add admin commands for system, users, gc, audit, security
All checks were successful
CI / Lint & Check (push) Successful in 11s
All checks were successful
CI / Lint & Check (push) Successful in 11s
Phase 6 implementation: - system: version, auth mode, storage volumes - gc, gc-run: schedule, history, manual trigger - users, user-create, user-delete, user-admin, user-passwd - audit, audit-purge: view and purge audit logs - cve-allow: manage system CVE allowlist - scan-all: trigger system-wide vulnerability scan Helpers: paginated_request(), confirm_action(), format_size()
This commit is contained in:
Username
44
TODO.md
44
TODO.md
@@ -12,20 +12,50 @@ Intake buffer for ideas, issues, and unrefined tasks.
|
||||
- Health check endpoint monitoring
|
||||
- Multi-registry support (switch between registries)
|
||||
|
||||
## Deferred Admin Features
|
||||
|
||||
- `registries` - list configured registry endpoints
|
||||
- `registry-create` - add registry endpoint
|
||||
- `registry-test` - test registry connectivity
|
||||
- `replication` - list replication rules/executions
|
||||
- `groups` - user group management (LDAP/OIDC)
|
||||
|
||||
## Issues
|
||||
|
||||
- SSL verification disabled globally (should be configurable)
|
||||
- No timeout configuration for API calls
|
||||
- Delete confirmation reads stdin (breaks piping)
|
||||
- Partial digest matching fetches all artifacts (slow for large repos)
|
||||
(none currently open)
|
||||
|
||||
## Questions
|
||||
|
||||
- Should `--json` output be available on all commands?
|
||||
- Should we support OIDC authentication?
|
||||
- Worth adding `--dry-run` for destructive operations?
|
||||
|
||||
## Debt
|
||||
|
||||
- Error handling inconsistent across commands
|
||||
- Some magic numbers (column widths, timeouts)
|
||||
(none currently open)
|
||||
|
||||
## Resolved
|
||||
|
||||
### Issues (fixed in v0.1.1)
|
||||
|
||||
- SSL verification disabled globally → added `--verify-ssl` flag
|
||||
- No timeout configuration for API calls → added `--timeout` flag
|
||||
- Delete confirmation reads stdin → added TTY check, requires `--force` in non-interactive mode
|
||||
- Partial digest matching fetches all artifacts → limited to first 100 artifacts
|
||||
|
||||
### Debt (fixed in v0.1.1)
|
||||
|
||||
- Error handling inconsistent across commands → added `output.py` with `print_error()`
|
||||
- Some magic numbers (column widths, timeouts) → added `constants.py`
|
||||
|
||||
### Features (added in v0.1.2)
|
||||
|
||||
- Artifact cleanup command (`clean`) with filters: `--untagged`, `--older-than`, `--keep`
|
||||
- Dry-run mode for cleanup preview (`--dry-run`)
|
||||
|
||||
### Features (added in v0.1.3)
|
||||
|
||||
- Admin commands: `system`, `gc`, `gc-run`, `users`
|
||||
- User management: `user-create`, `user-delete`, `user-admin`, `user-passwd`
|
||||
- Audit and security: `audit`, `audit-purge`, `cve-allow`, `scan-all`
|
||||
- Pagination helper for admin endpoints
|
||||
- Confirmation helper for destructive actions
|
||||
|
||||
Reference in New Issue
Block a user