Commit graph

4620 commits

Author SHA1 Message Date
Usha Mandya
fe4fad3bff Merge pull request #12266 from novakivanovski/patch-1
Self-signed certificate with Kubernetes fix
2021-04-27 10:36:41 +01:00
Matin Rahmanian
835651e513
Release ticker resources
Signed-off-by: Matin Rahmanian <itsmatinx@gmail.com>
2021-04-26 23:43:06 +02:00
Wang Yan
a9d8a05d08
Merge pull request #3398 from thaJeztah/update_yaml
go.mod: gopkg.in/yaml.v2 v2.4.0, sirupsen/logrus v1.8.1
2021-04-26 12:44:34 +08:00
eyjhb
9cf39997af
added pagination error to api docs
Signed-off-by: eyjhb <eyjhbb@gmail.com>
2021-04-23 18:06:04 +02:00
eyjhb
4da2712b52
added pagination to v2/<name>/tags/list endpoint
Signed-off-by: eyjhb <eyjhbb@gmail.com>
2021-04-23 18:06:04 +02:00
eyjhbb@gmail.com
febc8733d2
added error codes for pagination
Signed-off-by: eyjhb <eyjhbb@gmail.com>
2021-04-23 18:06:03 +02:00
João Pereira
a27b0c4952
Merge pull request #3161 from bloodorangeio/redis-tls
Add configuration option for Redis TLS
2021-04-23 16:52:54 +01:00
Usha Mandya
f4119da7bd Merge pull request #12735 from thaJeztah/vlan_network
Migrate IPvlan docs from CLI to docs repository
2021-04-23 15:36:53 +01:00
Usha Mandya
b70327a8ec Merge pull request #12702 from stefanloerwald/patch-2
Fixes docker/distribution-library-image/issues/107
2021-04-23 11:00:08 +01:00
Sebastiaan van Stijn
e2872d1d2a Migrate IPvlan docs from CLI to docs repository
Merge remote-tracking branch 'cli_temp/master' into vlan_network

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-04-22 19:27:57 +02:00
Sebastiaan van Stijn
226ad1e639
go.mod: update logrus to v1.8.1
Newer versions contain fixes for recent Go versions, and this removes
the dependency on github.com/konsorten/go-windows-terminal-sequences

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-04-22 14:36:56 +02:00
Sebastiaan van Stijn
06c8d441f8
go.mod: gopkg.in/yaml.v2 v2.4.0
This updates the package to a version to include the security fixes in v2.2.3.

Version 2.3.0 was known introduce a breaking change for some users, so using
the latest (v2.4.0)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-04-22 14:31:11 +02:00
Ben De St Paer-Gotch
a49afdbd98 Adding in points to clarify usage of official images (#12713)
* Adding in points to clarify usage of official images

* Minor style update

Co-authored-by: Usha Mandya <47779042+usha-mandya@users.noreply.github.com>
2021-04-20 11:39:12 +01:00
Stefan Lörwald
0a7648edb5 Fixes docker/distribution-library-image/issues/107
The registry docker image no longer contains htpasswd.
2021-04-19 12:05:01 +02:00
Wei Fu
9e618c90c3 registry: verify digest and check blob presence when put manifest
According to OCI image spec, the descriptor's digest field is required.
For the normal config/layer blobs, the valivation should check the
presence of the blob when put manifest.

