Merge branch 'master' into no-signing-whitelist
This commit is contained in:
Evan Cordell
GitHub
commit
45bf7efc84
434 changed files with 10877 additions and 11061 deletions
16
config.py
16
config.py
|
|
@ -3,6 +3,8 @@ from uuid import uuid4
|
|||
import os.path
|
||||
import requests
|
||||
|
||||
from _init import ROOT_DIR, CONF_DIR
|
||||
|
||||
|
||||
def build_requests_session():
|
||||
sess = requests.Session()
|
||||
|
|
@ -45,7 +47,7 @@ class ImmutableConfig(object):
|
|||
# Status tag config
|
||||
STATUS_TAGS = {}
|
||||
for tag_name in ['building', 'failed', 'none', 'ready', 'cancelled']:
|
||||
tag_path = os.path.join('buildstatus', tag_name + '.svg')
|
||||
tag_path = os.path.join(ROOT_DIR, 'buildstatus', tag_name + '.svg')
|
||||
with open(tag_path) as tag_svg:
|
||||
STATUS_TAGS[tag_name] = tag_svg.read()
|
||||
|
||||
|
|
@ -263,6 +265,10 @@ class DefaultConfig(ImmutableConfig):
|
|||
# Feature Flag: Whether to enable support for App repositories.
|
||||
FEATURE_APP_REGISTRY = False
|
||||
|
||||
# Feature Flag: If set to true, the _catalog endpoint returns public repositories. Otherwise,
|
||||
# only private repositories can be returned.
|
||||
FEATURE_PUBLIC_CATALOG = False
|
||||
|
||||
# The namespace to use for library repositories.
|
||||
# Note: This must remain 'library' until Docker removes their hard-coded namespace for libraries.
|
||||
# See: https://github.com/docker/docker/blob/master/registry/session.go#L320
|
||||
|
|
@ -296,7 +302,7 @@ class DefaultConfig(ImmutableConfig):
|
|||
# System logs.
|
||||
SYSTEM_LOGS_PATH = "/var/log/"
|
||||
SYSTEM_LOGS_FILE = "/var/log/syslog"
|
||||
SYSTEM_SERVICES_PATH = "conf/init/service/"
|
||||
SYSTEM_SERVICES_PATH = os.path.join(CONF_DIR, "init/service/")
|
||||
|
||||
# Allow registry pulls when unable to write to the audit log
|
||||
ALLOW_PULLS_WITHOUT_STRICT_LOGGING = False
|
||||
|
|
@ -349,7 +355,7 @@ class DefaultConfig(ImmutableConfig):
|
|||
SECURITY_SCANNER_READONLY_FAILOVER_ENDPOINTS = []
|
||||
|
||||
# The indexing engine version running inside the security scanner.
|
||||
SECURITY_SCANNER_ENGINE_VERSION_TARGET = 2
|
||||
SECURITY_SCANNER_ENGINE_VERSION_TARGET = 3
|
||||
|
||||
# The version of the API to use for the security scanner.
|
||||
SECURITY_SCANNER_API_VERSION = 'v1'
|
||||
|
|
@ -400,11 +406,11 @@ class DefaultConfig(ImmutableConfig):
|
|||
INSTANCE_SERVICE_KEY_SERVICE = 'quay'
|
||||
|
||||
# The location of the key ID file generated for this instance.
|
||||
INSTANCE_SERVICE_KEY_KID_LOCATION = 'conf/quay.kid'
|
||||
INSTANCE_SERVICE_KEY_KID_LOCATION = os.path.join(CONF_DIR, 'quay.kid')
|
||||
|
||||
# The location of the private key generated for this instance.
|
||||
# NOTE: If changed, jwtproxy_conf.yaml.jnj must also be updated.
|
||||
INSTANCE_SERVICE_KEY_LOCATION = 'conf/quay.pem'
|
||||
INSTANCE_SERVICE_KEY_LOCATION = os.path.join(CONF_DIR, 'quay.pem')
|
||||
|
||||
# This instance's service key expiration in minutes.
|
||||
INSTANCE_SERVICE_KEY_EXPIRATION = 120
|
||||
|
|
|
|||
Reference in a new issue