2014-02-18 23:09:14 +00:00
|
|
|
import requests
|
2014-03-05 19:35:11 +00:00
|
|
|
import os.path
|
2013-10-01 03:54:12 +00:00
|
|
|
|
2014-02-04 00:08:37 +00:00
|
|
|
from data.buildlogs import BuildLogs
|
2014-02-07 01:58:26 +00:00
|
|
|
from data.userevent import UserEventBuilder
|
2013-11-07 04:21:12 +00:00
|
|
|
|
2013-10-01 03:54:12 +00:00
|
|
|
|
2014-04-03 21:31:46 +00:00
|
|
|
def build_requests_session():
|
|
|
|
sess = requests.Session()
|
|
|
|
adapter = requests.adapters.HTTPAdapter(pool_connections=100,
|
|
|
|
pool_maxsize=100)
|
|
|
|
sess.mount('http://', adapter)
|
|
|
|
sess.mount('https://', adapter)
|
|
|
|
return sess
|
2014-02-18 23:09:14 +00:00
|
|
|
|
2014-01-27 22:46:21 +00:00
|
|
|
|
2014-04-08 23:14:24 +00:00
|
|
|
# The set of configuration key names that will be accessible in the client. Since these
|
2014-11-05 21:43:37 +00:00
|
|
|
# values are sent to the frontend, DO NOT PLACE ANY SECRETS OR KEYS in this list.
|
|
|
|
CLIENT_WHITELIST = ['SERVER_HOSTNAME', 'PREFERRED_URL_SCHEME', 'MIXPANEL_KEY',
|
|
|
|
'STRIPE_PUBLISHABLE_KEY', 'ENTERPRISE_LOGO_URL', 'SENTRY_PUBLIC_DSN',
|
|
|
|
'AUTHENTICATION_TYPE', 'REGISTRY_TITLE', 'REGISTRY_TITLE_SHORT',
|
2015-08-05 18:34:11 +00:00
|
|
|
'CONTACT_INFO', 'AVATAR_KIND', 'LOCAL_OAUTH_HANDLER', 'DOCUMENTATION_LOCATION',
|
2015-09-02 18:59:54 +00:00
|
|
|
'DOCUMENTATION_METADATA', 'SETUP_COMPLETE']
|
2014-04-08 23:14:24 +00:00
|
|
|
|
|
|
|
|
2015-08-03 20:56:32 +00:00
|
|
|
def frontend_visible_config(config_dict):
|
2014-04-08 23:14:24 +00:00
|
|
|
visible_dict = {}
|
|
|
|
for name in CLIENT_WHITELIST:
|
|
|
|
if name.lower().find('secret') >= 0:
|
|
|
|
raise Exception('Cannot whitelist secrets: %s' % name)
|
|
|
|
|
|
|
|
if name in config_dict:
|
|
|
|
visible_dict[name] = config_dict.get(name, None)
|
|
|
|
|
|
|
|
return visible_dict
|
|
|
|
|
2013-09-28 00:03:07 +00:00
|
|
|
|
2014-04-03 21:31:46 +00:00
|
|
|
class DefaultConfig(object):
|
|
|
|
# Flask config
|
|
|
|
JSONIFY_PRETTYPRINT_REGULAR = False
|
|
|
|
SESSION_COOKIE_SECURE = False
|
2014-02-16 23:59:24 +00:00
|
|
|
|
2014-05-01 23:44:28 +00:00
|
|
|
LOGGING_LEVEL = 'DEBUG'
|
2014-04-03 21:31:46 +00:00
|
|
|
SEND_FILE_MAX_AGE_DEFAULT = 0
|
|
|
|
POPULATE_DB_TEST_DATA = True
|
|
|
|
PREFERRED_URL_SCHEME = 'http'
|
2014-04-11 15:17:45 +00:00
|
|
|
SERVER_HOSTNAME = 'localhost:5000'
|
2014-02-16 23:59:24 +00:00
|
|
|
|
2015-11-02 19:16:04 +00:00
|
|
|
REGISTRY_TITLE = 'Quay Enterprise'
|
|
|
|
