Commit graph

132 commits

Author SHA1 Message Date
Joseph Schorr
066637f496 Basic Keystone Auth support
Note: This has been verified as working by the end customer
2015-07-20 10:55:21 -04:00
Jake Moshenko
eec7886e01 Add a server default for the broken migration. 2015-07-14 16:58:58 -04:00
Joseph Schorr
dc5af7496c Allow superusers to disable user accounts 2015-06-29 18:40:52 +03:00
Joseph Schorr
8aac3fd86e Add support for an external JWT-based authentication system
This authentication system hits two HTTP endpoints to check and verify the existence of users:

Existance endpoint:
GET http://endpoint/ with Authorization: Basic (username:) =>
    Returns 200 if the username/email exists, 4** otherwise

Verification endpoint:
GET http://endpoint/ with Authorization: Basic (username:password) =>
    Returns 200 and a signed JWT with the user's username and email address if the username+password validates, 4** otherwise with the body containing an optional error message

The JWT produced by the endpoint must be issued with an issuer matching that configured in the config.yaml, and the audience must be "quay.io/jwtauthn". The JWT is signed using a private key and then validated on the Quay.io side with the associated public key, found as "jwt-authn.cert" in the conf/stack directory.
2015-06-05 13:20:10 -04:00
Jimmy Zelinskie
3daa0e6a52 migration: use SA boolean value for server_default 2015-05-15 19:04:54 -04:00
Jimmy Zelinskie
e12d5af52c migration: server_default for boolean field 2015-05-15 17:04:50 -04:00
Joseph Schorr
6a52ffa942 Add missing default value on the new reversion column 2015-05-13 13:49:21 -04:00
Joseph Schorr
c89760278f Add migration to add gitlab trigger type 2015-05-03 10:49:13 -07:00
Joseph Schorr
17bc9b81bf Add bitbucket trigger type 2015-04-30 15:55:57 -04:00
Jimmy Zelinskie
fd65ca5916 migration: add custom-git service to database 2015-04-24 16:11:58 -04:00
Jimmy Zelinskie
d25cc4db9c migrations: fix percona migration test 2015-04-21 18:01:40 -04:00
Jimmy Zelinskie
93cd459460 Merge branch 'master' into git 2015-04-20 10:58:49 -04:00
Joseph Schorr
ed342ae831 Add migration for properly creating the repository_id+datetime index 2015-04-19 16:03:06 -04:00
Joseph Schorr
a8f8c317f9 Fix branch in alembic migrations 2015-04-19 15:20:01 -04:00
Joseph Schorr
2815ea2723 Merge branch 'master' of github.com:coreos-inc/quay 2015-04-19 15:16:39 -04:00
Jimmy Zelinskie
4133924813 migrations: rebase on top of master's changes 2015-04-17 13:19:04 -04:00
Jimmy Zelinskie
ba2cb08904 Merge branch 'master' into git 2015-04-16 17:38:35 -04:00
Joseph Schorr
f19d2f684e Add ability to revert tags via time machine 2015-04-16 17:18:00 -04:00
Joseph Schorr
3f1e8f3c27 Add a RepositoryActionCount table so we can use it (instead of LogEntry) when scoring repo search results 2015-04-13 13:31:07 -04:00
Joseph Schorr
762fdaf319 Fix DB migration tests 2015-04-08 17:41:53 -04:00
Jimmy Zelinskie
da15eda2bf migration: make auth_token for builds nullable 2015-03-27 11:20:30 -04:00
Jake Moshenko
3d44416016 Add the migration for the unique index which helps prevent tag deadlocks. 2015-03-24 18:00:04 -04:00
Jimmy Zelinskie
9c55aca011 migration: make resource_key nullable 2015-03-23 15:46:35 -04:00
Jimmy Zelinskie
93a9e9d01a migration: add private key to build triggers 2015-03-19 14:30:25 -04:00
Joseph Schorr
