Joseph Schorr
d63dba35cd
Merge pull request #3153 from quay/move-endtoend-auth-test
...
Move end to end auth tests for APIs into pytest
2018-07-17 23:29:53 +03:00
Joseph Schorr
fcb9fd3792
Move end to end auth tests for APIs into pytest
2018-07-17 16:28:03 -04:00
Joseph Schorr
4aee811611
Move cloud storage tests to pytest
2018-07-17 16:14:23 -04:00
Sam Chow
f5a8116f5a
Remove password confirmation in config app
...
Small fix to manually clean up temp dir when creating new temp dir,
small fix to font awesome icons, change the jwt/keystone
validators to not use username/password
2018-07-17 16:00:55 -04:00
Sam Chow
496d94138c
Merge pull request #3139 from quay/spike/install-certs
...
Install certs in the config app, small refactor to LDAP validation
2018-07-16 12:50:36 -04:00
Joseph Schorr
cdaa312d0b
Fix rollback of savepoints for full DB tests
2018-07-16 11:44:19 -04:00
Joseph Schorr
eb8e325f94
Move image sharing model tests to pytest
2018-07-16 09:58:21 -04:00
Joseph Schorr
135ca41287
Merge pull request #3142 from quay/move-blob-model-test
...
Move blob model tests to pytest
2018-07-16 16:16:11 +03:00
Joseph Schorr
6c3cf403bd
Merge pull request #3137 from quay/joseph.schorr/QUAY-963/repo-name-check
...
Ensure that we limit the length of repository names
2018-07-15 19:17:40 +03:00
Joseph Schorr
a572fd33c7
Ensure that we limit the length of repository names
...
Until now, they'd simply be truncated by the database. Now, we properly check their lengths.
Fixes https://jira.coreos.com/browse/QUAY-963
2018-07-13 13:22:33 +03:00
Joseph Schorr
1a728eac7e
Merge pull request #3140 from quay/move-anon-check-test
...
Move anon checked test to pytest
2018-07-13 13:20:03 +03:00
Joseph Schorr
e35c997415
Merge pull request #3141 from quay/move-backfill-allocator-test
...
Move backfill allocator tests to pytest
2018-07-13 13:19:54 +03:00
Joseph Schorr
dda083abb1
Move blob model tests to pytest
2018-07-13 13:19:46 +03:00
Joseph Schorr
59be5b3d1c
Merge pull request #3143 from quay/move-digest-tools-test
...
Move digest tools tests to pytest
2018-07-13 13:18:24 +03:00
Joseph Schorr
823eac2a91
Merge pull request #3144 from quay/move-dockerfile-parse-test
...
Move dockerfile parse tests to pytest
2018-07-13 13:18:16 +03:00
Joseph Schorr
3bb889eacf
Merge pull request #3145 from quay/move-filelike-test
...
Move filelike tests to pytest
2018-07-13 13:18:06 +03:00
Sam Chow
1add992525
Add ldap tests for verifying a user exists
2018-07-12 16:53:27 -04:00
Joseph Schorr
be0b1f0061
Move imagetree tests to pytest
2018-07-12 15:56:49 +03:00
Joseph Schorr
f9e46b414c
Move filelike tests to pytest
2018-07-12 15:45:30 +03:00
Joseph Schorr
0a23a51fba
Move dockerfile parse tests to pytest
2018-07-12 15:43:03 +03:00
Joseph Schorr
2cd63a8e79
Move digest tools tests to pytest
2018-07-12 15:40:46 +03:00
Joseph Schorr
3c65447299
Move backfill allocator tests to pytest
2018-07-12 15:32:57 +03:00
Joseph Schorr
d32efc4e17
Move anon checked test to pytest
2018-07-12 15:24:49 +03:00
Joseph Schorr
924dda296f
Fully migrate API security tests into the pytest test suite
...
Also adds an additional test that ensures that at least one security test exists for every (api endpoint, http method) pair.
2018-07-08 18:33:21 +03:00
Joseph Schorr
2b34ae74fe
Add test for trying to pull the tags of a repository under a disabled namespace
2018-06-21 14:41:27 -04:00
Joseph Schorr
fdd0db7a7f
Add test for trying to pull the catalog under a disabled namespace
2018-06-21 14:41:27 -04:00
Joseph Schorr
892cc82b6a
Ensure that verbs cannot be performed on disabled namespaces or by disabled users
2018-06-21 14:41:27 -04:00
Joseph Schorr
2caaf84f31
Add caching support to catalog
...
We will now cache the results of the catalog for 60s and not hit the database at all if cached
2018-06-20 14:58:01 -04:00
Joseph Schorr
7604e9842b
Change repo filtering for users to use a user ID reference, rather than the username
...