REGISTRY_TITLE_SHORT = 'Quay Enterprise'
|
2015-01-04 19:38:41 +00:00
|
|
|
|
2014-10-22 18:49:33 +00:00
|
|
|
CONTACT_INFO = [
|
2014-11-24 21:07:38 +00:00
|
|
|
'mailto:support@quay.io',
|
2015-11-11 20:42:36 +00:00
|
|
|
'irc://chat.freenode.net:6665/quay',
|
2014-11-24 21:07:38 +00:00
|
|
|
'tel:+1-888-930-3475',
|
2014-10-22 18:49:33 +00:00
|
|
|
'https://twitter.com/quayio',
|
|
|
|
]
|
2014-08-08 17:50:04 +00:00
|
|
|
|
2014-04-03 21:31:46 +00:00
|
|
|
# Mail config
|
|
|
|
MAIL_SERVER = ''
|
|
|
|
MAIL_USE_TLS = True
|
|
|
|
MAIL_PORT = 587
|
2014-11-21 17:32:30 +00:00
|
|
|
MAIL_USERNAME = None
|
|
|
|
MAIL_PASSWORD = None
|
2014-10-10 17:14:33 +00:00
|
|
|
MAIL_DEFAULT_SENDER = 'support@quay.io'
|
2014-04-03 21:31:46 +00:00
|
|
|
MAIL_FAIL_SILENTLY = False
|
|
|
|
TESTING = True
|
2014-02-16 23:59:24 +00:00
|
|
|
|
2014-04-03 21:31:46 +00:00
|
|
|
# DB config
|
2014-04-09 23:11:33 +00:00
|
|
|
DB_URI = 'sqlite:///test/data/test.db'
|
2013-09-30 23:10:27 +00:00
|
|
|
DB_CONNECTION_ARGS = {
|
2014-03-06 19:47:02 +00:00
|
|
|
'threadlocals': True,
|
|
|
|
'autorollback': True,
|
2013-09-30 23:10:27 +00:00
|
|
|
}
|
|
|
|
|
2014-02-16 23:59:24 +00:00
|
|
|
@staticmethod
|
|
|
|
def create_transaction(db):
|
2014-04-03 21:31:46 +00:00
|
|
|
return db.transaction()
|
2014-02-16 23:59:24 +00:00
|
|
|
|
|
|
|
DB_TRANSACTION_FACTORY = create_transaction
|
|
|
|
|
2014-05-09 22:49:33 +00:00
|
|
|
# If true, CDN URLs will be used for our external dependencies, rather than the local
|
|
|
|
# copies.
|
|
|
|
USE_CDN = True
|
|
|
|
|
2014-05-09 21:39:43 +00:00
|
|
|
# Authentication
|
|
|
|
AUTHENTICATION_TYPE = 'Database'
|
|
|
|
|
2014-04-03 21:31:46 +00:00
|
|
|
# Build logs
|
2014-10-14 18:37:02 +00:00
|
|
|
BUILDLOGS_REDIS = {'host': 'localhost'}
|
2014-05-30 18:25:29 +00:00
|
|
|
BUILDLOGS_OPTIONS = []
|
2013-11-07 04:21:12 +00:00
|
|
|
|
2014-04-03 21:31:46 +00:00
|
|
|
# Real-time user events
|
2014-10-14 18:37:02 +00:00
|
|
|
USER_EVENTS_REDIS = {'host': 'localhost'}
|
2014-02-07 01:58:26 +00:00
|
|
|
|
2014-04-03 21:31:46 +00:00
|
|
|
# Stripe config
|
2014-04-10 19:20:16 +00:00
|
|
|
BILLING_TYPE = 'FakeStripe'
|
2014-02-07 01:58:26 +00:00
|
|
|
|
2014-04-03 21:31:46 +00:00
|
|
|
# Analytics
|
2014-05-21 23:50:37 +00:00
|
|
|
ANALYTICS_TYPE = 'FakeAnalytics'
|
|
|
|
|
|
|
|
# Build Queue Metrics
|
|
|
|
QUEUE_METRICS_TYPE = 'Null'
|
2013-11-07 04:21:12 +00:00
|
|
|
|
2014-04-28 22:59:22 +00:00
|
|
|
# Exception logging
|
|
|
|
EXCEPTION_LOG_TYPE = 'FakeSentry'
