vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
This repository has been archived on 2020-03-24. You can view files and clone it, but cannot push or open issues or pull requests.
quay/config.py

247 lines
7.3 KiB
Python
Raw Normal View History

Properly connect the github push webhook with the build worker. Still need to resolve the archive format.
2014-02-18 23:09:14 +00:00
import requests
Cache the status tags and fix the tag for images that were pushed from a build.
2014-03-05 19:35:11 +00:00
import os.path
Use production config in production and dev config in dev.
2013-10-01 03:54:12 +00:00
Switch to the redis backed build logs and status.
2014-02-04 00:08:37 +00:00
from data.buildlogs import BuildLogs
Get the basic tutorial working completely, including reacting to server-side events
2014-02-07 01:58:26 +00:00
from data.userevent import UserEventBuilder
Make the app config more powerful in terms of injecting fake dependencies. Refactor the tests to use metaclasses and to actually all run.
2013-11-07 04:21:12 +00:00
Use production config in production and dev config in dev.
2013-10-01 03:54:12 +00:00
First attempt at making config loadable through string config overrides in an env variable.
2014-04-03 21:31:46 +00:00
def build_requests_session():
sess = requests.Session()
adapter = requests.adapters.HTTPAdapter(pool_connections=100,
pool_maxsize=100)
sess.mount('http://', adapter)
sess.mount('https://', adapter)
return sess
Properly connect the github push webhook with the build worker. Still need to resolve the archive format.
2014-02-18 23:09:14 +00:00
Mark session cookies as secure only.
2014-01-27 22:46:21 +00:00
- Add a config whitelist - Send the config values to the frontend - Add a service class for exposing the config values - Change the directives to inject both Features and Config - Change directive users to make use of the new scope
2014-04-08 23:14:24 +00:00
# The set of configuration key names that will be accessible in the client. Since these
- Make the OAuth config system centralized - Add support for Github Enterprise login
2014-11-05 21:43:37 +00:00
# values are sent to the frontend, DO NOT PLACE ANY SECRETS OR KEYS in this list.
CLIENT_WHITELIST = ['SERVER_HOSTNAME', 'PREFERRED_URL_SCHEME', 'MIXPANEL_KEY',
'STRIPE_PUBLISHABLE_KEY', 'ENTERPRISE_LOGO_URL', 'SENTRY_PUBLIC_DSN',
'AUTHENTICATION_TYPE', 'REGISTRY_TITLE', 'REGISTRY_TITLE_SHORT',
Change docs to load from HTTPS
2015-08-05 18:34:11 +00:00
'CONTACT_INFO', 'AVATAR_KIND', 'LOCAL_OAUTH_HANDLER', 'DOCUMENTATION_LOCATION',
Redirect to the /setup page automatically in the ER when not fully setup
2015-09-02 18:59:54 +00:00
'DOCUMENTATION_METADATA', 'SETUP_COMPLETE']
- Add a config whitelist - Send the config values to the frontend - Add a service class for exposing the config values - Change the directives to inject both Features and Config - Change directive users to make use of the new scope
2014-04-08 23:14:24 +00:00
Add documentation search to the main search bar
2015-08-03 20:56:32 +00:00
def frontend_visible_config(config_dict):
- Add a config whitelist - Send the config values to the frontend - Add a service class for exposing the config values - Change the directives to inject both Features and Config - Change directive users to make use of the new scope
2014-04-08 23:14:24 +00:00
visible_dict = {}
for name in CLIENT_WHITELIST:
if name.lower().find('secret') >= 0:
raise Exception('Cannot whitelist secrets: %s' % name)
if name in config_dict:
visible_dict[name] = config_dict.get(name, None)
return visible_dict
PEP8 fixes.
2013-09-28 00:03:07 +00:00
First attempt at making config loadable through string config overrides in an env variable.
2014-04-03 21:31:46 +00:00
class DefaultConfig(object):
# Flask config
JSONIFY_PRETTYPRINT_REGULAR = False
SESSION_COOKIE_SECURE = False
Fix the tests and the one bug that it highlighted.
2014-02-16 23:59:24 +00:00
Revamp the logging a bit. Not quite done yet.
