vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
6619 commits 2 branches 62 tags 205 MiB
Commit graph

942 commits

Author SHA1 Message Date
Joseph Schorr
a9a75cd4cf Add a test for selecting images to be scanned 2016-12-14 00:07:48 -05:00
Joseph Schorr
624b2a8385 Have security scanner analyze only send notifications for *new* layers 
Following this change, anytime a layer is indexed by the security scanner, we only send notifications out if the layer previously had a security_indexed_engine value of `-1`, thus ensuring it has *never* been indexed previously. This will allow us to change to version of the security scanner upwards, and have all the images be re-indexed, without firing off notifications in a spammy manner.
 2016-12-13 23:17:11 -05:00
Evan Cordell
5686c80af1 Revert "Add GC of layers in Clair" 
This reverts 49872838ab
 2016-12-13 18:40:58 -05:00
Joseph Schorr
1302fd2fbd Switch csrf token check to use compare_digest to prevent timing attacks 
Also adds some additional tests for CSRF tokens
 2016-12-08 23:46:31 -05:00
Joseph Schorr
dbdcb802b1 Add end-to-end OAuth login and attach tests 2016-12-08 18:35:42 -05:00
josephschorr
410b9d74fc Merge pull request #2214 from coreos-inc/clair-gc 
Add GC of layers in Clair
 2016-12-07 17:58:21 -05:00
josephschorr
111b7b0788 Merge pull request #2206 from coreos-inc/ldap-user-search-fix 
Fix external auth returns for query_user calls
 2016-12-07 17:53:04 -05:00
Jimmy Zelinskie
00eafff747 Merge pull request #2204 from jzelinskie/429builds 
add rate limiting to build queues
 2016-12-07 15:03:31 -05:00
Joseph Schorr
3203fd6de1 Fix external auth returns for query_user calls 
Adds the missing field on the query_user calls, updates the external auth tests to ensure it is returned properly, and adds new end-to-end tests which call the external auth engines via the *API*, to ensure this doesn't break again
 2016-12-07 14:28:42 -05:00
Jimmy Zelinskie
ebbe58d311 replace prefix w/ canonical name list 2016-12-07 12:56:56 -05:00
Joseph Schorr
49872838ab Add GC of layers in Clair 
Fixes https://www.pivotaltracker.com/story/show/135583207
 2016-12-06 19:52:56 -05:00
Jimmy Zelinskie
eb69abff8b build rate limiting: tests 2016-12-06 16:30:12 -05:00
Jake Moshenko
21e3001446 Add a bulk insert for queue and notifications. 
Use it for Clair spawned notifications.
 2016-12-06 14:00:16 -05:00
Joseph Schorr
97d150e281 Have QSS only add security scanner notifications once 2016-12-05 19:08:20 -05:00
Joseph Schorr
a565251b58 Remove check that breaks under full db tests 2016-12-02 17:46:01 -05:00
Charlton Austin
0a6322015c Fix the queue item delete. 2016-12-02 15:30:35 -05:00
Antoine Legrand
784c5f4fc7 Merge pull request #2160 from ant31/use_pytest 
Add pytest, tox  and code-coverage to run tests
 2016-12-02 15:53:40 +01:00
Joseph Schorr
fdff0bee4e Add configurable Docker host in full db tests 2016-12-01 15:45:08 -05:00
josephschorr
64c954dc58 Merge pull request #2182 from coreos-inc/fix-full-db-tests 
Fix full database test script to not fail randomly
 2016-12-01 14:33:22 -05:00
Charlton Austin
1f03fcb146 Adding in notification type for notification kind. 2016-12-01 12:26:18 -05:00
Joseph Schorr
e6ee538e15 Fix full database test script to not fail randomly 
- Switches database schema creation to alembic, which solves the MySQL issue (and makes sure we test migrations as well)
- Adds a few time.sleep(1) to work around MySQL's second-precision issue when adding items to queues and then immediately retrieving them
- Disables the storage proxy tests when running against non-SQLite databases, as it causes failures with the multiple process and multiple transactions
- Changes initdb to support only populating the database, as well as fixing a few small items around the test data when working with non-SQLite data
 2016-11-30 18:24:08 -05:00
Charlton Austin
2c637fe5ce Merge pull request #2173 from charltonaustin/adding_in_build_cancel_notifications 
Adding in cancel notifications
 2016-11-30 15:03:17 -05:00
Charlton Austin
4103a0b75f Adding in cancel notifications 2016-11-30 14:38:34 -05:00
Joseph Schorr
236655adb4 Fix config validator for storage and add a test suite 
Note that the test suite doesn't fully verify that each validation succeeds; rather, it ensures that the proper system (storage, security scanning, etc) is called with the configuration and returns at all (usually with an expected error). This should prevent us from forgetting to update these code paths when we change config-based systems. Longer term, we might want to have these tests stand up fake/mock versions of the endpoint services as well, for end-to-end testing.
