vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
7619 commits 2 branches 62 tags 205 MiB
Commit graph

1894 commits

Author SHA1 Message Date
Jimmy Zelinskie
702cdf59ff Merge pull request #2637 from jzelinskie/audit-apps 
Audit Logs for Apps
 2017-05-16 17:06:25 -04:00
Jimmy Zelinskie
4db789b656 add audit logging to app registry endpoints 2017-05-16 15:54:02 -04:00
Charlton Austin
6023e15274 Merge pull request #2638 from charltonaustin/fix_build 
fix(endpoints): fix build
 2017-05-12 15:32:19 -05:00
Charlton Austin
e8c4cc49bd fix(endpoints): fix build 
forgot to add this

Issue: https://www.pivotaltracker.com/story/show/144661631

- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
 2017-05-12 15:27:56 -05:00
Charlton Austin
18e01369d4 Merge pull request #2632 from charltonaustin/quay_cant_find_a_dockerfile_in_a_branch_of_a_github_repo_144661631 
fix(trigger.py): fixed robot view no dockerfile
 2017-05-12 15:21:41 -05:00
Charlton Austin
4ec55665de fix(endpoints): add tests 
this adds tests to the analyze trigger api

[testing -> locally using pytest]

Issue: https://www.pivotaltracker.com/story/show/144661631

- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
 2017-05-12 13:58:05 -05:00
Jake Moshenko
4189422340 Use MAIL_DEFAULT_SENDER as the sender in email notifications 2017-05-10 14:24:27 -04:00
Charlton Austin
3b728014ac fix(trigger.py): fixed robot view no dockerfile 
fixed how we create views where there is no dockerfile available

[TESTING -> local with dockerfile build]

Issue: https://www.pivotaltracker.com/story/show/144661631

- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
 2017-05-08 17:18:03 -04:00
Joseph Schorr
db767b3610 Optimize lookup of org membership on prototype and perms APIs 
Fixes a major slowdown when working with permissions under organizations with a lot of members

Fixes https://www.pivotaltracker.com/story/show/144076113
 2017-05-08 14:03:59 -04:00
josephschorr
5d88bccef7 Merge pull request #2617 from coreos-inc/search-ordering 
Search ordering and performance fixes
 2017-05-04 13:16:30 -04:00
Joseph Schorr
227aa8ab8c Ensure that search doesn't make extra SQL lookups 
Before this change, we were  accessing the `.kind` on the repository object, which caused peewee to make an extra lookup for each result
 2017-05-04 13:08:09 -04:00
EvB
467c72a9ac code-stye Yapf: 2 files updated 2017-05-04 11:33:36 -04:00
EvB
25b9d044de test(api/tag): test restore_tag 2017-05-04 11:19:25 -04:00
EvB
6e894d5f24 refactor(api/tag): remove try/catch 2017-05-04 11:19:25 -04:00
EvB
eb9db0c53b test(api/tag): unit test movetag 2017-05-04 11:19:25 -04:00
EvB
70508e3692 feat(api/tag): generate manifest on revert_tag action 2017-05-04 11:19:25 -04:00
EvB
f7bf6a223c feat(api/tag): generate manifest on tag 2017-05-04 11:19:25 -04:00
Evan Cordell
2495091a53 Merge pull request #2602 from ecordell/sni 
Add test for SNI support
 2017-05-02 15:57:44 -04:00
josephschorr
5a9a231754 Merge pull request #2529 from coreos-inc/search-ui 
Implement new search UI
 2017-05-02 15:56:59 -04:00
Evan Cordell
7a96db0945 Add test for SNI support 2017-05-02 13:14:30 -04:00
Evan Cordell
738f53f61a Merge pull request #2597 from ecordell/sni 
TUF metadata api SNI support
 2017-05-02 13:01:16 -04:00
Evan Cordell
b2569ffbb2 Support SNI in python requests, and only delete tuf metadata if it 
exists
 2017-05-02 09:32:12 -04:00
Joseph Schorr
ae0d1e831b Add prometheus metric for queued builds 2017-05-01 15:16:55 -04:00
Joseph Schorr
3e8bc07b6c Fix show_if ordering and add a check that fails if misordered 
Before this change, these endpoints still existed even if the flag was off
 2017-05-01 13:14:20 -04:00
Joseph Schorr
e9ffe0e27b Implement new search UI 
We now have both autocomplete-based searching for quick results, as well as a full search page for a full listing of results
 2017-04-28 13:57:28 -04:00
josephschorr
8b148bf1d4 Merge pull request #2576 from coreos-inc/full-db-tests-tox 
Reenable full database testing locally and in concourse
 2017-04-27 18:09:15 -04:00
EvB
5e995fae20 refactor(archivedlogs): move archivelog handler to endpoints 2017-04-26 11:41:55 -04:00
Joseph Schorr
d895b4d5ff Fix appr tests to use the shared test fixtures 2017-04-24 23:08:28 -04:00
Joseph Schorr
7debd44b54 Switch fixture imports to wildcard in prep for full db test fixes 2017-04-24 16:45:14 -04:00
Antoine Legrand
8499612c4c Merge pull request #2538 from coreos-inc/enable-robot-cnr 
Enable robot cnr
 2017-04-24 17:32:46 +02:00
Joseph Schorr
3dcbe3c631 If enabled, allow users and orgs to set their time machine expiration 
Fixes https://www.pivotaltracker.com/story/show/142881203
 2017-04-21 11:32:45 -04:00
Joseph Schorr
eb5cebbcdf Have tag operations dialog reflect time machine configuration 
If a tag deletion is going to remove images, but those images are not going to be removed immediately, we need to message that