2014-05-01 23:44:28 +00:00
LOGGING_LEVEL = 'DEBUG'
First attempt at making config loadable through string config overrides in an env variable.
2014-04-03 21:31:46 +00:00
SEND_FILE_MAX_AGE_DEFAULT = 0
POPULATE_DB_TEST_DATA = True
PREFERRED_URL_SCHEME = 'http'
Rename SERVER_NAME to SERVER_HOSTNAME to fix the subdomain routing problems.
2014-04-11 15:17:45 +00:00
SERVER_HOSTNAME = 'localhost:5000'
Fix the tests and the one bug that it highlighted.
2014-02-16 23:59:24 +00:00
WIP
2015-01-04 19:38:41 +00:00
REGISTRY_TITLE = 'CoreOS Enterprise Registry'
REGISTRY_TITLE_SHORT = 'Enterprise Registry'
Make the contact page dynamic so that enterprise customers can configure it however they like
2014-10-22 18:49:33 +00:00
CONTACT_INFO = [
Strip whitespace from ALL the things.
2014-11-24 21:07:38 +00:00
'mailto:support@quay.io',
'irc://chat.freenode.net:6665/quayio',
'tel:+1-888-930-3475',
Make the contact page dynamic so that enterprise customers can configure it however they like
2014-10-22 18:49:33 +00:00
'https://twitter.com/quayio',
]
Replace references seen in the enterprise version to "Quay.io" with a config-pulled value
2014-08-08 17:50:04 +00:00
First attempt at making config loadable through string config overrides in an env variable.
2014-04-03 21:31:46 +00:00
# Mail config
MAIL_SERVER = ''
MAIL_USE_TLS = True
MAIL_PORT = 587
Change the default username and password for flask-mail to None instead of empty string.
2014-11-21 17:32:30 +00:00
MAIL_USERNAME = None
MAIL_PASSWORD = None
Make the default mail sender use the Flask mail config value
2014-10-10 17:14:33 +00:00
MAIL_DEFAULT_SENDER = 'support@quay.io'
First attempt at making config loadable through string config overrides in an env variable.
2014-04-03 21:31:46 +00:00
MAIL_FAIL_SILENTLY = False
TESTING = True
Fix the tests and the one bug that it highlighted.
2014-02-16 23:59:24 +00:00
First attempt at making config loadable through string config overrides in an env variable.
2014-04-03 21:31:46 +00:00
# DB config
Add alembic plumbing for database schema migrations.
2014-04-09 23:11:33 +00:00
DB_URI = 'sqlite:///test/data/test.db'
Switch the registry and index to use real s3 and rds.
2013-09-30 23:10:27 +00:00
DB_CONNECTION_ARGS = {
Fix the trigger delete code and enable peewee autorollback.
2014-03-06 19:47:02 +00:00
'threadlocals': True,
'autorollback': True,
Switch the registry and index to use real s3 and rds.
2013-09-30 23:10:27 +00:00
}
Fix the tests and the one bug that it highlighted.
2014-02-16 23:59:24 +00:00
@staticmethod
def create_transaction(db):
First attempt at making config loadable through string config overrides in an env variable.
2014-04-03 21:31:46 +00:00
return db.transaction()
Fix the tests and the one bug that it highlighted.
2014-02-16 23:59:24 +00:00
DB_TRANSACTION_FACTORY = create_transaction
Add support for not using CDN-based resources. When USE_CDN = False, all CDN-based resources will instead be used from the local system.
2014-05-09 22:49:33 +00:00
# If true, CDN URLs will be used for our external dependencies, rather than the local
# copies.
USE_CDN = True
First stab at LDAP integration.
2014-05-09 21:39:43 +00:00
# Authentication
AUTHENTICATION_TYPE = 'Database'
First attempt at making config loadable through string config overrides in an env variable.
2014-04-03 21:31:46 +00:00
# Build logs
Change the default redis host to localhost. Fix some whitespace issues in the userevents module.
2014-10-14 18:37:02 +00:00
BUILDLOGS_REDIS = {'host': 'localhost'}
Split out the redis hostname for user events and build logs as a string config. Modularize the user events and fix all callers.
