storage: prevent tag overwrites controlled via configuration

project-zot / zot

zot - A scale-out production-ready vendor-neutral OCI-native container image/artifact registry (purely based on OCI Distribution Specification)

https://zotregistry.dev

Apache License 2.0

881 stars 93 forks source link

storage: prevent tag overwrites controlled via configuration #283

Closed rchincha closed 2 years ago

rchincha commented 2 years ago

Once an image is uploaded with a tag, don't allow overwrites for that same tag. Default should be to prevent the overwrites: "allowOverwrites" set to true explicitly.

andaaron commented 2 years ago

Laurentiu will look into this.

andaaron commented 2 years ago

Suggestion:

Let's have the allowOverwrites flag under http.
In case of attempt to overwrite return error code 405 - Method Not Allowed.

rchincha commented 2 years ago

https://github.com/project-zot/zot/pull/445

^ addresses this issue. However, do we need to make a distinction between any tag and a semver tag?