While this means we need an additional query for initial lookup, it makes the *filtering* query (which is the heavy part) require far fewer joins, thus making it more efficient.
Also adds a new unit test to verify that our filter filters to the correct set of repositories.
2018-06-19 10:51:30 -04:00
Joseph Schorr
3161b60522
Switch V2 pagination back to using IDs, which should be much faster and easier on the DB
...
Also adds a test for the tags endpoint
2018-06-18 16:11:26 -04:00
Brad Ison
0501e0b996
Fix failing full-db tests
2018-06-13 13:03:11 -04:00
Joseph Schorr
e22b0ce004
Merge pull request #3057 from quay/joseph.schorr/QUAY-893/blob-mount
...
Implement support for blob mounting via the `mount` parameter on blob uploads
2018-06-06 13:13:39 -04:00
Joseph Schorr
55eb04e622
Merge pull request #3101 from quay/parallel-testing
...
Enable parallel testing of all the Quay unit tests
2018-06-06 13:13:14 -04:00
Joseph Schorr
f6eaf7ce9d
Add blob mounting tests to the new registry test suite
2018-06-06 11:31:28 -04:00
Joseph Schorr
06cb4bddaa
Add a test to ensure we don't hit the database when accessing a private catalog with no auth
2018-06-05 19:42:16 -04:00
Joseph Schorr
0e2bff972f
Convert storage replication tests to pytest format
2018-06-01 17:07:23 -04:00
Joseph Schorr
544c8f0adf
Convert storageproxy tests to be pytest-able and use the new liveserver testcase pytest fixture
2018-06-01 17:07:15 -04:00
Joseph Schorr
65f08c25cf
Make spec'ed tests stable across runs
...
This was preventing us from running tests in parallel, since the names were changing
2018-06-01 17:06:43 -04:00
Sam Chow
7f21d0da58
Merge pull request #3096 from quay/refactor/secscan-simple
...
Refactor validators to decouple app
2018-06-01 15:44:18 -04:00
Sam Chow
301cc6992a
Remove jwt validation for jschorr to fix later
...
Refactor oauth validate method to take config over entire appconfig
2018-06-01 15:07:06 -04:00
Sam Chow
7df8ed4a60
Add a security scanner api config object for params
...
Change SecScanAPI to use a uri creation func instead of test context
Pass config provider through validator context
Remove app config dependency for validators
2018-06-01 15:06:50 -04:00
Sam Chow
554d4f47a8
Change validators to use the validator_context
...
Change InstanceKeys to take a namedtuple for context
2018-06-01 14:59:49 -04:00
Joseph Schorr
8ee98c1c48
Show starred public repositories in the starred repos list
...
We forgot to check if the repository was public in the filter
Fixes https://jira.coreos.com/browse/QUAY-857
2018-05-31 17:34:17 -04:00
Joseph Schorr
f86c087b3b
Prevent registry operations against disabled namespaces
...
Allows admins to completely wall off a namespace by disabling it
Fixes https://jira.coreos.com/browse/QUAY-869
2018-05-22 18:36:04 -04:00
Joseph Schorr
6ffafe44d3
Merge pull request #3059 from quay/joseph.schorr/QUAY-906/reg-tests
...
Move registry integration tests to py.test
2018-05-22 17:09:11 -04:00
Joseph Schorr
5509dd350c
Switch to use the new registry tests suite
2018-05-22 17:06:41 -04:00
Joseph Schorr
a007332d4c
Temporarily change to storing logs in a new LogEntry2 table
...
This will prevent us from running out of auto-incrementing ID values until such time as we can upgrade to peewee 3 and change the field type to a BigInt
Fixes https://jira.coreos.com/browse/QUAY-943
2018-05-18 20:15:16 -04:00
Joseph Schorr
22a39c3007
Fix bug with missing & in authorization URL for OIDC
...
Also adds testing to ensure we don't break this again
2018-05-15 14:52:00 -04:00
Joseph Schorr
8c1b0e673c
Implement the remaining registry tests in the new py.test format
2018-05-01 13:28:24 +03:00
Joseph Schorr
23c19bcbc1
Implement support for registry integration tests via py.test
...
This change implements support for registry integration tests using the new py.test-based live server test fixture. We can now parametrize the protocols we use (in prep for V2_2), and it makes the code *much* cleaner and less hacky.
Note that moving the vast majority of the tests over from the existing impl will come as a followup PR
2018-05-01 13:28:24 +03:00
Joseph Schorr
85496b8195
Translate LiveServerTestCase into a py.test-compatible liveserver fixture
...