Fixes https://www.pivotaltracker.com/story/show/143063199
 2017-04-21 11:32:25 -04:00
Joseph Schorr
8981fcab78 Make sure we don't internal error when signing is disabled 2017-04-19 12:27:01 -04:00
Antoine Legrand
599ce0de54 code-stye Yapf: 5 files updated 
data/interfaces/appr.py endpoints/appr/cnr_backend.py endpoints/appr/registry.py endpoints/appr/test/test_api.py endpoints/appr/test/test_registry.py
 2017-04-18 14:02:48 +02:00
Antoine Legrand
578f87f94c Fix login with robot to quay-appr 2017-04-18 13:59:21 +02:00
Joseph Schorr
9601fd44f6 Small fixes to signing related APIs 2017-04-17 18:04:06 -04:00
josephschorr
e79555ef95 Merge pull request #2547 from coreos-inc/disable-for-trust 
Disable certain APIs and build triggers when trust is enabled
 2017-04-17 13:05:16 -04:00
Joseph Schorr
6f722e4585 Disable certain APIs and build triggers when trust is enabled 
Since trust will break if Quay makes changes, disable all Quay tag-change APIs and build APIs+webhooks when trust is enabled on a repository. Once we get Quay signing things itself, we can revisit this.
 2017-04-17 13:04:51 -04:00
Jake Moshenko
22f5934f34 Add error logging to Marketo calls 2017-04-17 10:19:52 -04:00
Evan Cordell
2661db7485 Add flag to enable trust per repo (#2541) 
* Add flag to enable trust per repo

* Add api for enabling/disabling trust

* Add new LogEntryKind for changing repo trust settings
Also add tests for repo trust api