2014-05-30 18:25:29 +00:00
BUILDLOGS_OPTIONS = []
Make the app config more powerful in terms of injecting fake dependencies. Refactor the tests to use metaclasses and to actually all run.
2013-11-07 04:21:12 +00:00
First attempt at making config loadable through string config overrides in an env variable.
2014-04-03 21:31:46 +00:00
# Real-time user events
Change the default redis host to localhost. Fix some whitespace issues in the userevents module.
2014-10-14 18:37:02 +00:00
USER_EVENTS_REDIS = {'host': 'localhost'}
Get the basic tutorial working completely, including reacting to server-side events
2014-02-07 01:58:26 +00:00
First attempt at making config loadable through string config overrides in an env variable.
2014-04-03 21:31:46 +00:00
# Stripe config
Fix the tests and implement a fake stripe.
2014-04-10 19:20:16 +00:00
BILLING_TYPE = 'FakeStripe'
Get the basic tutorial working completely, including reacting to server-side events
2014-02-07 01:58:26 +00:00
First attempt at making config loadable through string config overrides in an env variable.
2014-04-03 21:31:46 +00:00
# Analytics
Add a queue capacity reporter plugin to the queue. Move the queue definitions to app. Add a cloudwatch reporter to the dockerfile build queue.
2014-05-21 23:50:37 +00:00
ANALYTICS_TYPE = 'FakeAnalytics'
# Build Queue Metrics
QUEUE_METRICS_TYPE = 'Null'
Make the app config more powerful in terms of injecting fake dependencies. Refactor the tests to use metaclasses and to actually all run.
2013-11-07 04:21:12 +00:00
Add sentry exception monitoring.
2014-04-28 22:59:22 +00:00
# Exception logging
EXCEPTION_LOG_TYPE = 'FakeSentry'
SENTRY_DSN = None
SENTRY_PUBLIC_DSN = None
First attempt at making config loadable through string config overrides in an env variable.
2014-04-03 21:31:46 +00:00
# Github Config
- Make the OAuth config system centralized - Add support for Github Enterprise login
2014-11-05 21:43:37 +00:00
GITHUB_LOGIN_CONFIG = None
GITHUB_TRIGGER_CONFIG = None
- Add a config whitelist - Send the config values to the frontend - Add a service class for exposing the config values - Change the directives to inject both Features and Config - Change directive users to make use of the new scope
2014-04-08 23:14:24 +00:00
Add support for login with Google. Note that this CL is not complete
2014-08-11 19:47:44 +00:00
# Google Config.
- Make the OAuth config system centralized - Add support for Github Enterprise login
2014-11-05 21:43:37 +00:00
GOOGLE_LOGIN_CONFIG = None
Add support for login with Google. Note that this CL is not complete
2014-08-11 19:47:44 +00:00
Work in progress: bitbucket support
2015-04-24 19:13:08 +00:00
# Bitbucket Config.
BITBUCKET_TRIGGER_CONFIG = None
First attempt at making config loadable through string config overrides in an env variable.
2014-04-03 21:31:46 +00:00
# Requests based HTTP client with a large request pool
Properly connect the github push webhook with the build worker. Still need to resolve the archive format.
2014-02-18 23:09:14 +00:00
HTTPCLIENT = build_requests_session()
First attempt at making config loadable through string config overrides in an env variable.
2014-04-03 21:31:46 +00:00
# Status tag config
Cache the status tags and fix the tag for images that were pushed from a build.
2014-03-05 19:35:11 +00:00
STATUS_TAGS = {}
for tag_name in ['building', 'failed', 'none', 'ready']:
tag_path = os.path.join('buildstatus', tag_name + '.svg')
with open(tag_path) as tag_svg:
STATUS_TAGS[tag_name] = tag_svg.read()
Convert over to notifications system. Note this is incomplete
2014-07-18 02:51:58 +00:00
NOTIFICATION_QUEUE_NAME = 'notification'
Add config to allow for setting the queue names at runtime. Fix a bug in the data model.
