projquay-8633 accepting dates in DD MMM YYYY format + calendar button is visible + fixing alignment across entire toolbox + improved logic for consistency across different browser language settings
* chore: move github runners to ubuntu-22.04
* use docker image with openssl 1.1 preinstalled
* using non-interactive mode for github actions
* remove starting docker
* remove starting docker service
* install openssl 1.1 on ubuntu-22.04
* minor fixes
* compiling from source
* check openssl version
* check openssl version before running tox
* use exports when running tox
* fix typo
* overwrite OPENSSL_VERSION var
* minor fixes
* use python3.9 before installing openssl-1.1
* download python and configure openssl1.1
* adding sudo to configure
* use sudo for make
* minor fixes
* using python venv to run tox
* Apply changes to all tests
* storage: Enable multipart upload for Google Cloud Storage (PROJQUAY-6862)
This PR removes the `_stream_write_internal` function override that caused excessive memory consumption and defaults to the old one which chunks uploads. Server assembly is still not suppored by GCS, so we have to assemble everything locally. However, GCS does support the copy function, so a reupload is not needed.
~~~
REPOSITORY TAG IMAGE ID CREATED SIZE
registry.fedoraproject.org/fedora latest ecd9f7ee77f4 2 days ago 165 MB
quay.skynet/ibazulic/big-mirror-test size138gb 8e6ba9ff13c0 3 days ago 148 GB
quay.skynet/quay-mirror/big-mirror-test size138gb 8e6ba9ff13c0 3 days ago 148 GB
quay.skynet/ibazulic/mfs-image-test latest ab14f2230dd9 7 days ago 5.96 GB
quay.skynet/ibazulic/azure-storage-big-file-test latest ede194b926e0 7 days ago 16.1 GB
quay.skynet/ibazulic/minio/minio latest 76ed5b96833a 6 weeks ago 532 B
Getting image source signatures
Copying blob 9d9c3d76c421 done |
Copying blob fce7cf3b093c skipped: already exists
Copying config 8e6ba9ff13 done |
Writing manifest to image destination
~~~
For uploading extremely big layers, 5 MiB as the default chunk size is not enough. The PR also enables support for user-defined chunk sizes via `minimum_chunk_size_mb` and `maximum_chunk_size_mb` which default to 5 Mib and 100 MiB respectively.
* Remove maximum_chunk_size_mb as it's not needed
Fixes bug where removing a MW02702 sub after all it's quantities have been bound causes the next item in the subscription list to be skipped over, resulting in a malformed api response for the marketplace endpoint.
When an image is pulled by digest, a temp tag is created to prevent the manifest from being garbage collected. This is true when a manifest list is pulled by tag as well. However, if this temporary tag expires (default is 1 day for proxied organizations) and the same manifest is pulled again by digest, the system attempts to create the manifest again, leading to an integrity error because the manifest already exists in the database.
---------
Co-authored-by: shudeshp <shudeshp@redhat.com>
chore: Fix security url template variable (PROJQUAY-8650)
Fixes the wrong name of the variable for the security link in the base template. All links should show properly now.
When deploying Quay in a Secure AWS environment, we can't use IAM Access Keys or Secrets since these credentials are often blocked for multiple reasons (credentials are long-lived, can be shared / stolen, etc.). So the preferred deployment method is to use an alternative method, like the Web Identity Token files that are automatically created in a Kubernetes cluster that has a federation link with IAM using the OIDC provider federation.
The current code of Quay force the use of an IAM account that is then used to assume another role that has S3 access to store the image files. The current pull request removes the need to use that IAM account and allows to directly assume the correct role using Web Identity Tokens while retaining compatibility with the old method of using IAM credentials.
The code relies on the automatic detection of the correct configurations using environment variables where possible. The code has been tested on an OpenShift cluster deployed using manual mode with AWS STS.
Fixes a bug where the annotation is required at the manifest level even if artifactType is present. The modelcard should only be indicated by the artifact type and layer annotation for oci artifacts.
* ui: implement change to render modelcard stored in layers (PROJQUAY-8412)
When a manifest has certain annotations or artifactTypes, render the
applicable modelcard markdown in a new tags detail tab.
* removing untar when fetching model card
* removing extra api calls
* Add modelcar check tests
---------
Co-authored-by: bcaton <bcaton@redhat.com>
