project-zot / project-zot.github.io Goto Github PK
View Code? Open in Web Editor NEWzotregistry.dev website
Home Page: https://zotregistry.dev
License: Apache License 2.0
zotregistry.dev website
Home Page: https://zotregistry.dev
License: Apache License 2.0
Examples of search queries which can be used with the search (graphql) endpoint:
https://github.com/project-zot/zot/blob/main/pkg/extensions/search/search.md
The queries can be made from shell (see examples above) or from a UI, such as the graphql playground, or postman.
The graphql playground is available in zot built with the 'debug' build label, and reachable at: /v2/_zot/debug/graphql-playground#
Add an article on how to use the graphql playground (should this be for developers?).
No response
No response
The main commands of our ZLI have changed quite drastically and the documentation needs updates.
A major change that affects all commands/subcommands is that now the config is not specified as an argument to the command but as the --config
flag.
The --output
, -o
flag has been changed to --format
, -f
The old commands that used to be specified using flags have been moved into subcommands:
zli images --base-images
→ zli image base
zli cve --cve-id --fixed
→ zli cve fixed
etc.
I'll open a PR when I'll note how the new commands should look like for the zli.md file.
I'll list the mapping from old to new here just in case. I've notated the arguments with square brakets: [repo]
images
→ image
Old | New |
---|---|
images --name, -n | image name |
images --base-images, -b | image base |
images --derived-images, -D | image derived |
images --digest, -d | image digest |
images | image list |
cve
→ cve
Old | New |
---|---|
cve --cve-id | cve affected [cve-id] |
cve --image | cve list [repo:tag] |
cve --image --cve-id --fixed | cve fixed [repo] [cve-id] |
cve --image --cve-id | cve list [repo:tag] --cve-id |
cve --image --search | cve list [repo:tag] --cve-id |
search
→ search
Old | New |
---|---|
search --subject | search subject [repo:tag] |
search --query | search query [repo] |
repos
→ repo
Old | New |
---|---|
repos | repo list |
No response
No response
No response
v1.4.3
looking for details about how to config and use the cve scanning feature, I only see references to the zli command and the search extension at https://zotregistry.io/v1.4.3/admin-guide/admin-configuration/?h=cve#enhanced-searching-and-querying-images
We should have a separate section for this, and clearly explain what it scans and when, how to enable it, and what tools it uses under the hood.
also, does it require the search extension?
I assume it scans each tag by extracting it then scanning the resulting rootfs, probably on push, but I think we should be explicit in the docs.
n/a
No response
No response
No response
We will need a new section in the landing page which will contain simple commands to get started with Zot
One of the users reported:
If the base64 encoded user:password is provided, in determining the validity of the Basic Auth credentials, the basicAuthHandler function in authn.go, compares the bycrypt hash of the retrieved password with of password hash of the looked up username. However, while use of bycrypt by users, when encrypting passwords is sensible security, making such an assumption, without making it a documented requirement, isn't user friendly.
Maybe the user did not find the authentication document, but I think we should at least make the use of bycrypt
explicit in the text at https://zotregistry.io/v1.4.3/articles/authn-authz/#htpasswd
Right now it only mentions the B
option in the command htpasswd -bBn
, which may be too easy for the user to miss.
No response
No response
View the following link to download the report.
RunnerID:6582361822
v1.4.3
The command is wrong and must be replaced:
midgard@yggdrasil:~/work/github.com/project-zot/project-zot.github.io$ podman run -p 5000:5000 ghcr.io/project-zot/zot-linux-amd64-minimal:latest Trying to pull ghcr.io/project-zot/zot-linux-amd64-minimal:latest... Error: initializing source docker://ghcr.io/project-zot/zot-linux-amd64-minimal:latest: Requesting bear token: invalid status code from registry 403 (Forbidden)
Image name should be replaced from ghcr.io/project-zot/zot-linux-amd64-minimal:latest to ghcr.io/project-zot/zot-minimal-linux-amd64:latest
In this section https://zotregistry.io/v1.4.3/developer-guide/extensions-dev/#guidelines-for-developing-new-extensions we have a link to extension-lint-disable.go which point wrongly here:https://github.com/project-zot/zot/blob/main/pkg/extensions/lint/lint-disabled.go.
Correct link should be this one https://github.com/project-zot/zot/blob/main/pkg/extensions/lint/lint_disabled.go
Folowin the guidence from this page https://zotregistry.io/v1.4.3/developer-guide/onboarding/#supported-developer-platforms and running zot as sugested by the command here https://zotregistry.io/v1.4.3/developer-guide/onboarding/#running-zot I get a panic as below.