REF: https://github.com/opencontainers/image-spec/blob/v1.0.1/descriptor.md

Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>
Signed-off-by: Wei Fu <fuweid89@gmail.com>
2021-04-16 16:11:52 +08:00
Milos Gajdos
6891d94832
Merge pull request #3309 from Mark3K/close-manifests-reader
close the io.ReadCloser from storage driver
2021-04-12 15:41:12 +01:00
Wang Yan
6affafd1f0
Merge pull request #3386 from milosgajdos/release-tag
Add docker image release workflow
2021-03-30 11:30:24 +08:00
Milos Gajdos
1b3c5c71ef
Merge pull request #3341 from distribution/add-codeql-security
Add CodeQL Security Scanning
2021-03-29 18:49:07 +01:00
Chris Aniszczyk
62fc5c8a33
Remove autobuild
Signed-off-by: Chris Aniszczyk <caniszczyk@gmail.com>
2021-03-29 12:39:10 -05:00
Milos Gajdos
a0aad57208
Make workflow name shorter.
Signed-off-by: Milos Gajdos <milosgajdos83@gmail.com>
2021-03-25 10:24:30 +00:00
sangluo
334a7e7ff6 close the io.ReadCloser from storage drive
Signed-off-by: sangluo <sangluo@pinduoduo.com>
2021-03-24 17:58:35 +08:00
Wang Yan
077b38b95e
Merge pull request #3364 from Agilicus/escape-json
fix: disable DisableHTMLEscape on logrus json logging
2021-03-24 11:16:55 +08:00
Milos Gajdos
23b570272b
Add docker image release workflow
Signed-off-by: Milos Gajdos <milosgajdos83@gmail.com>
2021-03-23 19:25:58 +00:00
Wang Yan
b459aa2391
Merge pull request #3383 from wy65701436/fix-ci
fix CI dependency error
2021-03-24 00:44:06 +08:00
Wang Yan
68ce15863a fix CI dependency error
Fix the failure reported by git action

Package python-minimal is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
However the following packages replace it:
  python2-minimal

E: Package 'python-minimal' has no installation candidate

Signed-off-by: Wang Yan <wangyan@vmware.com>
2021-03-23 18:04:17 +08:00
Derek McGowan
a01c71e247
Merge pull request #2815 from bainsy88/issue_2814
Add code to handle pagination of parts. Fixes max layer size of 10GB bug
2021-03-16 09:12:03 -07:00
Simon
b2ac3a2884 TASK: Add codeblocks to code examples
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-03-04 12:06:54 +01:00
Wang Yan
89337b7a25
Merge pull request #3371 from AkihiroSuda/remove-wrong-arm
docs/spec/manifest-v2-2.md: fix ARM variant
2021-03-04 10:57:22 +08:00
Milos Gajdos
a52b8d80fd
Merge pull request #3136 from adamwg/consistent-log-fields
log: Include configured fields in all logs
2021-03-02 09:49:31 +00:00
Milos Gajdos
3eee56e2ca
Merge pull request #2911 from ywk253100/populate_platform
Populate the platform information when calling the References() method of manifest list
2021-03-02 09:44:46 +00:00
Wenkai Yin
1a059fe78d Populate the platform information when calling the References() method of manifest list
Populate the platform information when calling the References() method of manifest list

Signed-off-by: Wenkai Yin <yinw@vmware.com>
2021-03-02 10:18:53 +08:00
Josh Dolitsky
32ccbf193d
Add configuration option for Redis TLS
Signed-off-by: Josh Dolitsky <josh@dolit.ski>
2021-03-01 18:55:56 -05:00
Adam Wolfe Gordon
43e502590f log: Include configured fields in all logs
It's possible to configure log fields in the configuration file, and we would
like these fields to be included in all logs. Previously these fields were
included only in logs produced using the main routine's context, meaning that
any logs from a request handler were missing the fields since those use a
context based on the HTTP request's context.

Add a configurable default logger to the `context` package, and set it when
configuring logging at startup time.

Signed-off-by: Adam Wolfe Gordon <awg@digitalocean.com>
2021-03-01 14:44:56 -07:00
Derek McGowan
8ad732972e
Remove duplicate code of conduct
A code of conduct file has already been added to the root which
can replace this

Signed-off-by: Derek McGowan <derek@mcg.dev>
2021-03-01 12:22:06 -08:00
Derek McGowan
90e62ac24c
Merge pull request #2979 from avtakkar/avtakkar/fix-domain-split
Fix bug in parsing domain from repository reference
2021-03-01 09:35:14 -08:00
Derek McGowan
1c65757158
Merge pull request #3348 from wy65701436/e2e
Add a basic e2e test for CI
2021-03-01 09:34:29 -08:00
Milos Gajdos
17ab8afeec
Merge pull request #3174 from adamwg/manifest-delete-by-tag
manifests: Return UNSUPPORTED when deleting manifests by tag
2021-03-01 17:21:03 +00:00
Milos Gajdos
5a76dc8df1
Merge pull request #3169 from d-luu/configurable_ciphersuites
Added flag for user-configurable cipher suites

Thanks, @d-luu for putting the effort into this. Much appreciated!
2021-02-26 08:17:32 +00:00
David Luu
1e625d0076 Added flag for user configurable cipher suites
Configuration of list of cipher suites allows a user to disable use
of weak ciphers or continue to support them for legacy usage if they
so choose.

