter.Clear(). It was either removing the first of two possible manifest links or returning nil if none were found. Now it once again it removes only the valid manifest link or returns an error if none are found.

Signed-off-by: Bracken Dawson <abdawson@gmail.com>
2022-04-25 13:01:44 +01:00
Milos Gajdos
5fe693474e
Merge pull request #2291 from lucab/ups/spec-fixes
docs/spec: provide valid manifest examples
2022-04-22 18:01:03 +01:00
Wang Yan
9332c3cc7b
Merge pull request #3498 from hasheddan/md-links-oauth
(docs) Fix rendering of markdown links in OAuth docs HTML
2022-04-23 00:33:20 +08:00
CrazyMax
de240721ff
cleanup old vendor validation behavior
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-04-22 16:24:54 +02:00
CrazyMax
c052659543
mod-outdated target to check for outdated dependencies
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-04-22 16:24:54 +02:00
CrazyMax
ffa3019c1f
validate and update vendor target
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-04-22 15:32:01 +02:00
Milos Gajdos
27b5563245
Merge pull request #3624 from milosgajdos/aws-s3-listv2
Update s3 ListObjects to V2 API
2022-04-22 13:34:13 +01:00
Milos Gajdos
1b7ce0e691
Merge pull request #3632 from drycc/main
Add forcepathstyle parameter for s3
2022-04-22 13:29:57 +01:00
duanhongyi
15de9e21ba Add forcepathstyle parameter for s3
Signed-off-by: duanhongyi <duanhongyi@doopai.com>
2022-04-20 08:44:12 +08:00
Radon Rosborough
d64056afdc Explain important caveat in htpasswd tutorial
Signed-off-by: Radon Rosborough <radon.neon@gmail.com>
2022-04-15 20:02:57 -07:00
Milos Gajdos
48f3d9ad29
Fix typo
Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
2022-04-09 12:31:27 +01:00
Milos Gajdos
8eab5d1bd6
Update s3 ListObjects to V2 API
Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
2022-04-09 12:16:46 +01:00
TaylorKanper
18b2b9f455 Added some secure compilation options PIE
Signed-off-by: TaylorKanper <tony_kanper@hotmail.com>
2022-04-06 08:41:29 +08:00
Milos Gajdos
cd51f38d53
Merge pull request #3181 from pimuzzo/s3-transfer-accelerate
Add new parameter accelerate to S3 storage driver.
2022-04-04 18:50:50 +01:00
Simone Locci
80952c9e2b
Rename s3accelerate parameter to accelerate
Signed-off-by: Simone Locci <simonelocci88@gmail.com>
2022-04-04 19:35:21 +02:00
Simone Locci
ea27621d4a
Fix review
Signed-off-by: Simone Locci <simonelocci88@gmail.com>
2022-04-04 19:35:09 +02:00
Kirat Singh
51c0c8148a
Add new parameter s3accelerate to S3 storage driver.
If s3accelerate is set to true then we turn on S3 Transfer
Acceleration via the AWS SDK.  It defaults to false since this is an
opt-in feature on the S3 bucket.

Signed-off-by: Kirat Singh <kirat.singh@wsq.io>
Signed-off-by: Simone Locci <simonelocci88@gmail.com>
2022-04-04 19:34:57 +02:00
ddelange
966fae5463
Add tests for all supported storage classes
Signed-off-by: ddelange <14880945+ddelange@users.noreply.github.com>
2022-04-04 10:54:18 +02:00
TaylorKanper
69b1e01166 Added some secure compilation options, especially PIE and RELRO.
Signed-off-by: TaylorKanper <tony_kanper@hotmail.com>
2022-04-02 10:09:59 +08:00
Milos Gajdos
dc7f44b613
Merge pull request #3112 from dmcgowan/update-coc 2022-04-01 23:31:22 +01:00
ddelange
fb937deabf
Support all S3 instant retrieval storage classes
Signed-off-by: ddelange <14880945+ddelange@users.noreply.github.com>
2022-04-01 11:55:35 +02:00
Milos Gajdos
d2c9f72c6b
Merge pull request #3615 from zhsj/inmem-panic
Fix panic in inmemory driver
2022-03-27 16:20:31 +01:00
Milos Gajdos
e277c5cde9
Merge pull request #3613 from Jamstah/storage-test-fix
Incorrect variable in test output
2022-03-27 16:17:10 +01:00
Shengjing Zhu
1a75c71907 Fix panic in inmemory driver
Signed-off-by: Shengjing Zhu <zhsj@debian.org>
2022-03-27 19:38:07 +08:00
James Hewitt
25bd1f704d
Incorrect variable in test output
Looks like a copy-paste bug from the same test for the image manifest.