This allow us to super-easily instantiate a live, running Flask server with the test app, as well as interact with it, without any of the crazy boilerplate we previously used
2018-05-01 13:28:24 +03:00
Sam Chow
1afedafcbb
Configurable options for search, info when at max
...
includes the options for maximum search results per page, and the
maximum number of pages available before help text is shown, and
the next page button is disabled
2018-04-25 11:12:09 -04:00
Brad Ison
e90da9f2c0
Fix API team membership test
2018-04-04 14:22:11 -04:00
Joseph Schorr
8146646761
Simplifying queries around images and placements
...
Only verbs needs to load placements for multiple images, so we can vastly simplify and optimize most queries by making it two-step, and having the rest of the image loads not worry about placements
2018-04-03 16:23:49 -04:00
josephschorr
323eb63747
Merge pull request #3032 from coreos-inc/joseph.schorr/QUAY-885/squashed-sym
...
Retarget broken hard links in squashed images
2018-03-26 17:59:52 -04:00
Joseph Schorr
110366f656
Retarget hard links pointing to deleted files by emitting the deleted file contents under the first hard link instance. This fixes a breakage in the squashed TAR where we were pointing hard links to missing data.
...
Fixes https://jira.coreos.com/browse/QUAY-885
2018-03-23 14:00:46 -04:00
josephschorr
6c43b7ff0d
Merge pull request #3024 from coreos-inc/manageable-robots
...
Manageable robots epic
2018-03-21 18:50:17 -04:00
Joseph Schorr
2ea13e86a0
Add last_accessed information to User and expose for robot accounts
...
Fixes https://jira.coreos.com/browse/QUAY-848
2018-03-21 15:28:34 -04:00
Joseph Schorr
3586955669
Remove license code in Quay
...
No longer needed under Red Hat rules \o/
Fixes https://jira.coreos.com/browse/QUAY-883
2018-03-20 17:03:35 -04:00
Joseph Schorr
ed84835d23
Changes for code review
2018-03-01 16:49:52 -05:00
Joseph Schorr
c35eec0615
Add ability for triggers to be disabled
...
Will be used in the followup commit to automatically disable broken triggers
2018-03-01 16:49:28 -05:00
Joseph Schorr
ab0172d2fd
Switch Quay to using an in-container memcached for data model caching
2018-02-27 16:55:22 -05:00
Joseph Schorr
8bc55a5676
Make namespace deletion asynchronous
...
Instead of deleting a namespace synchronously as before, we now mark the namespace for deletion, disable it, and rename it. A worker then comes along and deletes the namespace in the background. This results in a *significantly* better user experience, as the namespace deletion operation now "completes" in under a second, where before it could take 10s of minutes at the worse.
Fixes https://jira.coreos.com/browse/QUAY-838
2018-02-27 13:12:51 -05:00
Brad Ison
f89a16a64d
Make byte_count on BlobUpload table not nullable
...
The byte_count field on the BlobUpload model is marked as not
nullable, but the migration to make the field a big integer removed
that restriction (#2388 :: 76de324
) in the database. It's still in
the model though, which means they are out of sync. This adds a
migration to mark the field as not nullable in the database again.
2018-02-26 11:36:56 -05:00
Brad Ison
5bd826e7b5
Drop checksum from ImageStorage table
...
The checksum field was removed from the ImageStorage model in #815 ,
but was never dropped from the database. This adds a migration to
drop the unused column.
2018-02-24 17:00:07 -05:00
Joseph Schorr
9a452ace11
Add configurable limits for number of builds allowed under a namespace
...
We also support that limit being increased automatically once a successful billing charge has gone through
2018-02-20 16:54:22 -05:00
Brad Ison
62971b7f20
Merge pull request #2999 from bison/user-location
...
Add user location metadata filed
2018-02-20 16:48:37 -05:00
Joseph Schorr
188ea98441
Add new decorator to prevent reflected text attacks
...
Instead of disabling repo names with periods in them, we simply disallow calls to the API when they are GET requests, whose path ends in a dot, and that do not have a referrer from the frontend.
2018-02-20 11:33:45 -05:00
Joseph Schorr
b342111edb
Add registry tests for pushing and pulling previously bad repo names
2018-02-20 11:31:36 -05:00
Brad Ison
3de6b4a646
Add location metadata field for users
2018-02-06 16:06:17 -05:00
Joseph Schorr
bbdf9e074c
Add metrics for tracking when instance key renewal succeeds and fails, as well as when instance key *lookup* fails
2018-02-02 11:14:42 -05:00
Joseph Schorr
ede3a81c68
Disallow dots in repository names to fix reflected text "attack"
...
Fixes https://jira.coreos.com/browse/QS-125
2018-01-18 13:19:37 -05:00
Joseph Schorr
c887aa543b
Change superuser API errors to be more descriptive
...
Fixes https://jira.coreos.com/browse/QS-103
2018-01-05 17:09:26 -05:00
josephschorr
13b738c43c
Merge pull request #2954 from coreos-inc/joseph.schorr/QS-102/user-api-filter
...
