Coder Social home page Coder Social logo

project-zot.github.io's People

Contributors

adodon2go avatar ameliamariabreda avatar chammach avatar developer-guy avatar mbshields avatar raulkele avatar rchamarthy avatar rchincha avatar

Stargazers

avatar avatar avatar

Watchers

avatar avatar

Forkers

rchincha adodon2go raulkele ameliamariabreda developer-guy chammach junosuarez mbshields imjasonh andreea-lupu laurentiuniculae aokirisaki peusebiu

project-zot.github.io's Issues

[Feat]: Add an article on the graphql playground feature

Is your feature request related to a problem? Please describe.

Examples of search queries which can be used with the search (graphql) endpoint:
https://github.com/project-zot/zot/blob/main/pkg/extensions/search/search.md

The queries can be made from shell (see examples above) or from a UI, such as the graphql playground, or postman.
The graphql playground is available in zot built with the 'debug' build label, and reachable at: /v2/_zot/debug/graphql-playground#

Describe the solution you'd like

Add an article on how to use the graphql playground (should this be for developers?).

Describe alternatives you've considered

No response

Additional context

No response

Update CLI related documentation

Is your feature request related to a problem? Please describe.

The main commands of our ZLI have changed quite drastically and the documentation needs updates.

A major change that affects all commands/subcommands is that now the config is not specified as an argument to the command but as the --config flag.

  • zli images -n alpine my-zot-server
  • zli image name alpine --config my-zot-server

The --output, -o flag has been changed to --format, -f

The old commands that used to be specified using flags have been moved into subcommands:

zli images --base-imageszli image base
zli cve --cve-id --fixedzli cve fixed
etc.

I'll open a PR when I'll note how the new commands should look like for the zli.md file.

I'll list the mapping from old to new here just in case. I've notated the arguments with square brakets: [repo]

imagesimage

Old New
images --name, -n image name
images --base-images, -b image base
images --derived-images, -D image derived
images --digest, -d image digest
images image list

cvecve

Old New
cve --cve-id cve affected [cve-id]
cve --image cve list [repo:tag]
cve --image --cve-id --fixed cve fixed [repo] [cve-id]
cve --image --cve-id cve list [repo:tag] --cve-id
cve --image --search cve list [repo:tag] --cve-id

searchsearch

Old New
search --subject search subject [repo:tag]
search --query search query [repo]

reposrepo

Old New
repos repo list

Describe the solution you'd like

No response

Describe alternatives you've considered

No response

Additional context

No response

[Docs]: docs should more clearly describe the cve scanning feature and how to enable it

zot version

v1.4.3

Describe the bug

looking for details about how to config and use the cve scanning feature, I only see references to the zli command and the search extension at https://zotregistry.io/v1.4.3/admin-guide/admin-configuration/?h=cve#enhanced-searching-and-querying-images

We should have a separate section for this, and clearly explain what it scans and when, how to enable it, and what tools it uses under the hood.

also, does it require the search extension?

I assume it scans each tag by extracting it then scanning the resulting rootfs, probably on push, but I think we should be explicit in the docs.

To reproduce

n/a

Expected behavior

No response

Screenshots

No response

Additional context

No response

Zot Website mocks: new section with quick install instructions

We will need a new section in the landing page which will contain simple commands to get started with Zot

  • Right after 1st banner, show quick install options
  • On the left side pane (or right?) 4 tabs with systemd/docker/podman/kubernetes copy-able instructions (same design as github ssh/https clone options)
  • On the right side pane (or left?) 4 demos for those instruction as SVGs, one for each

[Feat]: Docs: clarify local authentication settings needed to encrypt passwords

Is your feature request related to a problem? Please describe.

One of the users reported:

If the base64 encoded user:password is provided, in determining the validity of the Basic Auth credentials, the basicAuthHandler function in authn.go, compares the bycrypt hash of the retrieved password with of password hash of the looked up username. However, while use of bycrypt by users, when encrypting passwords is sensible security, making such an assumption, without making it a documented requirement, isn't user friendly.

Describe the solution you'd like

Maybe the user did not find the authentication document, but I think we should at least make the use of bycrypt explicit in the text at https://zotregistry.io/v1.4.3/articles/authn-authz/#htpasswd

Right now it only mentions the B option in the command htpasswd -bBn, which may be too easy for the user to miss.