Signed-off-by: James Hewitt <james.hewitt@uk.ibm.com>
2022-03-27 11:05:47 +01:00
Milos Gajdos
a6047a8c93
Merge pull request #3606 from taharah/aws-sdk
go.mod: github.com/aws/aws-sdk-go v1.43.16
2022-03-22 08:42:45 +00:00
João Pereira
514cbd71be
Merge pull request #3519 from jtherin/mpu-paginate
fix: paginate through s3 multipart uploads
2022-03-11 16:06:46 +00:00
Trevor Wood
decc64eb5c
go.mod: github.com/aws/aws-sdk-go v1.43.16
Signed-off-by: Trevor Wood <Trevor.G.Wood@gmail.com>
2022-03-10 20:27:01 -05:00
Milos Gajdos
a4d9db5a88
Merge pull request #3397 from thaJeztah/restore_docs2
Restore documentation that was moved to docker docs repository (take 2)
2022-02-08 18:32:05 +00:00
Milos Gajdos
e7e4dd4f54
Merge pull request #3585 from crazy-max/ci-gitref
ci: use proper git ref for versioning
2022-02-08 12:13:45 +00:00
CrazyMax
fabf9cd4e9
ci: use proper git ref for versioning
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-02-08 12:53:38 +01:00
João Pereira
65bcba49a0
Merge pull request #3575 from thaJeztah/update_autorest
go.mod: github.com/Azure/go-autorest/autorest v0.11.24
2022-02-07 11:45:46 +00:00
Milos Gajdos
b60926597a
Merge pull request #3580 from milosgajdos/update-linter
Update golangci-lint version and fix reports
2022-01-28 17:56:47 +00:00
Hayley Swimelar
c6945a972a
Merge pull request #3579 from milosgajdos/fix-fuzzer
Fix: Avoid a false type assertion in the inmemory driver
2022-01-28 09:10:58 -08:00
Sebastiaan van Stijn
4f1c1e4268
go.mod: github.com/Azure/go-autorest/autorest v0.11.24
Update the indirect dependency to remove the transitional github.com/form3tech-oss/jwt-go
dependency from the dependency graph.

Updates:

- github.com/Azure/go-autorest/autorest v0.11.24: https://github.com/Azure/go-autorest/compare/autorest/v0.11.20...autorest/v0.11.24
- github.com/Azure/go-autorest/autorest/adal v0.9.18: https://github.com/Azure/go-autorest/compare/autorest/adal/v0.9.15...autorest/adal/v0.9.18
- github.com/golang-jwt/jwt v4.2.0: https://github.com/golang-jwt/jwt/compare/v4.0.0...v4.2.0
- golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3: 32db794688...e495a2d5b3

Before this:

    go mod graph | grep 'jwt'
    github.com/Azure/go-autorest/autorest/adal@v0.9.15 github.com/golang-jwt/jwt/v4@v4.0.0
    github.com/Azure/go-autorest/autorest/adal@v0.9.13 github.com/form3tech-oss/jwt-go@v3.2.2+incompatible

After this:

    go mod graph | grep 'jwt'
    github.com/Azure/go-autorest/autorest@v0.11.24 github.com/golang-jwt/jwt/v4@v4.2.0
    github.com/Azure/go-autorest/autorest/adal@v0.9.18 github.com/golang-jwt/jwt/v4@v4.0.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-01-28 18:02:58 +01:00
Milos Gajdos
ebd3f44146
Update golangci-lint version and fix reports
This commit updates golangci-lint to v1.44.0.
It also removes deprecated golint in favour of revive linter.
Finally, it addresses an issue reported by linter.

Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
2022-01-28 11:21:00 +00:00
Milos Gajdos
676691ce6d
Fix: Avoid a false type assertion in the inmemory driver
This issue was discovered by the following fuzzer:
https://github.com/cncf/cncf-fuzzing/blob/main/projects/distribution/inmemory_fuzzer.go#L24

Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
2022-01-28 11:00:37 +00:00
João Pereira
be4c921514
Merge pull request #3228 from thaJeztah/bump_cobra
go.mod: spf13/cobra v1.0.0
2022-01-27 12:44:32 +00:00
Sebastiaan van Stijn
79ead619be
go.mod: spf13/cobra v1.0.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-01-26 16:59:40 +01:00
Sebastiaan van Stijn
f9c1b86feb
go.mod: add replace rule to prevent unwanted updateds of grpc and jwt-go
This replace rule is to prevent unwanted updates of grpc and jwt-go. When updating
spf13/cobra, we noticed that google.golang.org/grpc got updated.

Doing a search to find which modules (note here that `go mod graph` only looks
at dependencies from a `go modules` perspective, and not all the (current version)
of our dependencies use go modules).

And I found that the only _modules_ depending on it are `github.com/spf13/viper`
and `github.com/grpc-ecosystem/grpc-gateway`:

```bash
$ go mod graph | grep ' google.golang.org/grpc'
github.com/spf13/viper@v1.4.0 google.golang.org/grpc@v1.21.0
github.com/grpc-ecosystem/grpc-gateway@v1.9.0 google.golang.org/grpc@v1.19.0
```

Of those, `github.com/grpc-ecosystem/grpc-gateway` is a dependency of
`github.com/spf13/viper`:

```bash
$ go mod graph | grep ' github.com/grpc-ecosystem/grpc-gateway'
github.com/spf13/viper@v1.4.0 github.com/grpc-ecosystem/grpc-gateway@v1.9.0
```

So looking at that one, it's a dependency of cobra:

```bash
$ go mod graph | grep ' github.com/spf13/viper@v1.4.0'
github.com/spf13/cobra@v1.0.0 github.com/spf13/viper@v1.4.0
```

Ironically, while both `github.com/spf13/viper` and `github.com/grpc-ecosystem/grpc-gateway`,
depend on `google.golang.org/grpc` and (through their `go.mod`) are responsible
for `go mod` to update the dependency version of grpc, none of them are used:

```bash
cat vendor/modules.txt | grep github.com/spf13/viper
cat vendor/modules.txt | grep github.com/grpc-ecosystem/grpc-gateway
```

Unfortunately, `go modules` looks at `go.mod` to determine the *minimum version*
required; _even if the parts of the modules specifying it in the `go.mod` are unused_.

This patch adds a `replace` rule in go.mod to prevent updating grpc based on
other dependencies that _declare_ `google.golang.org/grpc` as a dependency,
but are not used and, hence, should not influence the minumum version.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-01-26 16:59:38 +01:00
Milos Gajdos
02e2231e60
Merge pull request #3576 from justadogistaken/optimize/disable-insecure-cipher-suites
optimize: disable insecure cipher suites
2022-01-26 15:53:28 +00:00
baojiangnan
4363fb1ef4 disable insecure cipher suites
This commit removes the following cipher suites that are known to be insecure:

TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
TLS_ECDHE_RSA_WITH_RC4_128_SHA
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

And this commit deletes the tlsVersions of tls1.0 and tls1.1. The tls1.2 is the minimal supported tls version for creating a safer tls configuration.

Signed-off-by: david.bao <baojn1998@163.com>
2022-01-25 17:18:44 +08:00
Milos Gajdos
8925814ba1
Merge pull request #3571 from crazy-max/update-ci-release 2022-01-21 21:04:00 +00:00