Add ability to filter users list to enabled users
2018-01-05 15:40:50 -05:00
Joseph Schorr
5b4f5f9859
Regenerate test DB for token changes
2018-01-04 15:27:41 -05:00
Joseph Schorr
524d77f527
Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password
2018-01-04 15:27:41 -05:00
Joseph Schorr
8e473b9779
Add filter for disabled users to superuser user list API
...
Fixes https://jira.coreos.com/browse/QS-102
2017-12-22 16:45:49 -05:00
Joseph Schorr
3ce9d68a3e
Fix broken registry test
...
Flask now returns a 404 error, rather than redirecting like it used to do
2017-12-20 11:43:55 -05:00
Joseph Schorr
f9bd7ef42b
Add validation of Docker V2_1 schemas and add a test for PUTing an invalid schema
2017-12-20 11:43:03 -05:00
Joseph Schorr
11e3724919
Return an http 415 (manifest version not supported) for OCI manifest content types
...
This was breaking skopeo, as it first tries to send the *OCI* manifest type, which we didn't say we didn't support, thus breaking the tool
2017-12-20 11:02:34 -05:00
josephschorr
024c183f67
Merge pull request #2944 from coreos-inc/joseph.schorr/QS-91/v2-caching
...
V2 registry blob caching
2017-12-18 14:42:02 -05:00
Joseph Schorr
097cbbeaae
Add new Quay pricing plans
2017-12-18 13:12:16 -05:00
Joseph Schorr
b2485934ed
Enable caching of blobs in V2 registry protocol, to avoid DB connections after the cache has been loaded
...
This should help for bursty pull traffic, as it will avoid DB connections on a huge % of requests
2017-12-14 13:38:24 -05:00
Joseph Schorr
a706d99849
Add additional logs and an additional test for verbs
2017-12-07 15:22:20 -05:00
Joseph Schorr
1d1c6f0606
Invalidate all session tokens when a user signs out
...
Fixes https://jira.coreos.com/browse/QS-85
2017-12-07 13:03:11 -05:00
Joseph Schorr
927d469db0
In password recovery, don't reveal whether an e-mail address is valid (unless it is an org's e-mail address)
2017-12-06 14:07:38 -05:00
Joseph Schorr
2677720577
Fix exception raised for certain non-JSON strings given to is_json
...
This is breaking pushes in production for certain manifests
Fixes https://jira.prod.coreos.systems/browse/QS-60
2017-11-14 13:46:06 -05:00
Joseph Schorr
9f804de23d
Fix bug in deletion of repos with OCI-style linked tags
...
MySQL does not allow rows in the same table referencing other rows to be deleted in a single statement. We now do a two-pass deletion, and add a test to make sure.
Fixes https://jira.prod.coreos.systems/browse/QS-18
2017-10-18 17:03:27 -04:00
Joseph Schorr
010dda2c52
Add CloudFrontedS3Storage, which redirects to CloudFront for non-S3 ips
2017-09-28 14:40:58 -04:00
Joseph Schorr
c6aad5fef0
Add option to disable partial autocompletion of users
2017-09-12 15:55:37 -04:00
Joseph Schorr
464bccb5a0
Fix permissions on accessing archived logs
2017-08-18 13:45:36 -04:00
Jimmy Zelinskie
9e09612851
Revert "Merge pull request #2844 from coreos-inc/alegrand/use_latest_appr_server_code"
...
This reverts commit 646fafb2fd
, reversing
changes made to 5c1b635439
.
2017-08-09 20:45:46 -04:00
Joseph Schorr
854155fe82
Fix missing to_dict and import in robots model
...
Also adds a test to catch this issue
2017-08-09 20:33:14 -04:00
Antoine Legrand
646fafb2fd
Merge pull request #2844 from coreos-inc/alegrand/use_latest_appr_server_code
...
Migrate from cnr -> appr
2017-08-09 00:01:25 +02:00
Antoine Legrand
6336a4a971
Migrate from cnr -> appr
2017-08-08 11:48:59 +02:00
Evan Cordell
66dc093639
Convert RepositoryUserTransitivePermission security tests to pytest
2017-08-01 11:34:31 -04:00
Evan Cordell
a68ec6966e
Add data interface for api-permissions for v2-2
2017-07-31 15:46:13 -04:00
Jake Moshenko
0011ddda16
Release database connections after updating build statuses.
2017-07-26 12:29:51 -04:00
Joseph Schorr
5739e2ef4d
Move notifications test into notifications package
2017-07-25 17:00:06 -04:00
Joseph Schorr
ce56031846
Move notifications into its own package
2017-07-25 17:00:06 -04:00