 2016-11-30 11:58:41 -05:00
Joseph Schorr
402ad25690 Change team invitation acceptance to join all invited teams under the org 
Fixes #1989
 2016-11-28 18:39:28 -05:00
Evan Cordell
b4ace1dd29 registry auth tests: test more access types 2016-11-28 14:02:08 -05:00
Evan Cordell
9e96e6870f Add support for * (admin) permission to registry auth v2 endpoint 2016-11-28 14:02:08 -05:00
ant31
2eaa8a4a1b Add pytest and tox to run tests 2016-11-28 13:13:07 +01:00
Jimmy Zelinskie
498d7fc15e Merge pull request #2143 from jakedt/makebuildmanasyncagain 
Make buildman async again
 2016-11-21 15:08:06 -05:00
Charlton Austin
2fe74e4057 Adding in UI for cancel anytime. 2016-11-21 10:58:32 -05:00
Jake Moshenko
f0ef4347e5 Make the redis client use AsyncWrapper and coroutines 
Change all log messages to be synchronous
 2016-11-18 15:59:14 -05:00
Jake Moshenko
5935e93eb8 Linter fixes. 2016-11-18 15:56:08 -05:00
Joseph Schorr
0b549125d9 Fix 500 on get label endpoint and add a test 
Fixes #2133
 2016-11-17 14:55:14 -05:00
Joseph Schorr
69e2cfad70 Fix github trigger when submitting a webhook without a head_commit 
Fixes #2125
 2016-11-16 14:14:17 -05:00
josephschorr
1346b7fb63 Merge pull request #2105 from coreos-inc/frack-swift 
Fix swift exception reporting on deletion and add async chunk cleanup
 2016-11-15 17:59:48 -05:00
Joseph Schorr
5f99448adc Add a chunk cleanup queue for async GC of empty chunks 
Instead of having the Swift storage engine try to delete the empty chunk(s) synchronously, we simply queue them and have a worker come along after 30s to delete the empty chunks. This has a few key benefits: it is async (doesn't slow down the push code), helps deal with Swift's eventual consistency (less retries necessary) and is generic for other storage engines if/when they need this as well
 2016-11-15 15:07:41 -05:00
Joseph Schorr
1a61ef4e04 Report the user's name and company to Marketo 
Also fixes the API to report the other changes (username and email) as well
 2016-11-14 17:34:50 -05:00
Joseph Schorr
59cb6bd216 Make sure to not log exceptions if Swift deletes fail 2016-11-11 14:17:32 -05:00
Joseph Schorr
3d221bcdd7 Add tests for the Swift storage layer using a fake swift engine 2016-11-10 15:43:03 -05:00
josephschorr
45b1148118 Merge pull request #2086 from coreos-inc/user-info 
Add collection of user metadata: name and company
 2016-11-09 13:15:07 -05:00
Joseph Schorr
bf2804bd4d Add a test for deleting a user with a user prompt 2016-11-08 18:27:12 -05:00
Joseph Schorr
0f2eb61f4a Add collection of user metadata: name and company 2016-11-08 16:15:02 -05:00
josephschorr
233b2be5c2 Merge pull request #2066 from coreos-inc/select-username 
Add support for temp usernames and an interstitial to confirm username
 2016-11-03 16:22:16 -04:00
Joseph Schorr
1e3b354201 Add support for temp usernames and an interstitial to confirm username 
When a user now logs in for the first time for any external auth (LDAP, JWT, Keystone, Github, Google, Dex), they will be presented with a confirmation screen that affords them the opportunity to change their Quay-assigned username.

Addresses most of the user issues around #74
 2016-11-03 15:59:14 -04:00
Joseph Schorr
3fd92aef35 Fix entity search API to not IndexError 2016-11-02 16:22:35 -04:00
josephschorr
840ea4e768 Merge pull request #2047 from coreos-inc/external-auth-email-optional 
Make email addresses optional in external auth if email feature is turned off
 2016-10-31 14:16:33 -04:00
Joseph Schorr
d7f56350a4 Make email addresses optional in external auth if email feature is turned off 
Before this change, external auth such as Keystone would fail if a user without an email address tried to login, even if the email feature was disabled.