2014-04-11 23:23:57 +00:00
DIFFS_QUEUE_NAME = 'imagediff'
DOCKERFILE_BUILD_QUEUE_NAME = 'dockerfilebuild'
Add automatic storage replication Adds a worker to automatically replicate data between storages and update the database accordingly
2015-06-28 10:29:22 +00:00
REPLICATION_QUEUE_NAME = 'imagestoragereplication'
Cache the status tags and fix the tag for images that were pushed from a build.
2014-03-05 19:35:11 +00:00
Fix the super user default config. Slight style tweaks to the super user permission implementation.
2014-04-10 19:51:39 +00:00
# Super user config. Note: This MUST BE an empty list for the default config.
SUPER_USERS = []
- Add support for super users - Add a super user API - Add a super user interface
2014-04-10 04:26:55 +00:00
WIP
2015-01-04 19:38:41 +00:00
# Feature Flag: Whether super users are supported.
FEATURE_SUPER_USERS = True
Add a feature flag for disabling unauthenticated access to the registry in its entirety.
2015-05-19 21:52:44 +00:00
# Feature Flag: Whether to allow anonymous users to browse and pull public repositories.
FEATURE_ANONYMOUS_ACCESS = True
- Add code for placing the features information on the frontend - Add a Features service for examining feature flags on the frontend - Add a directive (quay-requires) that matches feature flags and, if any one does not match, removes the element from the DOM - Add a directive (quay-show) that injects the features into the scope so that expressions of the form "Features.BILLING || something" work out of the box to show/hide the element - Add a directive (quay-classes) that allows for setting of CSS classes on an element based on feature expression(s) such as {"!BILLING": "active"} (e.g. the BILLING flag is set to false, add the class "active".
2014-04-05 03:26:10 +00:00
# Feature Flag: Whether billing is required.
Split out the redis hostname for user events and build logs as a string config. Modularize the user events and fix all callers.
2014-05-30 18:25:29 +00:00
FEATURE_BILLING = False
Add a features modules that process the flask dict.
2014-04-03 22:47:17 +00:00
- Add code for placing the features information on the frontend - Add a Features service for examining feature flags on the frontend - Add a directive (quay-requires) that matches feature flags and, if any one does not match, removes the element from the DOM - Add a directive (quay-show) that injects the features into the scope so that expressions of the form "Features.BILLING || something" work out of the box to show/hide the element - Add a directive (quay-classes) that allows for setting of CSS classes on an element based on feature expression(s) such as {"!BILLING": "active"} (e.g. the BILLING flag is set to false, add the class "active".
2014-04-05 03:26:10 +00:00
# Feature Flag: Whether user accounts automatically have usage log access.
Fix support for multiple stack configurations and move most secrets into the quay-config project.
2014-04-07 20:59:22 +00:00
FEATURE_USER_LOG_ACCESS = False
- Add code for placing the features information on the frontend - Add a Features service for examining feature flags on the frontend - Add a directive (quay-requires) that matches feature flags and, if any one does not match, removes the element from the DOM - Add a directive (quay-show) that injects the features into the scope so that expressions of the form "Features.BILLING || something" work out of the box to show/hide the element - Add a directive (quay-classes) that allows for setting of CSS classes on an element based on feature expression(s) such as {"!BILLING": "active"} (e.g. the BILLING flag is set to false, add the class "active".
2014-04-05 03:26:10 +00:00
# Feature Flag: Whether GitHub login is supported.
Switch to having GitHub login off in the default config, since the keys are empty anyway
2014-04-17 02:51:56 +00:00
FEATURE_GITHUB_LOGIN = False
Add the olark feature flag to the default config and fix the usage of flask modules.
2014-04-09 03:05:45 +00:00
Add support for login with Google. Note that this CL is not complete
2014-08-11 19:47:44 +00:00
# Feature Flag: Whether Google login is supported.
FEATURE_GOOGLE_LOGIN = False
Add the olark feature flag to the default config and fix the usage of flask modules.
2014-04-09 03:05:45 +00:00
# Feature flag, whether to enable olark chat
Fix the super user default config. Slight style tweaks to the super user permission implementation.
2014-04-10 19:51:39 +00:00
FEATURE_OLARK_CHAT = False
- Add support for super users - Add a super user API - Add a super user interface
2014-04-10 04:26:55 +00:00
Move GitHub build trigger behind a feature flag.
