Skip to content

Commit

Permalink
docs: fix broken links in v1.4.3 documentation, other issues in #117 (#…
Browse files Browse the repository at this point in the history
…118)

* docs: fix broken links in v1.4.3 documentation

Signed-off-by: mbshields <[email protected]>

* docs: fix broken links in v1.4.3 documentation per issue #117

Signed-off-by: mbshields <[email protected]>

* docs: added repositories under accessControl per user-reported issue #1673

Signed-off-by: mbshields <[email protected]>

* docs: undo adding 'repositories' under 'accessControl

Signed-off-by: mbshields <[email protected]>

---------

Signed-off-by: mbshields <[email protected]>
  • Loading branch information
mbshields authored Sep 1, 2023
1 parent 7fcb839 commit 7477dc8
Show file tree
Hide file tree
Showing 12 changed files with 62 additions and 61 deletions.
2 changes: 1 addition & 1 deletion docs/admin-guide/admin-configuration.md
Original file line number Diff line number Diff line change
Expand Up @@ -327,7 +327,7 @@ For detailed information about clustering with zot, see [zot Clustering](../arti

## Syncing and mirroring registries

A zot registry can mirror one or more upstream OCI registries, including popular cloud registries such as [Docker Hub](https://hub.docker.com/) and [Google Container Registry](gcr.io). If an upstream registry is OCI distribution-spec conformant for pulling images, you can use zot's `sync` extension feature to implement a downstream mirror, synchronizing OCI images and corresponding artifacts. Synchronization between registries can be implemented by periodic polling of the upstream registry or synchronization can occur on demand, when a user pulls an image from the downstream registry.
A zot registry can mirror one or more upstream OCI registries, including popular cloud registries such as [Docker Hub](https://hub.docker.com/) and [Google Artifact Registry](https://cloud.google.com/artifact-registry). If an upstream registry is OCI distribution-spec conformant for pulling images, you can use zot's `sync` extension feature to implement a downstream mirror, synchronizing OCI images and corresponding artifacts. Synchronization between registries can be implemented by periodic polling of the upstream registry or synchronization can occur on demand, when a user pulls an image from the downstream registry.

As with git, wherein every clone is a full repository, you can configure a local zot instance to be a full OCI mirror registry. This allows for a fully distributed disconnected container image build pipeline.

Expand Down
13 changes: 6 additions & 7 deletions docs/admin-guide/admin-getting-started.md
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ install a zot binary image, as in the following examples.

podman run -p 5000:5000 ghcr.io/project-zot/zot-linux-amd64:latest

podman run -p 5000:5000 ghcr.io/project-zot/zot-linux-amd64-minimal:latest
podman run -p 5000:5000 ghcr.io/project-zot/zot-minimal-linux-amd64:latest

<details>
<summary markdown="span">Click here to view an example of deploying using podman.</summary>
Expand All @@ -91,7 +91,7 @@ install a zot binary image, as in the following examples.

Each of these example commands pulls a zot binary image from
the GitHub Container Registry (ghcr.io) and launches a zot
image registry at <http://localhost:5000>.
image registry at `http://localhost:5000`.

<details>
<summary markdown="span">Click here to view an example of deploying using docker.</summary>
Expand All @@ -106,10 +106,9 @@ image registry at <http://localhost:5000>.

#### Prerequisites

##### Install golang (1.17+)
##### Install golang (1.19+)

The zot project requires `golang 1.17` or newer. You can follow [these
instructions](https://go.dev/learn/) to install the `golang` toolchain.
The zot project requires `golang 1.19` or newer. You can follow the [golang instructions](https://go.dev/learn/) to install the `golang` toolchain.
After installation, make sure that the `path` environment variable or
your IDE can find the toolchain.

Expand Down Expand Up @@ -166,8 +165,8 @@ runs the latest zot by running the following command:

**with Docker**

A sample Dockerfile is provided on the [zot project
page](https://github.com/project-zot/zot/tree/main/build/Dockerfile) in
A [sample Dockerfile](https://github.com/project-zot/zot/tree/main/build/Dockerfile)
is provided on the zot project page in
GitHub. You can edit the sample file with your specific values, such as
the desired operating system, hardware architecture, and full or minimal
build, as in this example:
Expand Down
16 changes: 9 additions & 7 deletions docs/articles/mirroring.md
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ As with git, wherein every clone is a full repository, you can configure your lo

The `sync` feature of zot is an [extension](https://github.com/opencontainers/distribution-spec/tree/main/extensions) of the OCI-compliant registry implementation. You can configure the `sync` feature under the `extensions` section of the zot configuration file, as shown in this example:

```
```json
"extensions": {
"sync": {
"credentialsFile": "./examples/sync-auth-filepath.json",
Expand Down Expand Up @@ -164,7 +164,7 @@ error occurs during either an on-demand or periodic synchronization. If no value