 2016-10-31 13:50:24 -04:00
Joseph Schorr
bab17932ac Fix namespace lookup in V1 registry search 
Fixes #2053
 2016-10-31 13:24:40 -04:00
josephschorr
934cdecbd6 Merge pull request #1905 from coreos-inc/external-auth-search 
Add support for entity search against external auth users not yet linked
 2016-10-27 16:06:42 -04:00
Joseph Schorr
b3d1d7227c Add support to Keystone Auth for external user linking 
Also adds Keystone V3 support
 2016-10-27 15:42:03 -04:00
Joseph Schorr
fbb524e34e Add support to ExternalJWT Auth for external user linking 2016-10-27 15:42:03 -04:00
Joseph Schorr
f9ee8d2bef Add support to LDAP for external user linking 2016-10-27 15:42:03 -04:00
Joseph Schorr
d145222812 Add support for linking to external users in entity search 2016-10-27 15:42:03 -04:00
Jimmy Zelinskie
30821569a4 key server: fix tests by exporting jwk_with_kid 2016-10-25 16:14:18 -04:00
josephschorr
500a218768 Merge pull request #1875 from coreos-inc/max-chunk-size 
Make sure we don't generate chunk sizes larger than 5 GB.
 2016-10-25 14:12:31 -04:00
Joseph Schorr
bfe2646a50 Make sure we don't generate chunk sizes larger than 5 GB. 
Amazon S3 does not allow for chunk sizes larger than 5 GB; we currently don't handle that case at all, which is why large uploads are failing. This change ensures that if a storage engine specifies a *maximum* chunk size, we write multiple chunks no larger than that size.
 2016-10-25 13:57:49 -04:00
Jake Moshenko
6f815907a4 Merge pull request #2030 from jakedt/twooh 
Prepare the changelog for v2.0.0
 2016-10-24 16:30:49 -04:00
Charlton Austin
dc35769396 Merge pull request #2022 from charltonaustin/refactor_for_cancel_anytime 
Making some refactors to make it easier to cancel the build at any time.
 2016-10-24 16:17:55 -04:00
Jake Moshenko
45bacbabaa s/Regions/Deployments 2016-10-24 16:04:04 -04:00
Charlton Austin
1cde22e76c Making some refactors to make it easier to cancel the build at any time. 2016-10-24 15:59:33 -04:00
Joseph Schorr
19393a8619 Add a test for deleting a user with federated login 2016-10-21 17:55:22 -04:00
Joseph Schorr
5ed13da2e6 Add missing security test for delete org 2016-10-21 17:37:49 -04:00
Joseph Schorr
73eb66eac5 Add support for deleting namespaces (users, organizations) 
Fixes #102
Fixes #105
 2016-10-21 15:41:09 -04:00
Joseph Schorr
864c44501e Fix global messages by removing "extra" method 
I think this happened due to a bad merge.
 2016-10-20 13:53:51 -04:00
josephschorr
67dde6e154 Merge pull request #1852 from coreos-inc/underscore_orgs 
Better handling of namespace validation to fix a number of issues
 2016-10-20 13:36:32 -04:00
Joseph Schorr
3a68740ff7 Better handling of namespace validation to fix a number of issues 
- Fixes a bug which allows for underscores at the beginning of namespaces: Fixes #1849
- Allows dots and dashes for newer Docker clients: Fixes #1188
- Has the UI display better messaging associated with namespace entry
 2016-10-20 13:32:22 -04:00
Joseph Schorr
2eabf1a291 Fix tests and test provider for real license format 2016-10-18 23:44:08 -04:00
Joseph Schorr
67f828279d Switch the license validator to use config_provider and have a test license 
Fixes the broken tests currently which try (and fail) to read the license file
 2016-10-18 11:44:13 -04:00
Joseph Schorr
7a6fb7554d Only attempt to load the license for the setup tool once there is a valid user 
Prevents the 401 session expired box from appearing
 2016-10-17 21:57:17 -04:00
Joseph Schorr
ee96693252 Add superuser config section for updating license 2016-10-17 21:44:25 -04:00
Jimmy Zelinskie
0c5400b7d1 enforce license across registry blueprints 2016-10-17 21:43:45 -04:00
Joseph Schorr
8fe29c5b89 Add license upload step to the setup flow 
Fixes #853
 2016-10-17 21:43:15 -04:00