2014-05-30 22:28:18 +00:00
# Feature Flag: Whether to support GitHub build triggers.
FEATURE_GITHUB_BUILD = False
Add the basics of geographic data distribution and get the tests to work.
2014-06-17 20:03:43 +00:00
Work in progress: bitbucket support
2015-04-24 19:13:08 +00:00
# Feature Flag: Whether to support Bitbucket build triggers.
FEATURE_BITBUCKET_BUILD = False
Add missing default for the gitlab feature flag
2015-05-05 02:04:27 +00:00
# Feature Flag: Whether to support GitLab build triggers.
FEATURE_GITLAB_BUILD = False
Put building behind a feature flag
2014-08-22 22:03:22 +00:00
# Feature Flag: Dockerfile build support.
FEATURE_BUILD_SUPPORT = True
Add a feature flag for disabling all emails
2014-09-22 23:11:48 +00:00
# Feature Flag: Whether emails are enabled.
FEATURE_MAILING = True
Add a feature flag to disable user creation
2014-10-02 18:49:18 +00:00
# Feature Flag: Whether users can be created (by non-super users).
FEATURE_USER_CREATION = True
Temporarily put user rename behind a feature flag. Switch queue names back to using the username for namespace while we figure out a real migration strategy.
2014-11-20 20:36:39 +00:00
# Feature Flag: Whether users can be renamed
FEATURE_USER_RENAME = False
Add support for encrypted client tokens via basic auth (for the docker CLI) and a feature flag to disable normal passwords
2015-03-25 22:43:12 +00:00
# Feature Flag: Whether non-encrypted passwords (as opposed to encrypted tokens) can be used for
# basic auth.
FEATURE_REQUIRE_ENCRYPTED_BASIC_AUTH = False
Add automatic storage replication Adds a worker to automatically replicate data between storages and update the database accordingly
2015-06-28 10:29:22 +00:00
# Feature Flag: Whether to automatically replicate between storage engines.
FEATURE_STORAGE_REPLICATION = False
Better organize the source file structure of the build manager and change it to choose a lifecycle manager based on the config
2014-11-25 21:14:44 +00:00
BUILD_MANAGER = ('enterprise', {})
Add the basics of geographic data distribution and get the tests to work.
2014-06-17 20:03:43 +00:00
DISTRIBUTED_STORAGE_CONFIG = {
Change distributed config format to make it easier for the setup tool
2014-08-07 17:45:15 +00:00
'local_eu': ['LocalStorage', {'storage_path': 'test/data/registry/eu'}],
'local_us': ['LocalStorage', {'storage_path': 'test/data/registry/us'}],
Add the basics of geographic data distribution and get the tests to work.
2014-06-17 20:03:43 +00:00
}
DISTRIBUTED_STORAGE_PREFERENCE = ['local_us']
Add automatic storage replication Adds a worker to automatically replicate data between storages and update the database accordingly
2015-06-28 10:29:22 +00:00
DISTRIBUTED_STORAGE_DEFAULT_LOCATIONS = ['local_us']
Small fixes to bugs in the streaming handler for use with magic and radosgw.
2014-09-09 22:30:14 +00:00
Add a new configurable health check, to make sure production instances are not taken down by Redis or non-local DB issues
2014-11-02 20:06:17 +00:00
# Health checker.
HEALTH_CHECKER = ('LocalHealthCheck', {})
Small fixes to bugs in the streaming handler for use with magic and radosgw.
2014-09-09 22:30:14 +00:00
# Userfiles
USERFILES_LOCATION = 'local_us'
USERFILES_PATH = 'userfiles/'
Merge remote-tracking branch 'origin/master' into waltermitty Conflicts: app.py data/userfiles.py
2014-09-11 15:18:28 +00:00
# Build logs archive
LOG_ARCHIVE_LOCATION = 'local_us'
LOG_ARCHIVE_PATH = 'logarchive/'
- Add a log entry for repo verb handling and make the container usage calculation take it into account - Move all the repo push/pull/verb logging into a central track_and_log method - Readd images accidentally deleted in the last CL - Make the uncompressed size migration script better handle exceptions
2014-10-29 19:42:44 +00:00
# For enterprise:
- Make usage language more accurate by stating "repositories" - Have usage counter be based on a 4 weeks TTL - Add a simple usage counter breakage test