* Add `set_trust` method to repository

* Expose new logkind to UI

* Fix registry tests

* Rebase migrations and regen test.db

* Raise downstreamissue if trust metadata can't be removed

* Refactor change_repo_trust

* Add show_if to change_repo_trust endpoint
 2017-04-15 08:26:33 -04:00
Jake Moshenko
8d279c8cc4 Unify app and api exception handling 
Move some confi to an immutable section
Make ApiExceptions real werkzeug exceptions
 2017-04-14 11:18:01 -04:00
Joseph Schorr
ab2f044331 Switch get repo API to use a single list tags query 
Should make things faster since the join occurs on the database side
 2017-04-13 18:06:58 -04:00
Jimmy Zelinskie
93d1439e04 endpoints.web: fix unknown identifier 2017-04-13 13:54:20 -04:00
Evan Cordell
ec63e495fc Add repo purge callbacks and register TUF metadata deletion as one 2017-04-12 17:33:51 -04:00
Evan Cordell
abe6f40bc5 Add support for deleting TUF metadata when repo is deleted 2017-04-12 17:33:51 -04:00
Joseph Schorr
b465a34e8f Temporary fix for additional exception classes handled in Flask 
The recent change to Flask-restful broke the other registered exception handlers, so this temporarily handles the decorated cases as well, until we put in place a proper registration model for Flask and Flask-restful handled exceptions
 2017-04-11 23:02:26 -04:00
josephschorr
2bc619137a Merge pull request #2512 from ecordell/tufmetadata 
Add tufmetadata endpoint
 2017-04-07 17:16:11 -04:00
Evan Cordell
c2d7fc2288 Fix comment 2017-04-07 16:14:25 -04:00
Evan Cordell
217b4a5ab2 Return hashes and expiration when fetching signed tags 2017-04-07 16:12:28 -04:00
Jake Moshenko
e371ed69bb Fix for flask-restful >0.3 error handling 2017-04-07 10:22:50 -04:00
Jake Moshenko
a8ec7865a7 Merge pull request #2511 from jakedt/fixwarnings 
Fixwarnings
 2017-04-06 16:12:19 -04:00
Jake Moshenko
a0817bfd59 Refresh dependencies and fix tests. 2017-04-06 13:15:48 -04:00
josephschorr
6352b3cac5 Merge pull request #2515 from coreos-inc/app-redirect 
Properly redirect to app repository URLs
 2017-04-05 14:34:37 -04:00
Joseph Schorr
45e1319067 Properly redirect to app repository URLs 2017-04-05 14:29:46 -04:00
Joseph Schorr
c6b45298ad Make app repos private by default 2017-04-05 14:11:06 -04:00
Evan Cordell
1a78722521 Update tests 2017-04-05 13:57:16 -04:00
Joseph Schorr
f9e6110f73 Add basic user interface for application repos 
Adds support for creating app repos, viewing app repos and seeing the list of app repos in the Quay UI.
 2017-04-05 11:30:09 -04:00
Evan Cordell
9515f18fb6 Add tufmetadata endpoint 2017-04-05 10:03:27 -04:00
Joseph Schorr
8c10b0787d Change appr error if you try to push to an image repository 
501 was confusing to the users, so change to 405 and add an error explaining why the push failed

Fixes https://github.com/app-registry/helm-plugin/issues/8#issuecomment-291553739
 2017-04-04 13:57:35 -04:00
josephschorr
1bfca871ec Merge pull request #2387 from coreos-inc/team-sync 
Team synchronization support in Quay Enterprise
 2017-04-03 18:26:29 -04:00
Joseph Schorr
55b1ad49ed Make team API decorators more descriptive for better readability 2017-04-03 15:35:44 -04:00
josephschorr
3f0f8159b7 Merge pull request #2499 from coreos-inc/docker-400 
Better error messages for Docker errors
 2017-04-03 11:39:07 -04:00
Joseph Schorr
47278cc559 Cleanup test fixtures 2017-04-03 11:31:30 -04:00
Joseph Schorr
04225f2d25 Add feature flag for team syncing 2017-04-03 11:31:29 -04:00
Joseph Schorr
b683088f87 Update tests for teams API 2017-04-03 11:31:29 -04:00
Joseph Schorr
eeadeb9383 Initial interfaces and support for team syncing worker 2017-04-03 11:31:29 -04:00
Joseph Schorr
8ea3977140 Add ability to enable, disable and view team syncing in UI and API 
Also extracts out some common testing infrastructure to make testing APIs easier now using pytest
 2017-04-03 11:31:29 -04:00
Joseph Schorr
f5a854c189 Add TeamSync database and API support 
Teams can now have a TeamSync entry in the database, indicating how they are synced via an external group. If found, then the user membership of the team cannot be changed via the API.
 2017-04-03 11:31:28 -04:00
Joseph Schorr
cae9d69376 Better error messages for Docker errors 2017-03-31 17:15:14 -04:00
Charlton Austin
484ecd961e Merge pull request #2497 from charltonaustin/add_in_dockerfile_path 
feat(add dockerfile_path to build api): added param to specify path
 2017-03-30 16:30:44 -04:00
Charlton Austin
63a2f0c14b feat(add dockerfile_path to build api): added in a dockerfile to specify path 
### Description of Changes

  this allows people to specify a context and a dockerfile path
 2017-03-30 16:30:00 -04:00
Joseph Schorr
147b812edb Remove out dated Enterprise landing page 
We now just redirect to the QE plans page

