Commit graph

5360 commits

Author SHA1 Message Date
Ben De St Paer-Gotch
a49afdbd98 Adding in points to clarify usage of official images (#12713)
* Adding in points to clarify usage of official images

* Minor style update

Co-authored-by: Usha Mandya <47779042+usha-mandya@users.noreply.github.com>
2021-04-20 11:39:12 +01:00
Stefan Lörwald
0a7648edb5 Fixes docker/distribution-library-image/issues/107
The registry docker image no longer contains htpasswd.
2021-04-19 12:05:01 +02:00
Wei Fu
9e618c90c3 registry: verify digest and check blob presence when put manifest
According to OCI image spec, the descriptor's digest field is required.
For the normal config/layer blobs, the valivation should check the
presence of the blob when put manifest.

REF: https://github.com/opencontainers/image-spec/blob/v1.0.1/descriptor.md

Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>
Signed-off-by: Wei Fu <fuweid89@gmail.com>
2021-04-16 16:11:52 +08:00
Milos Gajdos
6891d94832
Merge pull request #3309 from Mark3K/close-manifests-reader
close the io.ReadCloser from storage driver
2021-04-12 15:41:12 +01:00
Wang Yan
6affafd1f0
Merge pull request #3386 from milosgajdos/release-tag
Add docker image release workflow
2021-03-30 11:30:24 +08:00
Milos Gajdos
1b3c5c71ef
Merge pull request #3341 from distribution/add-codeql-security
Add CodeQL Security Scanning
2021-03-29 18:49:07 +01:00
Chris Aniszczyk
62fc5c8a33
Remove autobuild
Signed-off-by: Chris Aniszczyk <caniszczyk@gmail.com>
2021-03-29 12:39:10 -05:00
Milos Gajdos
a0aad57208
Make workflow name shorter.
Signed-off-by: Milos Gajdos <milosgajdos83@gmail.com>
2021-03-25 10:24:30 +00:00
sangluo
334a7e7ff6 close the io.ReadCloser from storage drive
Signed-off-by: sangluo <sangluo@pinduoduo.com>
2021-03-24 17:58:35 +08:00
Wang Yan
077b38b95e
Merge pull request #3364 from Agilicus/escape-json
fix: disable DisableHTMLEscape on logrus json logging
2021-03-24 11:16:55 +08:00
Milos Gajdos
23b570272b
Add docker image release workflow
Signed-off-by: Milos Gajdos <milosgajdos83@gmail.com>
2021-03-23 19:25:58 +00:00
Wang Yan
b459aa2391
Merge pull request #3383 from wy65701436/fix-ci
fix CI dependency error
2021-03-24 00:44:06 +08:00
Wang Yan
68ce15863a fix CI dependency error
Fix the failure reported by git action

Package python-minimal is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
However the following packages replace it:
  python2-minimal

E: Package 'python-minimal' has no installation candidate

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-03-23 18:04:17 +08:00
Derek McGowan
a01c71e247
Merge pull request #2815 from bainsy88/issue_2814
Add code to handle pagination of parts. Fixes max layer size of 10GB bug
2021-03-16 09:12:03 -07:00
Simon
b2ac3a2884 TASK: Add codeblocks to code examples
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-03-04 12:06:54 +01:00
Wang Yan
89337b7a25
Merge pull request #3371 from AkihiroSuda/remove-wrong-arm
docs/spec/manifest-v2-2.md: fix ARM variant
2021-03-04 10:57:22 +08:00
Milos Gajdos
a52b8d80fd
Merge pull request #3136 from adamwg/consistent-log-fields
log: Include configured fields in all logs
2021-03-02 09:49:31 +00:00
Milos Gajdos
3eee56e2ca
Merge pull request #2911 from ywk253100/populate_platform
Populate the platform information when calling the References() method of manifest list
2021-03-02 09:44:46 +00:00
Wenkai Yin
1a059fe78d Populate the platform information when calling the References() method of manifest list
Populate the platform information when calling the References() method of manifest list

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-03-02 10:18:53 +08:00
Josh Dolitsky
32ccbf193d
Add configuration option for Redis TLS
Signed-off-by: Josh Dolitsky <josh@dolit.ski>
2021-03-01 18:55:56 -05:00
Adam Wolfe Gordon
43e502590f log: Include configured fields in all logs
It's possible to configure log fields in the configuration file, and we would
like these fields to be included in all logs. Previously these fields were
included only in logs produced using the main routine's context, meaning that
any logs from a request handler were missing the fields since those use a
context based on the HTTP request's context.

