Added support for changing config via API

closes #268, closes #698 Signed-off-by: Petu Eusebiu <peusebiu@cisco.com>
project-zot · Oct 25, 2022 · 5f131e9 · 5f131e9
1 parent 4edecbb
commit 5f131e9
Show file tree

Hide file tree

Showing 31 changed files with 1,886 additions and 1,078 deletions.
diff --git a/Makefile b/Makefile
@@ -21,7 +21,7 @@ TESTDATA := $(TOP_LEVEL)/test/data
 OS ?= linux
 ARCH ?= amd64
 BENCH_OUTPUT ?= stdout
-EXTENSIONS ?= sync,search,scrub,metrics,lint
+EXTENSIONS ?= sync,search,scrub,metrics,lint,config
 comma:= ,
 hyphen:= -
 extended-name:=
@@ -86,7 +86,7 @@ privileged-test: check-skopeo $(TESTDATA) $(NOTATION)
 	go test -failfast -tags needprivileges,$(EXTENSIONS),containers_image_openpgp -v -trimpath -race -timeout 15m -cover -coverpkg ./... -coverprofile=coverage-dev-needprivileges.txt -covermode=atomic ./pkg/storage/... ./pkg/cli/... -run ^TestElevatedPrivileges
 
 $(TESTDATA): check-skopeo
-	$(shell mkdir -p ${TESTDATA}; cd ${TESTDATA}; mkdir -p noidentity; ../scripts/gen_certs.sh; cd ${TESTDATA}/noidentity; ../../scripts/gen_nameless_certs.sh; cd ${TOP_LEVEL}; skopeo --insecure-policy copy -q docker://public.ecr.aws/t0x7q1g8/centos:7 oci:${TESTDATA}/zot-test:0.0.1;skopeo --insecure-policy copy -q docker://public.ecr.aws/t0x7q1g8/centos:8 oci:${TESTDATA}/zot-cve-test:0.0.1)
+	$(shell mkdir -p ${TESTDATA}; cd ${TESTDATA}; touch htpasswd; mkdir -p noidentity; ../scripts/gen_certs.sh; cd ${TESTDATA}/noidentity; ../../scripts/gen_nameless_certs.sh; cd ${TOP_LEVEL}; skopeo --insecure-policy copy -q docker://public.ecr.aws/t0x7q1g8/centos:7 oci:${TESTDATA}/zot-test:0.0.1;skopeo --insecure-policy copy -q docker://public.ecr.aws/t0x7q1g8/centos:8 oci:${TESTDATA}/zot-cve-test:0.0.1)
 	$(shell chmod -R a=rwx ${TESTDATA})
 
 .PHONY: run-bench
@@ -198,7 +198,7 @@ run: binary test
 verify-config: _verify-config verify-config-warnings verify-config-commited
 
 .PHONY: _verify-config
-_verify-config: binary
+_verify-config: binary $(TESTDATA)
 	rm -f output.txt	
 	$(foreach file, $(wildcard examples/config-*), ./bin/zot-$(OS)-$(ARCH) verify $(file) 2>&1 | tee -a output.txt || exit 1;)
 

diff --git a/examples/config-allextensions.json b/examples/config-allextensions.json
@@ -5,12 +5,33 @@
 	},
 	"http": {
 		"address": "127.0.0.1",
-		"port": "8080"
+		"port": "8080",
+		"auth": {
+			"htpasswd": {
+			  "path": "test/data/htpasswd"
+			}
+		},
+		"accesscontrol": {
+			"adminpolicy": {
+			  "actions": [
+				"read",
+				"create",
+				"update",
+				"delete"
+			  ],
+			  "users": [
+				"admin"
+			  ]
+			}
+		}
 	},
 	"log": {
 		"level": "debug"
 	},
 	"extensions": {
+		"sysconfig": {
+			"enable": true
+		},
 		"metrics": {},
 		"sync": {
 			"credentialsFile": "./examples/sync-auth-filepath.json",

diff --git a/examples/config-anonymous-authz.json b/examples/config-anonymous-authz.json
@@ -8,28 +8,30 @@
     "port": "8080",
     "realm": "zot",
     "accessControl": {
-      "**": {
-        "anonymousPolicy": [
-          "read",
-          "create"
-        ]
-      },
-      "tmp/**": {
-        "anonymousPolicy": [
-          "read",
-          "create",
-          "update"
-        ]
-      },
-      "infra/**": {
-        "anonymousPolicy": [
-          "read"
-        ]
-      },
-      "repos2/repo": {
-        "anonymousPolicy": [
-          "read"
-        ]
+      "repositories": {
+        "**": {
+          "anonymousPolicy": [
+            "read",
+            "create"
+          ]
+        },
+        "tmp/**": {
+          "anonymousPolicy": [
+            "read",
+            "create",
+            "update"
+          ]
+        },
+        "infra/**": {
+          "anonymousPolicy": [
+            "read"
+          ]
+        },
+        "repos2/repo": {
+          "anonymousPolicy": [
+            "read"
+          ]
+        }
       }
     }
   },