List of available cipher suites at:
https://golang.org/pkg/crypto/tls/#pkg-constants

Default cipher suites have been updated to:
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
- TLS_AES_128_GCM_SHA256
- TLS_CHACHA20_POLY1305_SHA256
- TLS_AES_256_GCM_SHA384

MinimumTLS has also been updated to include TLS 1.3 as an option
and now defaults to TLS 1.2 since 1.0 and 1.1 have been deprecated.

Signed-off-by: David Luu <david@davidluu.info>
2021-02-25 14:19:56 -06:00
Akihiro Suda
c432849e44
docs/spec/manifest-v2-2.md: fix ARM variant
The correct `vairant` string for ARM v6 is "v6", not "armv6l".

There is no known implementation that actually uses "armv6l".

See the discussion in opencontainers/image-spec PR 817

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2021-02-25 17:51:26 +09:00
Wang Yan
785fe625ca
Merge pull request #3222 from olegburov/bump-golang-alpine
Bump Golang to `1.15`.
2021-02-25 14:34:20 +08:00
olegburov
49f7426dcb
Bump Golang to 1.15 and Alpine to 3.12.
Signed-off-by: olegburov <oleg.burov@outlook.com>
2021-02-21 14:56:54 -08:00
João Pereira
f89664f7d1
Merge pull request #3240 from olegburov/bump-logrus-logstash-hook
Upgrade Logstash hook for Logrus to 1.0.0
2021-02-21 13:09:51 +00:00
Chris Patterson
cac0eed76f
Merge pull request #3362 from thomasrockhu/codecov-badge
Add Codecov badge
2021-02-19 12:17:28 -05:00
Don Bowman
9c43ba9dcc
fix: disable DisableHTMLEscape on logrus json logging
Fixes #3363

Without this, we emit illegal json logs, the user-agent
ends up as:

```
"http.request.useragent": "docker/19.03.4 go/go1.12.10 git-commit/9013bf583a kernel/5.10.10-051010-generic os/linux arch/amd64 UpstreamClient(Docker-Client/19.03.4 \(linux\))"
```

which is not valid according to [spec](https://www.json.org/json-en.html)

specifically, string: "<any codepoint except " or \ or control>*"

Signed-off-by: Don Bowman <don@agilicus.com>
2021-02-15 13:16:27 -05:00
olegburov
907e7be545 Bump Logstash hook for logrus to v1.0.0.
Signed-off-by: olegburov <oleg.burov@outlook.com>
2021-02-11 21:51:13 -08:00
Tom Hu
c95293bbdf Add Codecov badge
Signed-off-by: Tom Hu <tomhu1096@gmail.com>
2021-02-10 13:38:38 -05:00
Wang Yan
22c074842e
Merge pull request #3225 from thaJeztah/fix_gomod
go.mod: change imports to github.com/distribution/distribution/v3
2021-02-09 12:28:32 +08:00
Sebastiaan van Stijn
1d33874951
go.mod: change imports to github.com/distribution/distribution/v3
Go 1.13 and up enforce import paths to be versioned if a project
contains a go.mod and has released v2 or up.

The current v2.x branches (and releases) do not yet have a go.mod,
and therefore are still allowed to be imported with a non-versioned
import path (go modules add a `+incompatible` annotation in that case).

However, now that this project has a `go.mod` file, incompatible
import paths will not be accepted by go modules, and attempting
to use code from this repository will fail.

This patch uses `v3` for the import-paths (not `v2`), because changing
import paths itself is a breaking change, which means that  the
next release should increment the "major" version to comply with
SemVer (as go modules dictate).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-02-08 18:30:46 +01:00
João Pereira
6200038bc7
Merge pull request #3204 from stefannica/fsDriverRelaxedPermissions
Relax filesystem driver folder permissions to 0777
2021-02-06 16:12:02 +00:00