The following is an example of sync configuration for mirroring multiple repositories with polled mirroring.

```
```json
"sync": {
"enable": true,
"credentialsFile": "./examples/sync-auth-filepath.json",
Expand Down Expand Up @@ -214,7 +214,7 @@ The configuration in this example will result in the following behavior:

The following is an example of sync configuration for mirroring multiple registries with on-demand mirroring.

```
```json
{
"distSpecVersion": "1.0.1",
"storage": {
Expand Down Expand Up @@ -270,7 +270,8 @@ With this zot configuration, the sync behavior is as follows:

You can use this command:<br/>&nbsp;&nbsp;&nbsp;&nbsp;
`curl http://localhost:8080/v2/_catalog`<br/>to display the local repositories:
```

```json
{
"repositories":[
"docker-images/alpine",
Expand All @@ -283,7 +284,7 @@ You can use this command:<br/>&nbsp;&nbsp;&nbsp;&nbsp;

The following is an example of a zot configuration file for mirroring multiple upstream registries.

```
```json
{
"distSpecVersion": "1.1.0-dev",
"storage": {
Expand Down Expand Up @@ -367,7 +368,7 @@ The following is an example of a zot configuration file for mirroring multiple u

## Example: Support for subpaths in local storage

```
```json
{
"distSpecVersion": "1.0.1",
"storage": {
Expand Down Expand Up @@ -417,7 +418,8 @@ With this zot configuration, the sync behavior is as follows:

You can use this command:<br/>&nbsp;&nbsp;&nbsp;&nbsp;
`curl http://localhost:8080/v2/_catalog`<br/>to display the local repositories:
```

```json
{
"repositories":[
"docker-images/alpine",
Expand Down
2 changes: 1 addition & 1 deletion docs/articles/monitoring.md
Original file line number Diff line number Diff line change
Expand Up @@ -93,7 +93,7 @@ The binary image is named using the target platform and architecture. For exampl

> :bulb:
> A sample Dockerfile for zxp is available at [Dockerfile-zxp](https://github.com/project-zot/zot/blob/main/Dockerfile-zxp).
> A sample Dockerfile for zxp is available at [Dockerfile-zxp](https://github.com/project-zot/zot/blob/main/build/Dockerfile-zxp).

The configuration file of zxp contains connection details for the zot server from which it will scrape metrics. The following JSON structure is an example of the `zxp-config-file` contents:
Expand Down
2 changes: 1 addition & 1 deletion docs/articles/storage.md
Original file line number Diff line number Diff line change
Expand Up @@ -307,7 +307,7 @@ The following AWS policy is required by zot for push and pull.
}
```

For more details about configuring AWS policies, see the [AWS documentation](https://docs.aws.amazon.com/index.htmlhttps://docs.aws.amazon.com/index.html).
For more details about configuring AWS policies, see the [AWS documentation](https://docs.aws.amazon.com/index.html).

<a name="config-cache"></a>

Expand Down
30 changes: 15 additions & 15 deletions docs/developer-guide/extensions-dev.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,34 +24,34 @@ You can examine the implementation of these extensions in the zot project [exten

* Each file to be included in the binary for only a specific extension must contain the following syntax at the beginning of the file. For example, a file to be included in the build for extension *foo* must begin with the following lines:

```go
//go:build foo
// +build foo

package foo
//go:build foo
// +build foo

...
```
package foo

...

- The first line (`//go:build foo`) is added automatically by the linter if not already present.
* The first line (`//go:build foo`) is added automatically by the linter if not already present.

- The second line and the third (blank) line are mandatory.
* The second line and the third (blank) line are mandatory.

- For each file that contains functions specific to the extension, create a corresponding "no-op" file that contains exactly the same function names. In this file:

- Each function is a "no-op," performing no action other than to return a "success" value if expected.
- We recommend naming this "no-op" file by appending `-disabled` to the name of the original file. For example, if the extension is implemented by `extension-foo.go`, the corresponding "no-op" file could be named `extension-foo-disabled.go`.
- The first two lines declare an "anti-tag" (for example, `!foo`). In the *foo* extension example, the "no-op" file will be included in binaries that don't implement the *foo* extension, but won't be included in binaries that implement the *foo* extension. The *foo* example "no-op" file begins with the following lines:

```go
//go:build !foo
// +build !foo
~~~go
//go:build !foo
// +build !foo

package foo
package foo

...
```
See [extension-lint-disabled.go](https://github.com/project-zot/zot/blob/main/pkg/extensions/lint/lint-disabled.go) in the zot project for an example of a "no-op" file.
...
~~~

See extension [lint-disabled.go](https://github.com/project-zot/zot/blob/main/pkg/extensions/lint/lint_disabled.go) in the zot project for an example of a "no-op" file.

- When developing a new extension, you should create a blackbox test in which a binary containing the new extension can be tested in a usage scenario. See the [test/blackbox](https://github.com/project-zot/zot/tree/main/test/blackbox) folder in the zot project for examples of extension tests.

Expand Down
4 changes: 2 additions & 2 deletions docs/developer-guide/onboarding.md
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ Supported platforms and architectures

#### Install golang (1.19+)

The zot project requires `golang 1.19` or newer. You can follow [these instructions](https://go.dev/learn/) to install the `golang` toolchain.
The zot project requires `golang 1.19` or newer. You can follow the [golang instructions](https://go.dev/learn/) to install the `golang` toolchain.
After installation, make sure that the `path` environment variable or
your IDE can find the toolchain.

Expand Down Expand Up @@ -86,7 +86,7 @@ linux minimal image is `zot-linux-amd64-minimal`.
The behavior of zot is controlled via configuration only. To launch the
zot server, execute the following command:

$ bin/zot-linux-amd64 serve examples/config-example.json
$ bin/zot-linux-amd64 serve examples/config-minimal.json

## Debugging zot

Expand Down
8 changes: 4 additions & 4 deletions docs/general/architecture.md
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ zot is a single binary image with all features included so that deployment is ex

A clear separation exists between (1) the core OCI-compliant HTTP APIs and storage functionality, and (2) other add-on features modeled as **extensions**. The extension features can be selectively enabled both at build-time and run-time.

For more information, see "Conditional Builds" in zot's [security posture](kb:security-posture.xml#_conditional_builds) document.
For more information, see "Conditional Builds" in zot's [security posture](../articles/security-posture.md#_conditional_builds) document.

## Overall Architecture

Expand Down Expand Up @@ -72,7 +72,7 @@ The configuration file is divided into sections for `http`, `storage`, `log`, an

A robust set of authentication and authorization options are supported natively in zot. These controls are enforced before access is allowed into the storage layer.

For more information, see [User Authentication and Authorization with zot](kb:authn-authz.xml).
For more information, see [User Authentication and Authorization with zot](../articles/authn-authz.md).

### Storage Driver Support

Expand All @@ -81,7 +81,7 @@ zot supports any modern local filesystem. Remote filesystems, such as AWS S3 or
> :pencil2:
> Deduplication is supported for both local and remote filesystems, but deduplication requires a filesystem with hard-link support.
For more information, see [Storage Planning with zot](kb:storage.xml).
For more information, see [Storage Planning with zot](../articles/storage.md).

### Security Scanning

Expand All @@ -94,7 +94,7 @@ Additional registry features that are not a part of the Distribution Specificati
> :pencil2:
> Extension features of zot are available only with a full zot image. They are not supported in a minimal zot image.
For more information about extensions, see [*Extensions*](extensions.md).
For more information about zot's extensions, see [*Extensions*](extensions.md).

### Background Tasks

Expand Down
30 changes: 15 additions & 15 deletions docs/general/features.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

* Conforms to [OCI distribution spec](https://github.com/opencontainers/distribution-spec) APIs
* Uses [OCI image layout](https://github.com/opencontainers/image-spec/blob/master/image-layout.md) for image storage
* Can serve any OCI image layout as a registry
* Can serve any OCI image layout as a registry
* Single binary for **all** the features
* Doesn't require _root_ privileges
* Clear separation between core dist-spec and zot-specific extensions
Expand All @@ -13,25 +13,25 @@
* Supports advanced image queries using _search_ extension
* Supports image deletion by tag
* Currently suitable for on-prem deployments (e.g. colocated with Kubernetes)
* Compatible with ecosystem tools such as [skopeo](#skopeo) and [cri-o](#cri-o)
* [Vulnerability scanning of images](#Scanning-images-for-known-vulnerabilities)
* Compatible with ecosystem tools such as [skopeo](https://github.com/containers/skopeo) and [cri-o](https://kubernetes.io/docs/setup/production-environment/container-runtimes/#cri-o)
* Vulnerability scanning of images
* TLS support
* Authentication via:
* TLS mutual authentication
* HTTP *Basic* (local _htpasswd_ and LDAP)
* HTTP *Bearer* token
* [Authentication](../articles/authn-authz.md) via:
* TLS mutual authentication
* HTTP *Basic* (local _htpasswd_ and LDAP)
* HTTP *Bearer* token
* Supports Identity-Based Access Control
* Supports live modifications on the config file while zot is running (Authorization config only)
* Inline storage optimizations:
* Automatic garbage collection of orphaned blobs
* Layer deduplication using hard links when content is identical
* Data scrubbing
* Automatic garbage collection of orphaned blobs
* Layer deduplication using hard links when content is identical
* Data scrubbing
* Serve [multiple storage paths (and backends)](https://github.com/project-zot/zot/blob/main/examples/config-multiple.json) using a single zot server
* Pull and synchronize from other dist-spec conformant registries [sync](#sync)
* Pull and [synchronize](../articles/mirroring.md) from other dist-spec conformant registries
* Supports ratelimiting including per HTTP method
* [Metrics](#metrics) with Prometheus
* Using a node exporter in case of minimal zot
* [Metrics](../articles/monitoring.md) with Prometheus
* Using a node exporter in case of minimal zot
* Swagger based documentation
* [zli](https://github.com/project-zot/zot/tree/main/cmd/zli): [command-line client support](#cli)
* Also, [zb](https://github.com/project-zot/zot/tree/main/cmd/zb): [a benchmarking tool](#benchmarking) for dist-spec conformant registries
* [zli](../user-guides/zli.md): command-line client support
* [zb](../articles/benchmarking-with-zb.md): a benchmarking tool for dist-spec conformant registries
* Released under [Apache 2.0 License](https://github.com/project-zot/zot/blob/main/LICENSE)
4 changes: 2 additions & 2 deletions docs/general/whats-new.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,9 @@

## [v1.4.3](https://github.com/project-zot/zot/releases/tag/v1.4.3)

### Support for [OCI Artifacts and References](https://github.com/opencontainers/image-spec/blob/main/artifact.md)
### Support for [OCI Artifacts and References](https://github.com/opencontainers/artifacts)

- The OCI Image Spec v1.1.0 supports arbitrary artifact types and references so that software supply chain use cases can be supported (SBOMs, signatures, etc). Currently, [`oras`](https://github.com/oras-project/oras/releases/tag/v0.16.0) and [`regclient`](https://github.com/regclient/regclient/releases/tag/v0.4.5) support this spec.
- The OCI Image Spec v1.1.0 supports arbitrary artifact types and references so that software supply chain use cases can be supported (SBOMs, signatures, etc). Currently, [`oras`](https://github.com/oras-project/oras) and [`regclient`](https://github.com/regclient/regclient) support this spec.

### Remote-only Storage Support

Expand Down
2 changes: 1 addition & 1 deletion docs/install-guides/install-guide-linux.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ image variations, image locations, and image naming formats.

Using `wget,` download the appropriate zot binary image for your
platform from the [zot GitHub
project](https://github.com/project-zot/zot/releases). Download the
project](https://github.com/project-zot/zot). Download the
image to the\`/usr/bin/\` directory and rename it to `zot,` as in this
example:

Expand Down
10 changes: 5 additions & 5 deletions docs/user-guides/user-guide-datapath.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ shows which content and client tools are demonstrated.
| Content Type | Client |
|---------------|----------------------------------------|
| OCI images | [skopeo](#using-skopeo) |
| OCI images | [regclient](#using-regedit) (`regctl`) |
| OCI images | [regclient](#using-regclient) (`regctl`) |
| OCI images | [crane](#using-crane) |
| OCI artifacts | [oras](#using-oras) |
| Helm charts | [helm](#using-helm) |
Expand Down Expand Up @@ -150,12 +150,12 @@ can omit this command from your `regctl` session.

## Common tasks using oras for OCI artifacts

[ORAS](https://oras.land/cli/) (OCI Registry As Storage) is a command
[ORAS](https://oras.land) (OCI Registry As Storage) is a command
line client for storing OCI artifacts on OCI repositories.

> :pencil2:
> For detailed information about the `oras` commands in these examples,
see the [ORAS CLI documentation](https://oras.land/cli/).
see the [ORAS CLI documentation](https://oras.land/docs/commands/use_oras_cli).


### Push an artifact
Expand Down Expand Up @@ -206,7 +206,7 @@ example:
$ oras pull -u myUsername -p myPassword localhost:5000/hello-artifact:v2 -d -v

> :pencil2:
> For additional authentication options, including interactive credential entry and disabling TLS, see the [ORAS login documentation](https://github.com/oras-project/oras/blob/main/cmd/oras/login.go).
> For additional authentication options, including interactive credential entry and disabling TLS, see the [ORAS authentication documentation](https://oras.land/docs/how_to_guides/authentication).
<a name="using-helm"></a>

Expand Down Expand Up @@ -250,7 +250,7 @@ You will be prompted to manually enter a password.
[crane](https://github.com/google/go-containerregistry/blob/main/cmd/crane/README.md) is an open-source project that provides a command-line interface (CLI) for interacting with container registries, such as Docker Hub and Google Container Registry.

> :pencil2:
> For detailed information about `crane` commands, see the [crane Documentation](https://github.com/google/go-containerregistry/blob/main/cmd/crane/doc/crane.md).
> For detailed information about `crane` commands, see the [crane Documentation](https://github.com/google/go-containerregistry/tree/main/cmd/crane/doc/crane.md).
### Push an OCI image

Expand Down

0 comments on commit 7477dc8

Please sign in to comment.