44ff85d044 Remove migration (temporarily), fix a broken test, and make the aggregate size calculation use the entire image ancestry (for now). 2015-03-17 12:13:01 -04:00
Joseph Schorr
b8d88c0f4e Add aggregate size column and a migration to backfill it 2015-03-16 18:03:17 -04:00
Joseph Schorr
929bad57f5 Fix revision 2015-03-05 15:06:46 -05:00
Joseph Schorr
86447c0a99 Merge branch 'master' into pagesnew 2015-03-05 14:22:10 -05:00
Joseph Schorr
5f605b7cc8 Fix queue handling to remove the dependency from repobuild, and have a cancel method 2015-02-23 13:38:01 -05:00
Jimmy Zelinskie
7fbbf14e49 migrations: resolve branched migration tree
This moves the migration adding stars to HEAD.
2015-02-19 17:10:27 -05:00
Jimmy Zelinskie
917dd6b674 Merge branch 'master' into star 2015-02-18 17:36:58 -05:00
Jake Moshenko
41108a0856 Allow tags to be marked as hidden. Create a hidden tag on every image during a push to prevent them from getting GCed. 2015-02-18 17:05:16 -05:00
Jake Moshenko
2dd03f1bed Merge remote-tracking branch 'origin/master' into rockyhorror
Conflicts:
	test/data/test.db
2015-02-18 10:56:01 -05:00
Joseph Schorr
83e05d2342 Add tracking of the kind of temporary access tokens, so we can display if a pull/push by token is for a build worker 2015-02-17 12:35:16 -05:00
Jake Moshenko
579d900ef2 Add server defaults to the new fields which are not nullable. 2015-02-13 14:45:42 -05:00
Jake Moshenko
2ce6e76d9d Add the required migration for time machine tag lifetimes. 2015-02-13 14:41:08 -05:00
Jake Moshenko
2743fe6f4d Trap migration exceptions for the migration that we expect to fail in prod. 2015-02-13 13:11:50 -05:00
Jake Moshenko
cd245e62bf Remove the access_token_id column from log entries. 2015-02-13 11:56:59 -05:00
Joseph Schorr
f84d1bad45 Handle internal errors in a better fashion: If a build would be marked as internal error, only do so if there are retries remaining. Otherwise, we mark it as failed (since it won't be rebuilt anyway) 2015-02-12 16:19:44 -05:00
Joseph Schorr
045614c6c8 Merge branch 'master' into ackbar 2015-02-09 17:16:42 -05:00
Joseph Schorr
e1c5ccb7d6 Fixes 2015-02-05 17:37:58 -05:00
Joseph Schorr
a12bfa7623 Add migration for the new tables for signatures 2015-02-05 15:30:45 -05:00
Joseph Schorr
c8229b9c8a Implement new step-by-step setup 2015-01-23 17:19:15 -05:00
Jimmy Zelinskie
b18986c72b Continuation of baa4918d89. 2015-01-06 15:11:37 -05:00
Jimmy Zelinskie
baa4918d89 Explicitly declare length of large MySQL indices.
Most MySQL installs silently truncate indices at a specific number of bytes.
This value is 767 bytes unless either the innodb_large_prefix option is turned
on or the innodb_page_size has been changed. This change explicitly limits the
size of large indices to 767 characters due to the latin1 charset being 1 byte
per char.
2015-01-06 14:55:31 -05:00
Jimmy Zelinskie
84f6cc7385 add percona to migration tests 2014-12-23 18:34:02 -05:00
Jimmy Zelinskie
977782d047 Add MariaDB to migration.sh 2014-12-22 15:34:17 -05:00
Jimmy Zelinskie
eeeb2e620c move slackwebhook migration from tools to util
tools isn't shipped inside of the container because it contains private
keys
2014-12-18 13:22:13 -05:00
Joseph Schorr
107847a4bb Fix Slack notification setup to support the new slack web hook format and convert all existing data to use the new format (so we only have one code path) 2014-12-16 14:34:43 +02:00
Jimmy Zelinskie
97b605ca8d Fix starring after rebase. 2014-12-03 12:20:51 -08:00