Add a configurable default logger to the `context` package, and set it when
configuring logging at startup time.

Signed-off-by: Adam Wolfe Gordon <awg@digitalocean.com>
2021-03-01 14:44:56 -07:00
Derek McGowan
8ad732972e
Remove duplicate code of conduct
A code of conduct file has already been added to the root which
can replace this

Signed-off-by: Derek McGowan <derek@mcg.dev>
2021-03-01 12:22:06 -08:00
Derek McGowan
90e62ac24c
Merge pull request #2979 from avtakkar/avtakkar/fix-domain-split
Fix bug in parsing domain from repository reference
2021-03-01 09:35:14 -08:00
Derek McGowan
1c65757158
Merge pull request #3348 from wy65701436/e2e
Add a basic e2e test for CI
2021-03-01 09:34:29 -08:00
Milos Gajdos
17ab8afeec
Merge pull request #3174 from adamwg/manifest-delete-by-tag
manifests: Return UNSUPPORTED when deleting manifests by tag
2021-03-01 17:21:03 +00:00
Milos Gajdos
5a76dc8df1
Merge pull request #3169 from d-luu/configurable_ciphersuites
Added flag for user-configurable cipher suites

Thanks, @d-luu for putting the effort into this. Much appreciated!
2021-02-26 08:17:32 +00:00
David Luu
1e625d0076 Added flag for user configurable cipher suites
Configuration of list of cipher suites allows a user to disable use
of weak ciphers or continue to support them for legacy usage if they
so choose.

List of available cipher suites at:
https://golang.org/pkg/crypto/tls/#pkg-constants

Default cipher suites have been updated to:
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_AES_128_GCM_SHA256
- TLS_CHACHA20_POLY1305_SHA256
- TLS_AES_256_GCM_SHA384

MinimumTLS has also been updated to include TLS 1.3 as an option
and now defaults to TLS 1.2 since 1.0 and 1.1 have been deprecated.

Signed-off-by: David Luu <david@davidluu.info>
2021-02-25 14:19:56 -06:00
Akihiro Suda
c432849e44
docs/spec/manifest-v2-2.md: fix ARM variant
The correct `vairant` string for ARM v6 is "v6", not "armv6l".

There is no known implementation that actually uses "armv6l".

See the discussion in opencontainers/image-spec PR 817

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2021-02-25 17:51:26 +09:00
Wang Yan
785fe625ca
Merge pull request #3222 from olegburov/bump-golang-alpine
Bump Golang to `1.15`.
2021-02-25 14:34:20 +08:00
olegburov
49f7426dcb
Bump Golang to 1.15 and Alpine to 3.12.
Signed-off-by: olegburov <oleg.burov@outlook.com>
2021-02-21 14:56:54 -08:00
João Pereira
f89664f7d1
Merge pull request #3240 from olegburov/bump-logrus-logstash-hook
Upgrade Logstash hook for Logrus to 1.0.0
2021-02-21 13:09:51 +00:00
Chris Patterson
cac0eed76f
Merge pull request #3362 from thomasrockhu/codecov-badge
Add Codecov badge
2021-02-19 12:17:28 -05:00
Don Bowman
9c43ba9dcc
fix: disable DisableHTMLEscape on logrus json logging
Fixes #3363

Without this, we emit illegal json logs, the user-agent
ends up as:

```
"http.request.useragent": "docker/19.03.4 go/go1.12.10 git-commit/9013bf583a kernel/5.10.10-051010-generic os/linux arch/amd64 UpstreamClient(Docker-Client/19.03.4 \(linux\))"
```

which is not valid according to [spec](https://www.json.org/json-en.html)

specifically, string: "<any codepoint except " or \ or control>*"