2014-10-30 17:26:02 +00:00
MAXIMUM_REPOSITORY_USAGE = 20
Add ability to download system logs
2014-12-23 19:01:00 +00:00
# System logs.
SYSTEM_LOGS_PATH = "/var/log/"
Fix logs view in superuser panel This seems to have been broken ever since we moved to syslog
2015-06-16 00:55:23 +00:00
SYSTEM_LOGS_FILE = "/var/log/syslog"
SYSTEM_SERVICES_PATH = "conf/init/service/"
Add ability to download system logs
2014-12-23 19:01:00 +00:00
# Services that should not be shown in the logs view.
Allow tags to be marked as hidden. Create a hidden tag on every image during a push to prevent them from getting GCed.
2015-02-18 21:37:38 +00:00
SYSTEM_SERVICE_BLACKLIST = []
# Temporary tag expiration in seconds, this may actually be longer based on GC policy
Switch our temporary token lookups for signed grants which will not require DB access.
2015-02-19 21:54:23 +00:00
PUSH_TEMP_TAG_EXPIRATION_SEC = 60 * 60 # One hour per layer
# Signed registry grant token expiration in seconds
SIGNED_GRANT_EXPIRATION_SEC = 60 * 60 * 24 # One day to complete a push/pull
Switch avatars to be built out of CSS and only overlayed with the gravatar when a non-default exists
2015-03-30 21:55:04 +00:00
Fix and templatize the logic for external JWT AuthN and registry v2 Auth. Make it explicit that the registry-v2 stuff is not ready for prime time.
2015-07-16 19:49:06 +00:00
# Registry v2 JWT Auth config
JWT_AUTH_MAX_FRESH_S = 60 * 5 # At most the JWT can be signed for 300s in the future
JWT_AUTH_CERTIFICATE_PATH = 'conf/selfsigned/jwt.crt'
JWT_AUTH_PRIVATE_KEY_PATH = 'conf/selfsigned/jwt.key.insecure'
Fix OAuth redirect for denial action when generating for internal tokens
2015-06-01 17:43:38 +00:00
# The URL endpoint to which we redirect OAuth when generating a token locally.
LOCAL_OAUTH_HANDLER = '/oauth/localapp'
Switch avatars to be built out of CSS and only overlayed with the gravatar when a non-default exists
2015-03-30 21:55:04 +00:00
# The various avatar background colors.
AVATAR_KIND = 'local'
AVATAR_COLORS = ['#969696', '#aec7e8', '#ff7f0e', '#ffbb78', '#2ca02c', '#98df8a', '#d62728',
'#ff9896', '#9467bd', '#c5b0d5', '#8c564b', '#c49c94', '#e377c2', '#f7b6d2',
'#7f7f7f', '#c7c7c7', '#bcbd22', '#1f77b4', '#17becf', '#9edae5', '#393b79',
'#5254a3', '#6b6ecf', '#9c9ede', '#9ecae1', '#31a354', '#b5cf6b', '#a1d99b',
'#8c6d31', '#ad494a', '#e7ba52', '#a55194']
Make GC of repositories fully async for whitelisted namespaces This change adds a worker to conduct GC on repositories with garbage every 10s. Fixes #144
2015-06-19 18:55:44 +00:00
Add documentation search to the main search bar
2015-08-03 20:56:32 +00:00
# The location of the Quay documentation.
DOCUMENTATION_LOCATION = 'http://docs.quay.io'
Change docs to load from HTTPS
2015-08-05 18:34:11 +00:00
DOCUMENTATION_METADATA = 'https://coreos.github.io/quay-docs/search.json'
Add documentation search to the main search bar
2015-08-03 20:56:32 +00:00
Make GC of repositories fully async for whitelisted namespaces This change adds a worker to conduct GC on repositories with garbage every 10s. Fixes #144
2015-06-19 18:55:44 +00:00
# Experiment: Async garbage collection
EXP_ASYNC_GARBAGE_COLLECTION = []
Reference in a new issue Copy permalink