Charlton Austin
f45aac063e Merge pull request #2005 from charltonaustin/fix_spacing_for_motd 
Moving the messages endpoint to something more generic, and making th…
 2016-10-17 17:21:03 -04:00
Charlton Austin
8e5dc8d3db Moving the messages endpoint to something more generic, and making the get visible all the time. 2016-10-17 16:23:48 -04:00
Joseph Schorr
3439f814b6 Fix quoting of scopes in WWW-Authenticate header 
Fixes part of #2002
 2016-10-17 14:32:43 -04:00
Joseph Schorr
18097a1bd6 Fix Link headers for pagination to match RFC 
Fixes part of #2002
 2016-10-17 13:57:05 -04:00
josephschorr
b4dd04cca4 Merge pull request #1996 from coreos-inc/aci-con-test-fix 
Add a sleep to fix ACI conversion tests
 2016-10-14 16:25:57 -04:00
Joseph Schorr
886489c666 Fix NPE raised if a vulnerability notification doesn't have a level filter 
Fixes #1990
 2016-10-14 14:23:50 -04:00
Joseph Schorr
c3ce491f02 Add a sleep to fix ACI conversion tests 
This ensures that the cache is cleared before the second request is made
 2016-10-14 13:36:47 -04:00
Charlton Austin
97d644d95d Adding in the delete api and the delete and create UI. 2016-10-13 10:40:52 -04:00
charltonaustin
5546fa6214 Adding in messages table 2016-10-11 10:55:12 -04:00
Charlton Austin
be916fb6ed Merge pull request #1966 from charltonaustin/j_code_review_comments 
Adding in security tests and docs.
 2016-10-11 09:50:47 -04:00
charltonaustin
5a4b702888 Adding in security tests and docs. 2016-10-11 09:30:37 -04:00
Jake Moshenko
7a3ee86e53 Merge pull request #1957 from jakedt/absolutecorruption 
Always use absolute URLs in Location headers.
 2016-10-10 18:25:29 -04:00
Jake Moshenko
df1f35e9f9 Always use absolute URLs in Location headers. 
This works around docker/docker#15048
 2016-10-10 16:30:24 -04:00
josephschorr
7fc33a9a57 Merge pull request #1965 from coreos-inc/condense-slack-notifications 
Less verbose notifications for QSS
 2016-10-10 15:38:12 -04:00
Joseph Schorr
ebf4120326 Less verbose notifications for QSS 
Fixes #1914
 2016-10-10 15:18:49 -04:00
charltonaustin
fa10d799b2 Adding in one more unit test. 2016-10-10 14:00:20 -04:00
charltonaustin
14eb3005b6 Some fixes for code review. 2016-10-10 12:55:00 -04:00
charltonaustin
1e733ddffb Adding in a new message data model and the corresponding methods to in the API. 2016-10-07 15:56:58 -04:00
charltonaustin
002f533bf8 Creating message api. 2016-10-07 10:22:30 -04:00
josephschorr
6b33503d8c Merge pull request #1939 from coreos-inc/unicode-search 
Handle unicode in entity search
 2016-10-04 22:19:59 +03:00
Joseph Schorr
ff0a292548 Handle unicode in entity search 
Fixes #1934
 2016-10-04 21:56:47 +03:00
josephschorr
768459ef86 Merge pull request #1938 from coreos-inc/v2-missing-parent-test 
Add parent mis-ordered registry test
 2016-10-04 21:53:13 +03:00
josephschorr
d8bef56e68 Merge pull request #1933 from coreos-inc/test-notifications-api 
Add a test for issuing test notifications
 2016-10-04 20:15:11 +03:00
Joseph Schorr
a046141708 Add parent mis-ordered registry test 2016-10-04 19:26:12 +03:00
Joseph Schorr
f4e1748bb7 Fix parent rewrite bug in schema1 manifest code and add a bunch more tests 
Before this change, if you ended up writing a middle layer whose parent is not in the database, the manifest would fail to rewrite. We now just lookup the parent image in the manifest given to us, ignoring whether it is in the database or not (as it doesn't actually matter if not present; it'll be created if necessary).
 2016-10-04 09:15:27 -04:00
Joseph Schorr
fdcedafe91 Add a test for issuing test notifications 2016-10-04 10:57:32 +03:00
Evan Cordell
42ebb0a6c3 Record metrics in a separate etcd record 2016-10-03 16:11:37 -04:00
Joseph Schorr
f72cb1d2ba Fix tags API pagination and add a test 2016-10-03 22:06:31 +03:00