diff --git a/.wordlist.txt b/.wordlist.txt index 2ca6dd6..8def358 100644 --- a/.wordlist.txt +++ b/.wordlist.txt @@ -1,12 +1,14 @@ +accesskey +ACL allocs alongside amd apache -api API -APIs +api apikey APIKeyPayload +APIs artifacthub artifactType ASLR @@ -29,9 +31,10 @@ CD certDir checksum checksums +chunksize CI -cli CLI +cli ClusterIP cmdline CNAME @@ -42,16 +45,16 @@ config ConfigMap conformant containerd -CPUs cpu +CPUs credentialsFile -cri CRI +cri crt CSS cURL -cve CVE +cve CVEListForImage CVEs darwin @@ -72,24 +75,25 @@ Dockerfile dropdown dryRun ExpandedRepoInfo -ExtensionList ExpandedRepoInfo +ExtensionList ExternalName Filebeat filesystem filesystems -freebsd +forcepathstyle FreeBSD +freebsd fullname Fullstack gc gcInterval gcr ghcr -github GitHub -gitlab +github GitLab +gitlab GlobalSearch golang golang's @@ -102,37 +106,40 @@ gui haproxy hostname href -htpasswd html +htpasswd http https -ImageList -ImageListForDigest -ImagesListForCVE -ImagesListWithCVEFixed +IAM ImageIndex ImageList +ImageList ImageListForDigest +ImageListForDigest +ImageManifest +ImagesListForCVE ImagesListForCVE ImagesListWithCVEFixed -ImageManifest +ImagesListWithCVEFixed ImageTags ImageTrust -inlinehilite in-place +inlinehilite io IoT JSON json keepTags KEP +keyid +KMS kubeconfig kubectl kubelet -kubernetes Kubernetes -ldap +kubernetes LDAP +ldap licensable LICENSE Licensor @@ -140,21 +147,26 @@ lifecycle linter linux linuxfoundation -loadbalancer LoadBalancer -loadbalancing +loadbalancer Loadbalancing +loadbalancing localhost +loglevel MacOS maxRetries md MERCHANTABILITY mgmt minify +Minio mkdocs mostRecentlyPulledCount mostRecentlyPushedCount mTLS +multipartcopychunksize +multipartcopymaxconcurrency +multipartcopythresholdsize mutex mutexes myfile @@ -163,20 +175,21 @@ ng nginx NodePort OAuth -oci +objectacl OCI +oci OIDC oidc ok -onboarding Onboarding +onboarding onDemand onlySigned -openjdk OpenAPI OpenID -oras +openjdk ORA +oras OSSF permalink PKI @@ -186,8 +199,8 @@ podman pollInterval pprof PR -PRs prometheus +PRs pulledWithin pullPolicy pushedWithin @@ -196,6 +209,7 @@ rc README regclient regctl +regionendpoint replicaCount repo RepoListWithNewestImage @@ -205,28 +219,32 @@ RepositoryList requestor retryDelay roadmap +rootdirectory runc runtime runtimes -satisfiable Satisfiable +satisfiable SBOM SBOMs SDK +secretkey semver serviceAccount SHA -SLI +skipverify skopeo +SLI SRE SSL stacker +storageclass StrippedConfig stripPrefix stylesheets subcommand -subcommands subcommand's +subcommands subdirectory sublicense subpath @@ -244,12 +262,12 @@ toggleStar toolchain tooltips transactional -trivy Trivy -truststore -truststores +trivy trustStore +truststore trustStores +truststores truststoreType tunable twemoji @@ -257,19 +275,21 @@ UI unrecovered unreviewed untagged -uri URI +uri +URL url urls -URL +usedualstack +useragent userprefs usr UUID VM VMs www -yaml YAML +yaml zb zli zot @@ -278,4 +298,3 @@ zothub zotregistry zui zxp - diff --git a/docs/articles/storage.md b/docs/articles/storage.md index 0c76719..57723da 100644 --- a/docs/articles/storage.md +++ b/docs/articles/storage.md @@ -243,8 +243,35 @@ To configure an Amazon Simple Storage Service (s3) bucket for zot, use the `stor } ``` -For descriptions of the configurable attributes for `storageDriver`, see the [s3 storage driver](https://github.com/docker/docker.github.io/blob/master/registry/storage-drivers/s3.md) project in GitHub. - +The following table lists the attributes of `storageDriver` when configuring s3 for remote storage: + +| Attribute | Required | Description | +|-----------------------------|----------|------------------------------------------------------------------------------------------------------------------------------------| +| name | yes | Name of storage driver. Only `s3` is supported for now. | +| accesskey | no | Your AWS Access Key. If you use IAM roles, omit to fetch temporary credentials from IAM. | +| secretkey | no | Your AWS Secret Key. If you use IAM roles, omit to fetch temporary credentials from IAM. | +| region | yes | The AWS region in which your bucket exists. | +| regionendpoint | no | Endpoint for S3 compatible storage services (Minio, etc). | +| forcepathstyle | no | To enable path-style addressing when the value is set to true. The default is true. | +| bucket | yes | The bucket name in which you want to store the registry’s data. | +| encrypt | no | Specifies whether the registry stores the image in encrypted format or not. A boolean value. The default is false. | +| keyid | no | Optional KMS key ID to use for encryption (encrypt must be true, or this parameter is ignored). The default is none. | +| secure | no | Indicates whether to use HTTPS instead of HTTP. A boolean value. The default is true. | +| skipverify | no | Skips TLS verification when the value is set to true. The default is false. | +| v4auth | no | Indicates whether the registry uses Version 4 of AWS’s authentication. The default is true. | +| chunksize | no | The S3 API requires multipart upload chunks to be at least 5MB. This value should be a number that is larger than 5 * 1024 * 1024. | +| multipartcopychunksize | no | Default chunk size for all but the last S3 Multipart Upload part when copying stored objects. | +| multipartcopymaxconcurrency | no | Max number of concurrent S3 Multipart Upload operations when copying stored objects. | +| multipartcopythresholdsize | no | Default object size above which S3 Multipart Upload will be used when copying stored objects. | +| rootdirectory | no | This is a prefix that is applied to all S3 keys to allow you to segment data in your bucket if necessary. | +| storageclass | no | The S3 storage class applied to each registry file. The default is STANDARD. | +| useragent | no | The User-Agent header value for S3 API operations. | +| usedualstack | no | Use AWS dual-stack API endpoints. | +| accelerate | no | Enable S3 Transfer Acceleration. | +| objectacl | no | The S3 Canned ACL for objects. The default value is “private”. | +| loglevel | no | The log level for the S3 client. The default value is off. | + +For more information, see the [s3 storage driver docs](https://distribution.github.io/distribution/storage-drivers/s3/). ### s3 Credentials