|
|
|
|
SENTRY_DSN = None
|
|
|
|
SENTRY_PUBLIC_DSN = None
|
|
|
|
|
2014-04-03 21:31:46 +00:00
|
|
|
# Github Config
|
2014-11-05 21:43:37 +00:00
|
|
|
GITHUB_LOGIN_CONFIG = None
|
|
|
|
GITHUB_TRIGGER_CONFIG = None
|
2014-04-08 23:14:24 +00:00
|
|
|
|
2014-08-11 19:47:44 +00:00
|
|
|
# Google Config.
|
2014-11-05 21:43:37 +00:00
|
|
|
GOOGLE_LOGIN_CONFIG = None
|
2014-08-11 19:47:44 +00:00
|
|
|
|
2015-04-24 19:13:08 +00:00
|
|
|
# Bitbucket Config.
|
|
|
|
BITBUCKET_TRIGGER_CONFIG = None
|
|
|
|
|
2014-04-03 21:31:46 +00:00
|
|
|
# Requests based HTTP client with a large request pool
|
2014-02-18 23:09:14 +00:00
|
|
|
HTTPCLIENT = build_requests_session()
|
|
|
|
|
2014-04-03 21:31:46 +00:00
|
|
|
# Status tag config
|
2014-03-05 19:35:11 +00:00
|
|
|
STATUS_TAGS = {}
|
|
|
|
for tag_name in ['building', 'failed', 'none', 'ready']:
|
|
|
|
tag_path = os.path.join('buildstatus', tag_name + '.svg')
|
|
|
|
with open(tag_path) as tag_svg:
|
|
|
|
STATUS_TAGS[tag_name] = tag_svg.read()
|
|
|
|
|
2014-07-18 02:51:58 +00:00
|
|
|
NOTIFICATION_QUEUE_NAME = 'notification'
|
2014-04-11 23:23:57 +00:00
|
|
|
DIFFS_QUEUE_NAME = 'imagediff'
|
|
|
|
DOCKERFILE_BUILD_QUEUE_NAME = 'dockerfilebuild'
|
2015-06-28 10:29:22 +00:00
|
|
|
REPLICATION_QUEUE_NAME = 'imagestoragereplication'
|
2015-11-09 23:30:14 +00:00
|
|
|
SECSCAN_NOTIFICATION_QUEUE_NAME = 'secscan_notification'
|
2014-03-05 19:35:11 +00:00
|
|
|
|
2014-04-10 19:51:39 +00:00
|
|
|
# Super user config. Note: This MUST BE an empty list for the default config.
|
|
|
|
SUPER_USERS = []