Describe alternatives you've considered

No response

Additional context

No response

ZAP Scan Baseline Report

View the following link to download the report.
RunnerID:6582361822

[Bug]: Links not working, commands outputs errors,etc

zot version

v1.4.3

Describe the bug

  1. In this section: https://zotregistry.io/v1.4.3/admin-guide/admin-getting-started/#example-deploying-with-a-container-manager

The command is wrong and must be replaced:
midgard@yggdrasil:~/work/github.com/project-zot/project-zot.github.io$ podman run -p 5000:5000 ghcr.io/project-zot/zot-linux-amd64-minimal:latest Trying to pull ghcr.io/project-zot/zot-linux-amd64-minimal:latest... Error: initializing source docker://ghcr.io/project-zot/zot-linux-amd64-minimal:latest: Requesting bear token: invalid status code from registry 403 (Forbidden)
Image name should be replaced from ghcr.io/project-zot/zot-linux-amd64-minimal:latest to ghcr.io/project-zot/zot-minimal-linux-amd64:latest

  1. In this section https://zotregistry.io/v1.4.3/developer-guide/extensions-dev/#guidelines-for-developing-new-extensions we have a link to extension-lint-disable.go which point wrongly here:https://github.com/project-zot/zot/blob/main/pkg/extensions/lint/lint-disabled.go.
    Correct link should be this one https://github.com/project-zot/zot/blob/main/pkg/extensions/lint/lint_disabled.go

  2. Folowin the guidence from this page https://zotregistry.io/v1.4.3/developer-guide/onboarding/#supported-developer-platforms and running zot as sugested by the command here https://zotregistry.io/v1.4.3/developer-guide/onboarding/#running-zot I get a panic as below.
    I suggest changing the configuration file to minimal:
    bin/zot-linux-amd64 serve examples/config-minimal.json

The current panic message:

midgard@joro:~/work/github.com/adodon2go/zot$  bin/zot-linux-amd64 serve examples/config-example.json
panic: open test/data/htpasswd: no such file or directory

goroutine 1 [running]:
zotregistry.io/zot/pkg/api.(*AuthnMiddleware).TryAuthnHandlers(0xc0012ce920, 0xc000fb7600)
	zotregistry.io/zot/pkg/api/authn.go:318 +0xcd6
zotregistry.io/zot/pkg/api.AuthHandler(0xc000fb7600)
	zotregistry.io/zot/pkg/api/authn.go:63 +0x65
zotregistry.io/zot/pkg/api.(*RouteHandler).SetupRoutes(0xc000135dd8)
	zotregistry.io/zot/pkg/api/routes.go:67 +0x30
zotregistry.io/zot/pkg/api.NewRouteHandler(...)
	zotregistry.io/zot/pkg/api/routes.go:60
zotregistry.io/zot/pkg/api.(*Controller).Run(0xc000fb7600, {0x562507d4ca68?, 0xc0025d29b0?})
	zotregistry.io/zot/pkg/api/controller.go:129 +0x51b
zotregistry.io/zot/pkg/cli.NewServerRootCmd.newServeCmd.func2(0xc000fb6b00?, {0xc000abc920, 0x1, 0x562505032d26?})
	zotregistry.io/zot/pkg/cli/root.go:69 +0xc8
github.com/spf13/cobra.(*Command).execute(0xc000f8c600, {0xc000abc8e0, 0x1, 0x1})
	github.com/spf13/[email protected]/command.go:944 +0x863
github.com/spf13/cobra.(*Command).ExecuteC(0xc000f8c300)
	github.com/spf13/[email protected]/command.go:1068 +0x3a5
github.com/spf13/cobra.(*Command).Execute(0xc0000061a0?)
	github.com/spf13/[email protected]/command.go:992 +0x13
main.main()
	zotregistry.io/zot/cmd/zot/main.go:10 +0x18

To reproduce

  1. Configuration
  2. Client tool used
  3. Seen error

Expected behavior

No response

Screenshots

No response

Additional context

No response

[Feat]: Document scheduler settings in admin guide

Is your feature request related to a problem? Please describe.

Update admin guide documentation to include the scheduler settings added in: project-zot/zot@d4f200c

Describe the solution you'd like

No response

Describe alternatives you've considered

Just to be on the safe side @rchincha do we advertise this configuration to the users?

Additional context

No response

ZAP Scan Baseline Report

View the following link to download the report.
RunnerID:4299309497

Document what GraphQl is and it's role in Zot

Describe the bug
A clear and concise description of what the bug is.
Document what GraphQl is and how to use it

To Reproduce
Steps to reproduce the behavior:

  1. What is GraphQl (https://graphql.org/learn/, https://www.howtographql.com/ ?)
  2. Where in Zot is GraphQl relevant?
  3. (Re)Generate schema
  4. Implement a resolver for a Query
  5. Implement a resolver for a Query with parameters?
  6. Implement a resolver for a Mutation without
  7. with / parameters?
  8. Limiting load on GraphQl apis
  9. ...
  10. Profit

Expected behavior
A clear and concise description of what you expected to happen.

Screenshots
If applicable, add screenshots to help explain your problem.

Additional context
Add any other context about the problem here.

[Feat]: Add Social login / API key instructions in the admin guide and user guide

Is your feature request related to a problem? Please describe.