Signed-off-by: Don Bowman <don@agilicus.com>
2021-02-15 13:16:27 -05:00
olegburov
907e7be545 Bump Logstash hook for logrus to v1.0.0.
Signed-off-by: olegburov <oleg.burov@outlook.com>
2021-02-11 21:51:13 -08:00
Tom Hu
c95293bbdf Add Codecov badge
Signed-off-by: Tom Hu <tomhu1096@gmail.com>
2021-02-10 13:38:38 -05:00
Wang Yan
22c074842e
Merge pull request #3225 from thaJeztah/fix_gomod
go.mod: change imports to github.com/distribution/distribution/v3
2021-02-09 12:28:32 +08:00
Sebastiaan van Stijn
1d33874951
go.mod: change imports to github.com/distribution/distribution/v3
Go 1.13 and up enforce import paths to be versioned if a project
contains a go.mod and has released v2 or up.

The current v2.x branches (and releases) do not yet have a go.mod,
and therefore are still allowed to be imported with a non-versioned
import path (go modules add a `+incompatible` annotation in that case).

However, now that this project has a `go.mod` file, incompatible
import paths will not be accepted by go modules, and attempting
to use code from this repository will fail.

This patch uses `v3` for the import-paths (not `v2`), because changing
import paths itself is a breaking change, which means that  the
next release should increment the "major" version to comply with
SemVer (as go modules dictate).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-08 18:30:46 +01:00
João Pereira
6200038bc7
Merge pull request #3204 from stefannica/fsDriverRelaxedPermissions
Relax filesystem driver folder permissions to 0777
2021-02-06 16:12:02 +00:00
João Pereira
66fae5e443
Merge pull request #3265 from cydu-cloud/master
Update repo normalize error message to include name
2021-02-06 16:10:21 +00:00
João Pereira
f82e1c2332
Merge pull request #3300 from jubalh/sp
Fix minor spelling mistakes
2021-02-06 16:03:09 +00:00
João Pereira
d7476f67c1
Merge pull request #3229 from thaJeztah/remove_md2man
scripts: remove unused md2man from dev-tools
2021-02-06 16:02:20 +00:00
João Pereira
65279ea676
Merge pull request #3305 from justincormack/update-readme
Update README
2021-02-06 15:29:59 +00:00
João Pereira
a18ebf9f78
Merge pull request #3146 from andriisoldatenko/get-rid-apache2-utils
Remove apache2-utils from Dockerfile
2021-02-06 15:26:45 +00:00
João Pereira
038a5060de
Merge pull request #2905 from 2opremio/master
Honor contexts passed to registry client methods
2021-02-06 15:25:03 +00:00
João Pereira
3f0d066b5d
Merge pull request #3244 from patrickeasters/patch-1
Fix typo for image digest regular expression in spec
2021-02-06 11:28:55 +00:00
Novak Ivanovski
e7dc768ae5 Self-signed certificate with Kubernetes fix
In Go 1.15 there is common name deprecation for using Common name:
https://golang.google.cn/doc/go1.15#commonname

This causes the self-signed cert to be rejected by some Kubernetes platforms:
https://stackoverflow.com/questions/64814173/how-do-i-use-sans-with-openssl-instead-of-common-name

Fix is to add this field to the cert.
2021-02-05 23:58:09 -05:00
Patrick Easters
639de6a02f Fix typo for digest regexp
Signed-off-by: Patrick Easters <peasters@redhat.com>
2021-02-05 14:52:27 -05:00
João Pereira
a637ebcd01
Merge pull request #3242 from olegburov/bump-gorilla-handlers
Upgrade Gorilla Handlers to 1.5.1
2021-02-03 18:58:04 +00:00
João Pereira
e15438df55
Merge pull request #3201 from davidwarshaw/patch-1
Clarify repo name regex intention
2021-02-03 18:55:55 +00:00
Michael Vetter
4d34a31762 Correct spelling: decription -> description
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2021-02-03 13:12:23 +01:00