Fixes https://www.pivotaltracker.com/story/show/142166263
 2017-03-30 15:25:56 -04:00
Charlton Austin
d4177e6e33 fix(endpoints): appending dockerfile to api call 
### Description of Changes

  this was not passing back the correct path for the dockerfile
 2017-03-30 13:35:04 -04:00
Joseph Schorr
e142ad8e3d $CURRENT_YEAR 2017-03-29 17:03:57 -04:00
josephschorr
b4e79206a0 Merge pull request #2490 from coreos-inc/upload-cert-blocker 
Make custom cert upload not hang and handle errors properly
 2017-03-29 16:11:13 -04:00
Joseph Schorr
835acfc58e Make custom cert upload not hang and handle errors properly 2017-03-29 16:06:15 -04:00
Charlton Austin
df5a6aabe2 fix(buildman, endpoint): added in fix upload gzip and dockerfile 2017-03-29 15:12:33 -04:00
Charlton Austin
ca99535774 Merge pull request #2449 from charltonaustin/phase_two_config 
feat(build runner): added in context, dockerfile_location
 2017-03-28 14:14:36 -04:00
Charlton Austin
e6d201e0b0 feat(build runner): added in context, dockerfile_location 
this is a new feature meant to allow people to use any file as
  a dockerfile and any folder as a context directory
 2017-03-28 13:55:31 -04:00
Jimmy Zelinskie
65a17dc155 Merge pull request #2473 from coreos-inc/certs-fixes 
Fixes and improvements around custom certificate handling
 2017-03-27 15:08:36 -04:00
Jimmy Zelinskie
8931609775 Merge pull request #2469 from coreos-inc/appr_403_vs_401 
Use 401 for bad or missing credentials, 403 for forbidden access
 2017-03-27 11:39:23 -04:00
Jimmy Zelinskie
024f73ecd4 Merge pull request #2476 from coreos-inc/fix_bug_force_push 
Fix force push causing duplicated entries
 2017-03-27 11:39:12 -04:00
Evan Cordell
abd78bce56 Use constants for TUF roots 2017-03-27 11:37:17 -04:00
Evan Cordell
6ad107709c Change build_context_and_subject to take kwargs 2017-03-27 11:37:17 -04:00
Evan Cordell
21d969d309 Refactor tests, no g required 2017-03-27 11:37:17 -04:00
Evan Cordell
43dd974dca Determine which TUF root to show based on actual access, not requested 
access
 2017-03-27 11:37:17 -04:00
Antoine Legrand
d2ed37e158 Fix force push causing duplicated entries 2017-03-27 15:39:57 +02:00
Joseph Schorr
e509eb4cba Better custom cert handling in the superuser tool 
We now only allow certificates ending in .crt to be uploaded and we automatically install the certificate once it has been validated
 2017-03-24 17:15:26 -04:00
Antoine Legrand
35bebf9e99 Use 401 for bad or missing credentials, 403 for forbidden access 2017-03-24 18:46:13 +01:00
Joseph Schorr
94c5eca286 Add CNR API auth tests for public repos 2017-03-23 21:19:56 -04:00
Jimmy Zelinskie
0ce68706ee Merge pull request #2465 from coreos-inc/force_push 
Allow force push for app
 2017-03-23 21:05:08 -04:00
Antoine Legrand
16f2479a96 test: push twice same blob from different package 2017-03-24 00:39:04 +01:00
Antoine Legrand
bbd74eabd1 Allow force push for app 2017-03-23 22:50:07 +01:00
Joseph Schorr
ac4a79ae01 Update PR for rebase 2017-03-23 15:57:49 -04:00
Joseph Schorr
95e1cf6673 Make V2 login errors more descriptive 
If login fails, we now call validate again to get the reason for the failure, and then surface it to the user of the CLI. This allows for more actionable responses, such as:

$ docker login 10.0.2.2:5000
Username (devtable): devtable
Password:

Error response from daemon: Get http://10.0.2.2:5000/v2/: unauthorized: Client login with unencrypted passwords is disabled. Please generate an encrypted password in the user admin panel for use here.
 2017-03-23 15:42:45 -04:00
Joseph Schorr
651666b60b Refactor our auth handling code to be cleaner 
Breaks out the validation code from the auth context modification calls, makes decorators easier to define and adds testing for each individual piece. Will be the basis of better error messaging in the following change.
 2017-03-23 15:42:45 -04:00
Joseph Schorr
1bd4422da9 Move auth decorators into a decorators module 
The non-decorators will be broken out in the followup change
 2017-03-23 15:42:45 -04:00
Joseph Schorr
abf179eb09 Move fixtures under test, since they are shared globally 2017-03-23 15:42:45 -04:00
Joseph Schorr
c9a5ce6701 Start validating login in CNR 
Fixes https://www.pivotaltracker.com/story/show/142342305
 2017-03-23 15:07:46 -04:00
Joseph Schorr
ef4569f2c5 Add very basic security tests for CNR APIs 2017-03-23 13:14:12 -04:00