This repository was archived by the owner on Apr 19, 2024. It is now read-only.
Merge upstream conflicts#11
Open
10d9e wants to merge 1226 commits into
Open
Conversation
it can now return a client using default azure credentials updated docs to include information on Azure Workload Identity Signed-off-by: Lucas Melchior <lucasmelchior@flywheel.io> fix anchor link in docs Signed-off-by: Lucas Melchior <lucasmelchior@flywheel.io>
Signed-off-by: Mateusz Urbanek <mateusz.urbanek.98@gmail.com>
Signed-off-by: closeobserve <pingcap@yahoo.com>
To address the issue where a failed write operation results in an empty file, we can use a temporary file for non-append writes. This ensures that the original file is only replaced once the new content is fully written and committed. **Key Changes:** 1. **Temporary File Handling:** - For non-append writes, a temporary file is created in the same directory as the target file. - All write operations are performed on the temporary file first. 2. **Atomic Commit:** - The temporary file is only renamed to the target path during `Commit()`, ensuring atomic replacement. - If `Commit()` fails, the temporary file is cleaned up. 3. **Error Handling:** - `Cancel()` properly removes temporary files if the operation is aborted. - `Close()` is made idempotent to handle multiple calls safely. 4. **Data Integrity:** - Directory sync after rename ensures metadata persistence. - Proper file flushing and syncing before rename operations. Signed-off-by: Oded Porat <onporat@gmail.com>
Bumps the go_modules group with 1 update in the / directory: [golang.org/x/net](https://github.com/golang/net). Updates `golang.org/x/net` from 0.37.0 to 0.38.0 - [Commits](golang/net@v0.37.0...v0.38.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-version: 0.38.0 dependency-type: direct:production dependency-group: go_modules ... Signed-off-by: dependabot[bot] <support@github.com>
…dules group across 1 directory (#4625)
Signed-off-by: Youfu Zhang <zhangyoufu@gmail.com>
…cess is interrupted, the solution involves writing to a temporary file first and then atomically renaming it to the target file. This ensures that the target file is only updated if the write completes successfully, preventing empty or partially written files. **Explanation:** 1. **Temporary File Creation:** The content is first written to a temporary file (appending `.tmp` to the original path). This ensures that the original file remains intact until the write is complete. 2. **Write to Temporary File:** Using the existing `Writer` with truncation (`false`), the content is written to the temporary file. If the write fails, the temporary file is closed and deleted. 3. **Commit and Rename:** After successfully writing to the temporary file, it is committed. Then, the temporary file is atomically renamed to the target path using `Move`, which is handled by the filesystem's rename operation (atomic on most systems). 4. **Cleanup on Failure:** If any step fails, the temporary file is cleaned up to avoid leaving orphaned files. Signed-off-by: Oded Porat <onporat@gmail.com>
Signed-off-by: Anže Luzar <aluzarwork@gmail.com>
Signed-off-by: whosehang <whosehang@outlook.com>
Signed-off-by: Dane Wagner <dane.wagner@gmail.com>
When building for 386, we got the following build error: registry/storage/driver/s3-aws/s3.go:312:99: cannot use maxChunkSize (untyped int constant 5368709120) as int value in argument to getParameterAsInteger (overflows) This is because the s3_64bit.go is used. Adjust the build tag matching in s3_32bit.go and s3_64bit.go to fix this issue. Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.1 to 2.4.2. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@f49aabe...05b42c6) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-version: 2.4.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Artem Khoroshev <horoshev.artem@yandex.ru>
Summary: We see from the code and code comment in proxyblobstore.go that: "If the blob has been serving in other requests. Will return the blob from the remote store directly". That means concurrent pulls will pull from remote multiple times. Signed-off-by: Sam Jia <yiyunj@twitter.com>
`configureRedis` currently sets `RequireAndVerifyClientCert` and `ClientCAs`, however these are server side mTLS configurations, and do not apply for the client initiating the handshake. Since we never actually set client side `RootCAs`, connecting to Redis with a self-signed CA results in: ``` "error": "tls: failed to verify certificate: x509: certificate signed by unknown authority", ``` Fixed by switching Redis TLS config to use `RootCAs` instead, and updating configuration accordingly. Signed-off-by: ChandonPierre <cpierre@coreweave.com>
Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
If you want to enable traces, you can still set the env to your collector. Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
Bumps [actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact) from 4.0.0 to 5.0.0. - [Release notes](https://github.com/actions/upload-pages-artifact/releases) - [Commits](actions/upload-pages-artifact@7b1f4a7...fc324d3) --- updated-dependencies: - dependency-name: actions/upload-pages-artifact dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [docker/bake-action](https://github.com/docker/bake-action) from 7.0.0 to 7.1.0. - [Release notes](https://github.com/docker/bake-action/releases) - [Commits](docker/bake-action@8249049...a66e1c8) --- updated-dependencies: - dependency-name: docker/bake-action dependency-version: 7.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 7.0.0 to 7.0.1. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@bbbca2d...043fb46) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
adding "services:" top-level key in docker-compose file example. Signed-off-by: John de Graaff <john@de-graaff.net>
PR #4353 made MaxTags (default 1000) a hard ceiling on the `n` query parameter — anything larger and the handler returns 400 PAGINATION_NUMBER_INVALID before the request ever reaches storage or the proxy tag service. That broke clients like Renovate which use n=10000 against pull-through caches. #4846 fixed a related 500 in proxy mode but not this 400, so users reported the regression still persisted. The OCI distribution-spec describes pagination differently: a server MAY return fewer than `n` results "when the total number of tags attached to the repository is less than <int> or a Link header is provided" — otherwise it MUST include `<int>` results. In other words, the right answer for "client asked for more than we'll serve" is `maxtags` results plus a Link header, not a rejection. PAGINATION_NUMBER_INVALID isn't among the 14 error codes the spec defines, either. Drop the oversized-n rejection and clamp to MaxTags instead; the existing Link-header path already handles continuation correctly. Malformed (non-integer) and negative `n` values keep returning 400, since the spec defines `n` as a non-negative integer and those requests are genuinely invalid. Verified end-to-end against registry-1.docker.io in proxy mode: n=10000 now returns the tag list (or a clamped page with Link) instead of 400. Also restores pre-3.1.0 behavior for Renovate-style clients without needing proxy-specific logic. Spec reference: https://github.com/opencontainers/distribution-spec/blob/main/spec.md#listing-tags Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.6.1 to 3.0.0. - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](softprops/action-gh-release@153bb8e...b430933) --- updated-dependencies: - dependency-name: softprops/action-gh-release dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
…lback PurgeUploads' Walk callback split the visited path with path.Split and indexed file[0] immediately. path.Split returns an empty basename for paths that end in a trailing slash - in practice this happens when an S3 driver surfaces a bare directory (common prefix) with an empty Key. Indexing a zero-length string then panics with 'index out of range [0] with length 0' and takes down the whole PurgeUploads goroutine (#4713). Guard the length before touching file[0] so a trailing-slash / empty-basename entry is simply skipped as 'not a reserved directory', which matches what the branch was trying to do anyway. Runtime behaviour for every non-empty entry is unchanged. Closes #4713 Signed-off-by: SAY-5 <SAY-5@users.noreply.github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.1 to 4.35.2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c10b806...95e58e9) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Joonas Bergius <joonas@defenseunicorns.com>
fix: prevent tag deletion when `storage.delete.enabled` is false
* Release notes added * AUTHORS updated * Version bump in the `version` package Signed-off-by: Milos Gajdos <milosthegajdos@gmail.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.2 to 4.35.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@95e58e9...e46ed2c) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.3 to 4.35.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@e46ed2c...68bde55) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.