Add ability to restrict V1 push behind a namespace whitelist
Also enables the feature by default with an empty whitelist for QE Fixes https://jira.coreos.com/browse/QUAY-1342
This commit is contained in:
parent
d3dd2f7b7c
commit
b86d389c8e
9 changed files with 99 additions and 7 deletions
|
@ -23,6 +23,7 @@ def add_enterprise_config_defaults(config_obj, current_secret_key):
|
|||
config_obj['FEATURE_APP_SPECIFIC_TOKENS'] = config_obj.get('FEATURE_APP_SPECIFIC_TOKENS', True)
|
||||
config_obj['FEATURE_PARTIAL_USER_AUTOCOMPLETE'] = config_obj.get('FEATURE_PARTIAL_USER_AUTOCOMPLETE', True)
|
||||
config_obj['FEATURE_USERNAME_CONFIRMATION'] = config_obj.get('FEATURE_USERNAME_CONFIRMATION', True)
|
||||
config_obj['FEATURE_RESTRICTED_V1_PUSH'] = config_obj.get('FEATURE_RESTRICTED_V1_PUSH', True)
|
||||
|
||||
# Default features that are off.
|
||||
config_obj['FEATURE_MAILING'] = config_obj.get('FEATURE_MAILING', False)
|
||||
|
|
|
@ -955,6 +955,19 @@ CONFIG_SCHEMA = {
|
|||
'description': 'If set to true, users can confirm their generated usernames. Defaults to True',
|
||||
'x-example': False,
|
||||
},
|
||||
|
||||
# Feature Flag: V1 push restriction.
|
||||
'FEATURE_RESTRICTED_V1_PUSH': {
|
||||
'type': 'boolean',
|
||||
'description': 'If set to true, only namespaces listed in V1_PUSH_WHITELIST support V1 push. Defaults to True',
|
||||
'x-example': False,
|
||||
},
|
||||
|
||||
# Feature Flag: V1 push restriction.
|
||||
'V1_PUSH_WHITELIST': {
|
||||
'type': 'array',
|
||||
'description': 'The array of namespace names that support V1 push if FEATURE_RESTRICTED_V1_PUSH is set to true.',
|
||||
'x-example': ['some', 'namespaces'],
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
|
|
Reference in a new issue