|
2014-04-10 04:26:55 +00:00
|
|
|
|
2015-01-04 19:38:41 +00:00
|
|
|
# Feature Flag: Whether super users are supported.
|
|
|
|
FEATURE_SUPER_USERS = True
|
|
|
|
|
2015-05-19 21:52:44 +00:00
|
|
|
# Feature Flag: Whether to allow anonymous users to browse and pull public repositories.
|
|
|
|
FEATURE_ANONYMOUS_ACCESS = True
|
|
|
|
|
2014-04-05 03:26:10 +00:00
|
|
|
# Feature Flag: Whether billing is required.
|
2014-05-30 18:25:29 +00:00
|
|
|
FEATURE_BILLING = False
|
2014-04-03 22:47:17 +00:00
|
|
|
|
2014-04-05 03:26:10 +00:00
|
|
|
# Feature Flag: Whether user accounts automatically have usage log access.
|
2014-04-07 20:59:22 +00:00
|
|
|
FEATURE_USER_LOG_ACCESS = False
|
2014-04-05 03:26:10 +00:00
|
|
|
|
|
|
|
# Feature Flag: Whether GitHub login is supported.
|
2014-04-17 02:51:56 +00:00
|
|
|
FEATURE_GITHUB_LOGIN = False
|
2014-04-09 03:05:45 +00:00
|
|
|
|
2014-08-11 19:47:44 +00:00
|
|
|
# Feature Flag: Whether Google login is supported.
|
|
|
|
FEATURE_GOOGLE_LOGIN = False
|
|
|
|
|
2015-09-04 20:14:46 +00:00
|
|
|
# Feature Flag: Whther Dex login is supported.
|
|
|
|
FEATURE_DEX_LOGIN = False
|
|
|
|
|
2014-04-09 03:05:45 +00:00
|
|
|
# Feature flag, whether to enable olark chat
|
2014-04-10 19:51:39 +00:00
|
|
|
FEATURE_OLARK_CHAT = False
|
2014-04-10 04:26:55 +00:00
|
|
|
|
2014-05-30 22:28:18 +00:00
|
|
|
# Feature Flag: Whether to support GitHub build triggers.
|
|
|
|
FEATURE_GITHUB_BUILD = False
|
2014-06-17 20:03:43 +00:00
|
|
|
|
2015-04-24 19:13:08 +00:00
|
|
|
# Feature Flag: Whether to support Bitbucket build triggers.
|
|
|
|
FEATURE_BITBUCKET_BUILD = False
|
|
|
|
|
2015-05-05 02:04:27 +00:00
|
|
|
# Feature Flag: Whether to support GitLab build triggers.
|
|
|
|
FEATURE_GITLAB_BUILD = False
|
|
|
|
|
2014-08-22 22:03:22 +00:00
|
|
|
# Feature Flag: Dockerfile build support.
|
|
|
|
FEATURE_BUILD_SUPPORT = True
|
|
|
|
|
2014-09-22 23:11:48 +00:00
|
|
|
# Feature Flag: Whether emails are enabled.
|
|
|
|
FEATURE_MAILING = True
|
|
|
|
|
2014-10-02 18:49:18 +00:00
|
|
|
# Feature Flag: Whether users can be created (by non-super users).
|
|
|
|
FEATURE_USER_CREATION = True
|
|
|
|
|
2014-11-20 20:36:39 +00:00
|
|
|
# Feature Flag: Whether users can be renamed
|
|
|
|
FEATURE_USER_RENAME = False
|
|
|
|
|
2015-03-25 22:43:12 +00:00
|
|
|
# Feature Flag: Whether non-encrypted passwords (as opposed to encrypted tokens) can be used for
|
|
|
|
# basic auth.
|
|
|
|
FEATURE_REQUIRE_ENCRYPTED_BASIC_AUTH = False
|
|
|
|
|
2015-06-28 10:29:22 +00:00
|
|
|
# Feature Flag: Whether to automatically replicate between storage engines.
|
|
|
|
FEATURE_STORAGE_REPLICATION = False
|
|
|
|
|
2015-09-04 20:14:46 +00:00
|
|
|
# Feature Flag: Whether users can directly login to the UI.
|
|
|
|
FEATURE_DIRECT_LOGIN = True
|
|
|
|
|
2014-11-25 21:14:44 +00:00
|
|
|
BUILD_MANAGER = ('enterprise', {})
|
|
|
|
|
2014-06-17 20:03:43 +00:00
|
|
|
DISTRIBUTED_STORAGE_CONFIG = {
|
2014-08-07 17:45:15 +00:00
|
|
|
'local_eu': ['LocalStorage', {'storage_path': 'test/data/registry/eu'}],
|
|
|
|
'local_us': ['LocalStorage', {'storage_path': 'test/data/registry/us'}],
|
2014-06-17 20:03:43 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
DISTRIBUTED_STORAGE_PREFERENCE = ['local_us']
|
2015-06-28 10:29:22 +00:00
|
|
|
DISTRIBUTED_STORAGE_DEFAULT_LOCATIONS = ['local_us']
|
2014-09-09 22:30:14 +00:00
|
|
|
|
2014-11-02 20:06:17 +00:00
|
|
|
# Health checker.
|
|
|
|
HEALTH_CHECKER = ('LocalHealthCheck', {})
|
|
|
|
|
2014-09-09 22:30:14 +00:00
|
|
|
# Userfiles
|
|
|
|
USERFILES_LOCATION = 'local_us'
|
|
|
|
USERFILES_PATH = 'userfiles/'
|
2014-09-11 15:18:28 +00:00
|
|
|
|
|
|
|
# Build logs archive
|
|
|
|
LOG_ARCHIVE_LOCATION = 'local_us'
|
|
|
|
LOG_ARCHIVE_PATH = 'logarchive/'