diff --git a/examples/config-cfg-extension.json b/examples/config-cfg-extension.json
@@ -0,0 +1,36 @@
+{
+  "distspecversion": "1.0.1-dev",
+  "extensions": {
+    "sysconfig": {
+      "enable": true
+    }
+  },
+  "http": {
+    "accesscontrol": {
+      "adminpolicy": {
+        "actions": [
+          "read",
+          "create",
+          "update",
+          "delete"
+        ],
+        "users": [
+          "admin"
+        ]
+      }
+    },
+    "address": "127.0.0.1",
+    "auth": {
+      "htpasswd": {
+        "path": "test/data/htpasswd"
+      }
+    },
+    "port": "5000"
+  },
+  "log": {
+    "level": "debug"
+  },
+  "storage": {
+    "rootdirectory": "/tmp/zot"
+  }
+}
diff --git a/examples/config-policy.json b/examples/config-policy.json
@@ -1,113 +1,115 @@
-{
-  "distSpecVersion": "1.0.1-dev",
-  "storage": {
-    "rootDirectory": "/tmp/zot"
-  },
-  "http": {
-    "address": "127.0.0.1",
-    "port": "8080",
-    "realm": "zot",
-    "auth": {
-      "htpasswd": {
-        "path": "test/data/htpasswd"
-      },
-      "failDelay": 1
-    },
-    "accessControl": {
-      "**": {
-        "anonymousPolicy": ["read"],
-        "policies": [
-          {
-            "users": [
-              "charlie"
-            ],
-            "actions": [
-              "read",
-              "create",
-              "update"
-            ]
-          }
-        ],
-        "defaultPolicy": [
-          "read",
-          "create"
-        ]
-      },
-      "tmp/**": {
-        "defaultPolicy": [
-          "read",
-          "create",
-          "update"
-        ]
-      },
-      "infra/**": {
-        "policies": [
-          {
-            "users": [
-              "alice",
-              "bob"
-            ],
-            "actions": [
-              "create",
-              "read",
-              "update",
-              "delete"
-            ]
-          },
-          {
-            "users": [
-              "mallory"
-            ],
-            "actions": [
-              "create",
-              "read"
-            ]
-          }
-        ],
-        "defaultPolicy": [
-          "read"
-        ]
-      },
-      "repos2/repo": {
-        "policies": [
-          {
-            "users": [
-              "charlie"
-            ],
-            "actions": [
-              "read",
-              "create"
-            ]
-          },
-          {
-            "users": [
-              "mallory"
-            ],
-            "actions": [
-              "create",
-              "read"
-            ]
-          }
-        ],
-        "defaultPolicy": [
-          "read"
-        ]
-      },
-      "adminPolicy": {
-        "users": [
-          "admin"
-        ],
-        "actions": [
-          "read",
-          "create",
-          "update",
-          "delete"
-        ]
-      }
-    }
-  },
-  "log": {
-    "level": "debug",
-    "output": "/tmp/zot.log"
-  }
-}
+{
+  "distSpecVersion": "1.0.1-dev",
+  "storage": {
+    "rootDirectory": "/tmp/zot"
+  },
+  "http": {
+    "address": "127.0.0.1",
+    "port": "8080",
+    "realm": "zot",
+    "auth": {
+      "htpasswd": {
+        "path": "test/data/htpasswd"
+      },
+      "failDelay": 1
+    },
+    "accessControl": {
+      "repositories": {
+        "**": {
+          "anonymousPolicy": ["read"],
+          "policies": [
+            {
+              "users": [
+                "charlie"
+              ],
+              "actions": [
+                "read",
+                "create",
+                "update"
+              ]
+            }
+          ],
+          "defaultPolicy": [
+            "read",
+            "create"
+          ]
+        },
+        "tmp/**": {
+          "defaultPolicy": [
+            "read",
+            "create",
+            "update"
+          ]
+        },
+        "infra/**": {
+          "policies": [
+            {
+              "users": [
+                "alice",
+                "bob"
+              ],
+              "actions": [
+                "create",
+                "read",
+                "update",
+                "delete"
+              ]
+            },
+            {
+              "users": [
+                "mallory"
+              ],
+              "actions": [
+                "create",
+                "read"
+              ]
+            }
+          ],
+          "defaultPolicy": [
+            "read"
+          ]
+        },
+        "repos2/repo": {
+          "policies": [
+            {
+              "users": [
+                "charlie"
+              ],
+              "actions": [
+                "read",
+                "create"
+              ]
+            },
+            {
+              "users": [
+                "mallory"
+              ],
+              "actions": [
+                "create",
+                "read"
+              ]
+            }
+          ],
+          "defaultPolicy": [
+            "read"
+          ]
+        }
+      },
+      "adminPolicy": {
+        "users": [
+          "admin"
+        ],
+        "actions": [
+          "read",
+          "create",
+          "update",
+          "delete"
+        ]
+      }
+    }
+  },
+  "log": {
+    "level": "debug",
+    "output": "/tmp/zot.log"
+  }
+}
diff --git a/examples/config-tls.json b/examples/config-tls.json
@@ -8,8 +8,8 @@
     "port": "8080",
     "realm": "zot",
     "tls": {
-      "cert": "../../test/data/server.cert",
-      "key": "../../test/data/server.key"
+      "cert": "test/data/server.cert",
+      "key": "test/data/server.key"
     }
   },
   "log": {