I suggest changing the configuration file to minimal:
bin/zot-linux-amd64 serve examples/config-minimal.json
The current panic message:
midgard@joro:~/work/github.com/adodon2go/zot$ bin/zot-linux-amd64 serve examples/config-example.json
panic: open test/data/htpasswd: no such file or directory
goroutine 1 [running]:
zotregistry.io/zot/pkg/api.(*AuthnMiddleware).TryAuthnHandlers(0xc0012ce920, 0xc000fb7600)
zotregistry.io/zot/pkg/api/authn.go:318 +0xcd6
zotregistry.io/zot/pkg/api.AuthHandler(0xc000fb7600)
zotregistry.io/zot/pkg/api/authn.go:63 +0x65
zotregistry.io/zot/pkg/api.(*RouteHandler).SetupRoutes(0xc000135dd8)
zotregistry.io/zot/pkg/api/routes.go:67 +0x30
zotregistry.io/zot/pkg/api.NewRouteHandler(...)
zotregistry.io/zot/pkg/api/routes.go:60
zotregistry.io/zot/pkg/api.(*Controller).Run(0xc000fb7600, {0x562507d4ca68?, 0xc0025d29b0?})
zotregistry.io/zot/pkg/api/controller.go:129 +0x51b
zotregistry.io/zot/pkg/cli.NewServerRootCmd.newServeCmd.func2(0xc000fb6b00?, {0xc000abc920, 0x1, 0x562505032d26?})
zotregistry.io/zot/pkg/cli/root.go:69 +0xc8
github.com/spf13/cobra.(*Command).execute(0xc000f8c600, {0xc000abc8e0, 0x1, 0x1})
github.com/spf13/[email protected]/command.go:944 +0x863
github.com/spf13/cobra.(*Command).ExecuteC(0xc000f8c300)
github.com/spf13/[email protected]/command.go:1068 +0x3a5
github.com/spf13/cobra.(*Command).Execute(0xc0000061a0?)
github.com/spf13/[email protected]/command.go:992 +0x13
main.main()
zotregistry.io/zot/cmd/zot/main.go:10 +0x18
No response
No response
No response
Update admin guide documentation to include the scheduler settings added in: project-zot/zot@d4f200c
No response
Just to be on the safe side @rchincha do we advertise this configuration to the users?
No response
View the following link to download the report.
RunnerID:4299309497
Describe the bug
A clear and concise description of what the bug is.
Document what GraphQl is and how to use it
To Reproduce
Steps to reproduce the behavior:
Expected behavior
A clear and concise description of what you expected to happen.
Screenshots
If applicable, add screenshots to help explain your problem.
Additional context
Add any other context about the problem here.
See: project-zot/zot#1381
More specifically:
Note we'd need
AllowOrigin
zot config setting needs to be specific (cannot be wildcard), and must include the UI (zui) origin.No response
No response
No response
There have been discussions on removing the z
from the zot logo, as the icon is already a stylized z
.
We're not going to go that route, but we should look into an appropriate font for the zot
test to be shown next to the logo
It would be awesome to be able to select the latest docs from the select
I want to try the latest release (2.0.0-rc7) but checking the new config or docs is a bit hard...
Add next
/ develop
as a select option, like many other projecs do
No response
No response
Add a separate article for profiling in zot.
The starting point is: https://github.com/project-zot/zot/blob/main/pkg/debug/pprof/pprof.md
This article should be linked to from:
No response
No response
No response
Right now it is not trivial to identify all http endpoints currently exposed by zot.
Let's add the list to the zot developer guide.
/ (ui) - enabled by using the ui
build label and having the ui
extension configuration enabled
/auth/login - available when OpenID authentication is enabled
/auth/logout - available when authentication is available in general (not just for OpenID, but all session-based authentication)
/auth/apikey - available when API key authentication is enabled
/auth/callback - available when OpenID authentication is enabled
/oras/artifacts/v1/ (oras) - always enabled
/metrics (metrics with extensions) - when the metrics
build label is used and the metrics
extension is enabled
/swagger/v2/ (swagger) - enabled by using the the debug
build label
/v2/ (oci spec specific endpoints) - always available
/v2/_oci/ext/discover (discover extensions per oci spec) - always available
/v2/metrics (metrics without extensions) - when metrics
extension is disabled, regardless if the metrics
build label was used or not
/v2/_zot/ext/mgmt (mgmt extension) - enabled by using the mgmt
build label and having both the search
and the ui
extensions configurations enabled.
/v2/_zot/ext/cosign (imagetrust extension) - enabled by using the imagetrust
build label and having the trust
extension configuration enabled with the cosign
option enabled
/v2/_zot/ext/notation (imagetrust extension, will have query parameters for uploading certificates for signature verification) - enabled by using the imagetrust
build label and having the trust
extension configuration enabled with the notation
option enabled
/v2/_zot/ext/search (search extension) - enabled by using the search
build label and having the search
extension configuration enabled
/v2/_zot/ext/userprefs (user preferences extension) - enabled by using the userprefs
build label and having both the search
and the ui
extensions configurations enabled.
/v2/_zot/debug/graphql-playground (graphql playground) - enabled by using the the debug
build label
We should have an article about these endpoints and how to build/enable them.
We could potentially have separate articles per feature - I don't think they are all covered at the moment.
No response
View the following link to download the report.
RunnerID:3153515364
View the following link to download the report.
RunnerID:5128068659
Original issue: project-zot/zot#1634
The PR in which the feature is implemented: project-zot/zot#1866
More specifically this readme in the PR: https://github.com/project-zot/zot/pull/1866/files#diff-49aaa2819e35a856818ecec8c9fa7e1c79ad028d3f44bd749736353cfb51bac9
No response
No response
No response
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.