Commit graph

1268 commits

Author SHA1 Message Date
josephschorr
6c897a7c22 Merge pull request #1035 from coreos-inc/closeforlong
Close for long operation before we upload chunks
2015-12-07 14:22:29 -05:00
Joseph Schorr
bcd7f45905 Close for long operation before we upload chunks 2015-12-07 14:11:56 -05:00
Joseph Schorr
b8bd92a64f Handle 404s on blob uploads
Fixes #1033
2015-12-07 12:30:28 -05:00
Joseph Schorr
ee0eb80c8f Fix blob content types
Fixes #990
2015-12-04 16:13:58 -05:00
josephschorr
32fae5533c Merge pull request #1022 from coreos-inc/manifestexc
Only write exceptions for manifest gen when a tag exists
2015-12-04 14:32:06 -05:00
Silas Sewell
d28768f792 Make eventConfig required in create notification 2015-12-03 18:28:07 -05:00
Joseph Schorr
c324ebd7f6 Only write exceptions for manifest gen when a tag exists
Fixes #1019

Currently, we just raise an exception to the logs regardless, which can make it appear as if there is an issue (when there isn't).
2015-12-03 16:04:17 -05:00
Silas Sewell
8781cf6e11 Increase nginx proxy timeout and close db before storage operation 2015-12-03 11:19:39 -05:00
Silas Sewell
664a2951cc Don't send content-length when redirecting v2 blob
Fixes #1012
2015-12-02 21:28:11 -05:00
Quentin Machu
8a539c4bc1 Fix security notification perform condition
As defined in util/secscan/api.py, Critical < High < Medium < Low < Negligible < Unknown. We have to send the notification if the expected level is higher than the vulnerability level, not the opposite.
2015-11-30 13:54:34 -05:00
josephschorr
dc1f6c2d87 Merge pull request #974 from coreos-inc/derivedfix
Derived image fixes
2015-11-25 11:57:16 -05:00
josephschorr
0dbd19a236 Merge pull request #976 from coreos-inc/incidentaltests
Add login tests and fix scope security issue
2015-11-24 13:42:06 -05:00
Joseph Schorr
75a91f0f92 Add login tests and fix scope security issue 2015-11-24 13:39:16 -05:00
Joseph Schorr
762cd56e64 Change derived storage to be based on image
Fixes #971
2015-11-24 12:44:07 -05:00
josephschorr
1eb019cd16 Merge pull request #970 from coreos-inc/disableverbcaching
Disable derived image storage entirely until we fix it to be by image…
2015-11-23 23:56:51 -05:00
Joseph Schorr
5d3aa2a2b9 Disable derived image storage entirely until we fix it to be by image, not storage 2015-11-23 23:49:46 -05:00
Joseph Schorr
a0e597f957 Send Docker-Content-Digest headers on GET requests
Fixes #955
2015-11-23 13:56:34 -05:00
Joseph Schorr
5c8eea2728 Log when pulls occur in V2
Fixes #958
2015-11-20 21:30:03 -05:00
Jake Moshenko
0c44949017 Return a 401 when doing a login with bad credentials 2015-11-20 18:37:52 -05:00
Joseph Schorr
b49435bfee Fix track_and_log for grant-ed users 2015-11-19 17:41:27 -05:00
Jake Moshenko
b564492ea7 Improve the performance of fetching manifest blobs by checksum. 2015-11-19 11:01:47 -05:00
Jake Moshenko
e01f5ce06e Re-enable squashed caching 2015-11-18 22:05:07 -05:00
Jake Moshenko
39d799b1aa Fix anonymous repository pulls 2015-11-18 20:11:06 -05:00
Jake Moshenko
c27f91f7cf Fix token pushes for v2 auth, tokens have no user 2015-11-18 19:18:12 -05:00
Silas Sewell
f3dafd50e4 Fix squash pull after v2 merge 2015-11-17 18:25:43 -05:00
Jake Moshenko
7205bf5e7f Merge pull request #885 from jakedt/python-registry-v2
Python registry v2 mega merge
2015-11-16 16:15:40 -05:00
Matt Jibson
d5fb8cafd4 Don't expose unnamed API operations
fixes #861
2015-11-16 15:40:33 -05:00
Jake Moshenko
4cc619f4ca Clean up v2 branch to no longer warn about readiness 2015-11-16 14:42:43 -05:00
Jake Moshenko
0459c3bc54 Merge remote-tracking branch 'upstream/master' into python-registry-v2 2015-11-16 14:22:54 -05:00
Jake Moshenko
52125bbfed Fix gc by using the v1/v2 storage location helper everywhere 2015-11-16 14:13:37 -05:00
Joseph Schorr
32a799a067 Remove code that adds images to the image diff queue 2015-11-13 12:42:43 -05:00
Joseph Schorr
db1fae4cfc Fix security scan endpoint status 2015-11-13 01:06:18 -05:00
Joseph Schorr
b7206a8cfc Remove file added accidentally by merge 2015-11-12 22:03:13 -05:00
Joseph Schorr
7816b0c657 Merge master into vulnerability-tool 2015-11-12 21:52:47 -05:00
Joseph Schorr
3b3f101ea6 Vulnerability UI part 2
Fixes #860
Fixes #855
2015-11-12 16:59:36 -05:00
Jake Moshenko
44d06b0c2e Fix v1 backward compatibility 2015-11-12 16:22:19 -05:00
Joseph Schorr
76ce63895f New Quay Sec UI and fix some small bugs
Fixes #855
2015-11-11 18:15:58 -05:00
Jake Moshenko
ab340e20ea Merge remote-tracking branch 'upstream/master' into python-registry-v2 2015-11-11 16:41:40 -05:00
Jake Moshenko
a1ccd860e7 Merge pull request #823 from coreos-inc/phase3-11-07-2015
Phase3 11 07 2015
2015-11-11 14:22:19 -05:00
Joseph Schorr
ca7d736db2 Only send vulnerability events if the minimum priority is gte to that specified
Fixes #770
2015-11-10 16:05:55 -05:00
Joseph Schorr
888ec17538 Recover by email needs to allow anon access to its endpoints 2015-11-10 15:41:19 -05:00
Jimmy Zelinskie
8e2868737b rename secscan_endpoint and move db close to API 2015-11-10 15:22:31 -05:00
Jimmy Zelinskie
d651ea4b48 initial security notification worker 2015-11-10 15:22:30 -05:00
Silas Sewell
e826b14ca4 Merge pull request #725 from coreos-inc/setup-tool-georeplication
superuser: add storage replication config
2015-11-09 17:43:38 -05:00
Silas Sewell
5000b1621c superuser: add storage replication config 2015-11-09 17:34:22 -05:00
Joseph Schorr
a69c9e12fd Update quay sec code to fix problems identified in previous review
- Change get_repository_images_recursive to operate over a single docker image and storage uuid
- Move endpoints/sec to endpoints/secscan
- Change notification system to work with new Quay-sec format

Fixes #768
2015-11-09 17:14:35 -05:00
Quentin Machu
16c364a90c Rename secscan_endpoint where required, fix index and indentation 2015-11-09 15:18:42 -05:00
Matt Jibson
5d9999d1f7 Merge pull request #791 from mjibson/clear-repo-notifications
Remove error notification when user deletes repos
2015-11-09 14:46:51 -05:00
Joseph Schorr
02e2bef943 Fix hardcoded priority 2015-11-09 12:51:05 -05:00
Joseph Schorr
b408cfd2cc Ready for demo 2015-11-09 12:51:05 -05:00