|
2014-10-29 19:42:44 +00:00
|
|
|
|
|
|
|
# For enterprise:
|
2014-10-30 17:26:02 +00:00
|
|
|
MAXIMUM_REPOSITORY_USAGE = 20
|
2014-12-23 19:01:00 +00:00
|
|
|
|
|
|
|
# System logs.
|
|
|
|
SYSTEM_LOGS_PATH = "/var/log/"
|
2015-06-16 00:55:23 +00:00
|
|
|
SYSTEM_LOGS_FILE = "/var/log/syslog"
|
|
|
|
SYSTEM_SERVICES_PATH = "conf/init/service/"
|
2014-12-23 19:01:00 +00:00
|
|
|
|
|
|
|
# Services that should not be shown in the logs view.
|
2015-02-18 21:37:38 +00:00
|
|
|
SYSTEM_SERVICE_BLACKLIST = []
|
|
|
|
|
|
|
|
# Temporary tag expiration in seconds, this may actually be longer based on GC policy
|
2015-02-19 21:54:23 +00:00
|
|
|
PUSH_TEMP_TAG_EXPIRATION_SEC = 60 * 60 # One hour per layer
|
|
|
|
|
|
|
|
# Signed registry grant token expiration in seconds
|
|
|
|
SIGNED_GRANT_EXPIRATION_SEC = 60 * 60 * 24 # One day to complete a push/pull
|
2015-03-30 21:55:04 +00:00
|
|
|
|
2015-07-16 19:49:06 +00:00
|
|
|
# Registry v2 JWT Auth config
|
|
|
|
JWT_AUTH_MAX_FRESH_S = 60 * 5 # At most the JWT can be signed for 300s in the future
|
|
|
|
JWT_AUTH_CERTIFICATE_PATH = 'conf/selfsigned/jwt.crt'
|
|
|
|
JWT_AUTH_PRIVATE_KEY_PATH = 'conf/selfsigned/jwt.key.insecure'
|
|
|
|
|
2015-06-01 17:43:38 +00:00
|
|
|
# The URL endpoint to which we redirect OAuth when generating a token locally.
|
|
|
|
LOCAL_OAUTH_HANDLER = '/oauth/localapp'
|
|
|
|
|
2015-03-30 21:55:04 +00:00
|
|
|
# The various avatar background colors.
|
|
|
|
AVATAR_KIND = 'local'
|
|
|
|
AVATAR_COLORS = ['#969696', '#aec7e8', '#ff7f0e', '#ffbb78', '#2ca02c', '#98df8a', '#d62728',
|
|
|
|
'#ff9896', '#9467bd', '#c5b0d5', '#8c564b', '#c49c94', '#e377c2', '#f7b6d2',
|
|
|
|
'#7f7f7f', '#c7c7c7', '#bcbd22', '#1f77b4', '#17becf', '#9edae5', '#393b79',
|
|
|
|
'#5254a3', '#6b6ecf', '#9c9ede', '#9ecae1', '#31a354', '#b5cf6b', '#a1d99b',
|
|
|
|
'#8c6d31', '#ad494a', '#e7ba52', '#a55194']
|
2015-06-19 18:55:44 +00:00
|
|
|
|
2015-08-03 20:56:32 +00:00
|
|
|
# The location of the Quay documentation.
|
|
|
|
DOCUMENTATION_LOCATION = 'http://docs.quay.io'
|
2015-08-05 18:34:11 +00:00
|
|
|
DOCUMENTATION_METADATA = 'https://coreos.github.io/quay-docs/search.json'
|
2015-08-03 20:56:32 +00:00
|
|
|
|
2015-06-19 18:55:44 +00:00
|
|
|
# Experiment: Async garbage collection
|
|
|
|
EXP_ASYNC_GARBAGE_COLLECTION = []
|
2015-10-21 20:35:08 +00:00
|
|
|
|
|
|
|
# Security scanner
|
2015-11-05 21:28:30 +00:00
|
|
|
FEATURE_SECURITY_SCANNER = False
|
2015-10-21 20:35:08 +00:00
|
|
|
SECURITY_SCANNER = {
|
2015-10-28 18:33:41 +00:00
|
|
|
'ENDPOINT': 'http://192.168.99.101:6060',
|
2015-10-13 22:14:52 +00:00
|
|
|
'ENGINE_VERSION_TARGET': 1,
|
2015-10-26 19:13:58 +00:00
|
|
|
'API_VERSION': 'v1',
|
|
|
|
'API_TIMEOUT_SECONDS': 10,
|
2015-10-21 20:35:08 +00:00
|
|
|
}
|