See: project-zot/zot#1381

More specifically:

  • the commit message
  • the documentation in examples/README.md
  • the documentation in pkg/extensions/README_apikey.md

Note we'd need

  • instructions for the admin to configure the social login in zot - with dex, google, github, gitlab.
  • instructions for the admin to configure a dex server to use as an authentication provider if he needs dex authentication
  • instructions for the admin to configure github/gitlab/google side of social login for the integration
  • instructions for the admin to configure potential firewall rules/access to allow communication between zot and dex/github/gitlab/google
  • instructions for the admin to enable api key authentication
  • instructions for the user to create api keys for accessing the API, and how to use them
  • a note detailing that the social login working on the zui side, but not for pushing/pulling images, and how he can use the API keys for that instead
  • mention that if the UI is configured on a different host than zot, the AllowOrigin zot config setting needs to be specific (cannot be wildcard), and must include the UI (zui) origin.
  • any other changes needed for the UI side

Describe the solution you'd like

No response

Describe alternatives you've considered

No response

Additional context

No response

Zot logo: experiment and decide on a font for the text

There have been discussions on removing the z from the zot logo, as the icon is already a stylized z.
We're not going to go that route, but we should look into an appropriate font for the zot test to be shown next to the logo

[Feat]: List next or develop as tagged version in selectable

Is your feature request related to a problem? Please describe.

It would be awesome to be able to select the latest docs from the select
image

I want to try the latest release (2.0.0-rc7) but checking the new config or docs is a bit hard...

Describe the solution you'd like

Add next / develop as a select option, like many other projecs do
image

Describe alternatives you've considered

No response

Additional context

No response

[Feat]: Include a profiling article in the docs

Is your feature request related to a problem? Please describe.

Add a separate article for profiling in zot.
The starting point is: https://github.com/project-zot/zot/blob/main/pkg/debug/pprof/pprof.md

This article should be linked to from:

  • The API guide (the list of endpoints)
  • The developer guide
  • The admin guide (somewhat related to monitoring, but does not interact with the other monitoring feature)

Describe the solution you'd like

No response

Describe alternatives you've considered

No response

Additional context

No response

[Feat]: Document zot endpoints in the developer guide

Is your feature request related to a problem? Please describe.

Right now it is not trivial to identify all http endpoints currently exposed by zot.
Let's add the list to the zot developer guide.

/ (ui) - enabled by using the ui build label and having the ui extension configuration enabled
/auth/login - available when OpenID authentication is enabled
/auth/logout - available when authentication is available in general (not just for OpenID, but all session-based authentication)
/auth/apikey - available when API key authentication is enabled
/auth/callback - available when OpenID authentication is enabled
/oras/artifacts/v1/ (oras) - always enabled
/metrics (metrics with extensions) - when the metrics build label is used and the metrics extension is enabled
/swagger/v2/ (swagger) - enabled by using the the debug build label
/v2/ (oci spec specific endpoints) - always available
/v2/_oci/ext/discover (discover extensions per oci spec) - always available
/v2/metrics (metrics without extensions) - when metrics extension is disabled, regardless if the metrics build label was used or not
/v2/_zot/ext/mgmt (mgmt extension) - enabled by using the mgmt build label and having both the search and the ui extensions configurations enabled.
/v2/_zot/ext/cosign (imagetrust extension) - enabled by using the imagetrust build label and having the trust extension configuration enabled with the cosign option enabled
/v2/_zot/ext/notation (imagetrust extension, will have query parameters for uploading certificates for signature verification) - enabled by using the imagetrust build label and having the trust extension configuration enabled with the notation option enabled
/v2/_zot/ext/search (search extension) - enabled by using the search build label and having the search extension configuration enabled
/v2/_zot/ext/userprefs (user preferences extension) - enabled by using the userprefs build label and having both the search and the ui extensions configurations enabled.
/v2/_zot/debug/graphql-playground (graphql playground) - enabled by using the the debug build label

Describe the solution you'd like

We should have an article about these endpoints and how to build/enable them.

Describe alternatives you've considered

We could potentially have separate articles per feature - I don't think they are all covered at the moment.

Additional context

No response

ZAP Scan Baseline Report

View the following link to download the report.
RunnerID:3153515364

ZAP Scan Baseline Report

View the following link to download the report.
RunnerID:5128068659

[Feat]: Document the retention policy configuration

Is your feature request related to a problem? Please describe.

Original issue: project-zot/zot#1634
The PR in which the feature is implemented: project-zot/zot#1866
More specifically this readme in the PR: https://github.com/project-zot/zot/pull/1866/files#diff-49aaa2819e35a856818ecec8c9fa7e1c79ad028d3f44bd749736353cfb51bac9

Describe the solution you'd like

No response

Describe alternatives you've considered

No response

Additional context

No response

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.