Skip to content

Commit 4925a11

Browse files
eusebiu-constantin-petu-dbkeusebiu-constantin-petu-dbk
committed
Added support for changing config via API
closes #268, closes #698 Signed-off-by: Petu Eusebiu <[email protected]>
1 parent 6c29371 commit 4925a11

33 files changed

+1928
-1037
lines changed

Makefile

+3-3
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ TESTDATA := $(TOP_LEVEL)/test/data
1919
OS ?= linux
2020
ARCH ?= amd64
2121
BENCH_OUTPUT ?= stdout
22-
EXTENSIONS ?= sync,search,scrub,metrics,ui_base,lint
22+
EXTENSIONS ?= sync,search,scrub,metrics,ui_base,lint,config
2323
comma:= ,
2424
hyphen:= -
2525
extended-name:=
@@ -84,7 +84,7 @@ privileged-test: check-skopeo $(TESTDATA) $(NOTATION)
8484
go test -failfast -tags needprivileges,$(EXTENSIONS),containers_image_openpgp -v -trimpath -race -timeout 15m -cover -coverpkg ./... -coverprofile=coverage-dev-needprivileges.txt -covermode=atomic ./pkg/storage/... ./pkg/cli/... -run ^TestElevatedPrivileges
8585

8686
$(TESTDATA): check-skopeo
87-
$(shell mkdir -p ${TESTDATA}; cd ${TESTDATA}; mkdir -p noidentity; ../scripts/gen_certs.sh; cd ${TESTDATA}/noidentity; ../../scripts/gen_nameless_certs.sh; cd ${TOP_LEVEL}; skopeo --insecure-policy copy -q docker://public.ecr.aws/t0x7q1g8/centos:7 oci:${TESTDATA}/zot-test:0.0.1;skopeo --insecure-policy copy -q docker://public.ecr.aws/t0x7q1g8/centos:8 oci:${TESTDATA}/zot-cve-test:0.0.1)
87+
$(shell mkdir -p ${TESTDATA}; cd ${TESTDATA}; touch htpasswd; mkdir -p noidentity; ../scripts/gen_certs.sh; cd ${TESTDATA}/noidentity; ../../scripts/gen_nameless_certs.sh; cd ${TOP_LEVEL}; skopeo --insecure-policy copy -q docker://public.ecr.aws/t0x7q1g8/centos:7 oci:${TESTDATA}/zot-test:0.0.1;skopeo --insecure-policy copy -q docker://public.ecr.aws/t0x7q1g8/centos:8 oci:${TESTDATA}/zot-cve-test:0.0.1)
8888
$(shell chmod -R a=rwx ${TESTDATA})
8989

9090
.PHONY: run-bench
@@ -196,7 +196,7 @@ run: binary test
196196
verify-config: _verify-config verify-config-warnings verify-config-commited
197197

198198
.PHONY: _verify-config
199-
_verify-config: binary
199+
_verify-config: binary $(TESTDATA)
200200
rm -f output.txt
201201
$(foreach file, $(wildcard examples/config-*), ./bin/zot-$(OS)-$(ARCH) verify $(file) 2>&1 | tee -a output.txt || exit 1;)
202202

examples/config-allextensions.json

+22-1
Original file line numberDiff line numberDiff line change
@@ -5,12 +5,33 @@
55
},
66
"http": {
77
"address": "127.0.0.1",
8-
"port": "8080"
8+
"port": "8080",
9+
"auth": {
10+
"htpasswd": {
11+
"path": "test/data/htpasswd"
12+
}
13+
},
14+
"accesscontrol": {
15+
"adminpolicy": {
16+
"actions": [
17+
"read",
18+
"create",
19+
"update",
20+
"delete"
21+
],
22+
"users": [
23+
"admin"
24+
]
25+
}
26+
}
927
},
1028
"log": {
1129
"level": "debug"
1230
},
1331
"extensions": {
32+
"sysconfig": {
33+
"enable": true
34+
},
1435
"metrics": {},
1536
"sync": {
1637
"credentialsFile": "./examples/sync-auth-filepath.json",

examples/config-anonymous-authz.json

+24-22
Original file line numberDiff line numberDiff line change
@@ -8,28 +8,30 @@
88
"port": "8080",
99
"realm": "zot",
1010
"accessControl": {
11-
"**": {
12-
"anonymousPolicy": [
13-
"read",
14-
"create"
15-
]
16-
},
17-
"tmp/**": {
18-
"anonymousPolicy": [
19-
"read",
20-
"create",
21-
"update"
22-
]
23-
},
24-
"infra/**": {
25-
"anonymousPolicy": [
26-
"read"
27-
]
28-
},
29-
"repos2/repo": {
30-
"anonymousPolicy": [
31-
"read"
32-
]
11+
"repositories": {
12+
"**": {
13+
"anonymousPolicy": [
14+
"read",
15+
"create"
16+
]
17+
},
18+
"tmp/**": {
19+
"anonymousPolicy": [
20+
"read",
21+
"create",
22+
"update"
23+
]
24+
},
25+
"infra/**": {
26+
"anonymousPolicy": [
27+
"read"
28+
]
29+
},
30+
"repos2/repo": {
31+
"anonymousPolicy": [
32+
"read"
33+
]
34+
}
3335
}
3436
}
3537
},

examples/config-cfg-extension.json

+36
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
{
2+
"distspecversion": "1.0.1-dev",
3+
"extensions": {
4+
"sysconfig": {
5+
"enable": true
6+
}
7+
},
8+
"http": {
9+
"accesscontrol": {
10+
"adminpolicy": {
11+
"actions": [
12+
"read",
13+
"create",
14+
"update",
15+
"delete"
16+
],
17+
"users": [
18+
"admin"
19+
]
20+
}
21+
},
22+
"address": "127.0.0.1",
23+
"auth": {
24+
"htpasswd": {
25+
"path": "test/data/htpasswd"
26+
}
27+
},
28+
"port": "5000"
29+
},
30+
"log": {
31+
"level": "debug"
32+
},
33+
"storage": {
34+
"rootdirectory": "/tmp/zot"
35+
}
36+
}

examples/config-policy.json

+115-113
Original file line numberDiff line numberDiff line change
@@ -1,113 +1,115 @@
1-
{
2-
"distSpecVersion": "1.0.1-dev",
3-
"storage": {
4-
"rootDirectory": "/tmp/zot"
5-
},
6-
"http": {
7-
"address": "127.0.0.1",
8-
"port": "8080",
9-
"realm": "zot",
10-
"auth": {
11-
"htpasswd": {
12-
"path": "test/data/htpasswd"
13-
},
14-
"failDelay": 1
15-
},
16-
"accessControl": {
17-
"**": {
18-
"anonymousPolicy": ["read"],
19-
"policies": [
20-
{
21-
"users": [
22-
"charlie"
23-
],
24-
"actions": [
25-
"read",
26-
"create",
27-
"update"
28-
]
29-
}
30-
],
31-
"defaultPolicy": [
32-
"read",
33-
"create"
34-
]
35-
},
36-
"tmp/**": {
37-
"defaultPolicy": [
38-
"read",
39-
"create",
40-
"update"
41-
]
42-
},
43-
"infra/**": {
44-
"policies": [
45-
{
46-
"users": [
47-
"alice",
48-
"bob"
49-
],
50-
"actions": [
51-
"create",
52-
"read",
53-
"update",
54-
"delete"
55-
]
56-
},
57-
{
58-
"users": [
59-
"mallory"
60-
],
61-
"actions": [
62-
"create",
63-
"read"
64-
]
65-
}
66-
],
67-
"defaultPolicy": [
68-
"read"
69-
]
70-
},
71-
"repos2/repo": {
72-
"policies": [
73-
{
74-
"users": [
75-
"charlie"
76-
],
77-
"actions": [
78-
"read",
79-
"create"
80-
]
81-
},
82-
{
83-
"users": [
84-
"mallory"
85-
],
86-
"actions": [
87-
"create",
88-
"read"
89-
]
90-
}
91-
],
92-
"defaultPolicy": [
93-
"read"
94-
]
95-
},
96-
"adminPolicy": {
97-
"users": [
98-
"admin"
99-
],
100-
"actions": [
101-
"read",
102-
"create",
103-
"update",
104-
"delete"
105-
]
106-
}
107-
}
108-
},
109-
"log": {
110-
"level": "debug",
111-
"output": "/tmp/zot.log"
112-
}
113-
}
1+
{
2+
"distSpecVersion": "1.0.1-dev",
3+
"storage": {
4+
"rootDirectory": "/tmp/zot"
5+
},
6+
"http": {
7+
"address": "127.0.0.1",
8+
"port": "8080",
9+
"realm": "zot",
10+
"auth": {
11+
"htpasswd": {
12+
"path": "test/data/htpasswd"
13+
},
14+
"failDelay": 1
15+
},
16+
"accessControl": {
17+
"repositories": {
18+
"**": {
19+
"anonymousPolicy": ["read"],
20+
"policies": [
21+
{
22+
"users": [
23+
"charlie"
24+
],
25+
"actions": [
26+
"read",
27+
"create",
28+
"update"
29+
]
30+
}
31+
],
32+
"defaultPolicy": [
33+
"read",
34+
"create"
35+
]
36+
},
37+
"tmp/**": {
38+
"defaultPolicy": [
39+
"read",
40+
"create",
41+
"update"
42+
]
43+
},
44+
"infra/**": {
45+
"policies": [
46+
{
47+
"users": [
48+
"alice",
49+
"bob"
50+
],
51+
"actions": [
52+
"create",
53+
"read",
54+
"update",
55+
"delete"
56+
]
57+
},
58+
{
59+
"users": [
60+
"mallory"
61+
],
62+
"actions": [
63+
"create",
64+
"read"
65+
]
66+
}
67+
],
68+
"defaultPolicy": [
69+
"read"
70+
]
71+
},
72+
"repos2/repo": {
73+
"policies": [
74+
{
75+
"users": [
76+
"charlie"
77+
],
78+
"actions": [
79+
"read",
80+
"create"
81+
]
82+
},
83+
{
84+
"users": [
85+
"mallory"
86+
],
87+
"actions": [
88+
"create",
89+
"read"
90+
]
91+
}
92+
],
93+
"defaultPolicy": [
94+
"read"
95+
]
96+
}
97+
},
98+
"adminPolicy": {
99+
"users": [
100+
"admin"
101+
],
102+
"actions": [
103+
"read",
104+
"create",
105+
"update",
106+
"delete"
107+
]
108+
}
109+
}
110+
},
111+
"log": {
112+
"level": "debug",
113+
"output": "/tmp/zot.log"
114+
}
115+
}

examples/config-tls.json

+2-2
Original file line numberDiff line numberDiff line change
@@ -8,8 +8,8 @@
88
"port": "8080",
99
"realm": "zot",
1010
"tls": {
11-
"cert": "../../test/data/server.cert",
12-
"key": "../../test/data/server.key"
11+
"cert": "test/data/server.cert",
12+
"key": "test/data/server.key"
1313
}
1414
},
1515
"log": {

0 commit comments

Comments
 (0)