vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
6380 commits 2 branches 62 tags 205 MiB
Commit graph

6380 commits

This branch
This branch
All branches
Author SHA1 Message Date
Erica
135f4dae0c Merge pull request #2213 from coreos-inc/ISSUE-2026-204-response 
fix(endpoints/api): return empty 204 resp
 2016-12-14 17:13:57 -05:00
josephschorr
d0ec5afa9c Merge pull request #2235 from coreos-inc/clair-load-error-message 
Add error message if security scan not found
 2016-12-14 16:32:57 -05:00
EvB
0a5d4990e6 test(endpoints/api): ensure empty 202 resp 2016-12-14 16:32:06 -05:00
EvB
43aed7c6f4 fix(endpoints/api): return empty 204 resp 
Return an empty body on API requests with status code 204, which
means "No content". Incorrect 'Deleted' responses were being
returned after successful DELETE operations despite the "No Content"
definition of 204.
 2016-12-14 16:22:39 -05:00
josephschorr
fde81c1b58 Merge pull request #2236 from coreos-inc/qss-notification 
Send notifications for previously unscannable layers in QSS
 2016-12-14 11:56:24 -05:00
Joseph Schorr
6871eb95b1 Send notifications for previously unscannable layers in QSS 
Following this change, if an image was previously indexed unsuccessfully, then we will send notifications once successfully indexed
 2016-12-14 11:25:45 -05:00
Joseph Schorr
b83784f1e1 Add error message if security scan not found 
This change ensures that the user gets an error message (and not a blank tab) if the security scan information could not be successfully loaded

Fixes https://www.pivotaltracker.com/story/show/136072509
 2016-12-14 00:50:06 -05:00
josephschorr
2a6632cff4 Merge pull request #2234 from coreos-inc/select-image-test 
Add a test for selecting images to be scanned
 2016-12-14 00:34:27 -05:00
Joseph Schorr
a9a75cd4cf Add a test for selecting images to be scanned 2016-12-14 00:07:48 -05:00
josephschorr
3dea6f6c92 Merge pull request #2233 from coreos-inc/reindex-clair 
Have security scanner analyze only send notifications for *new* layers
 2016-12-13 23:45:48 -05:00
Joseph Schorr
624b2a8385 Have security scanner analyze only send notifications for *new* layers 
Following this change, anytime a layer is indexed by the security scanner, we only send notifications out if the layer previously had a security_indexed_engine value of `-1`, thus ensuring it has *never* been indexed previously. This will allow us to change to version of the security scanner upwards, and have all the images be re-indexed, without firing off notifications in a spammy manner.
 2016-12-13 23:17:11 -05:00
Evan Cordell
5686c80af1 Revert "Add GC of layers in Clair" 
This reverts 49872838ab
 2016-12-13 18:40:58 -05:00
Evan Cordell
dd5f7cbe6c Fix the ephemeral build metrics 2016-12-13 18:28:04 -05:00
Evan Cordell
808266574e Update changelog for v2.0.3 (#2226) 
* Update changelog for v2.0.3
 2016-12-09 16:44:41 -05:00
josephschorr
648fed769b Merge pull request #2224 from coreos-inc/oauth-state 
Have Quay always use an OAuth-specific CSRF token
 2016-12-09 15:16:01 -05:00
Joseph Schorr
fd364ccca3 Remove unneeded exception var 2016-12-09 14:52:49 -05:00
Joseph Schorr
1e5b97318a Fix loading of public keys for OIDC under Linux 
Python's crypto lib under Linux has issues with loading PEM-encoded keys, so we just load it as a DER here and give PyJWT the key *instance* to use directly.
 2016-12-09 14:26:56 -05:00
Joseph Schorr
1302fd2fbd Switch csrf token check to use compare_digest to prevent timing attacks 
Also adds some additional tests for CSRF tokens
 2016-12-08 23:46:31 -05:00
Joseph Schorr
dbdcb802b1 Add end-to-end OAuth login and attach tests 2016-12-08 18:35:42 -05:00
Joseph Schorr
36324708db Fix small pylint issues 2016-12-08 16:21:44 -05:00
Joseph Schorr
ff52fde8a5 Have Quay always use an OAuth-specific CSRF token 
This change ensures that we always store and then check the contents of the OAuth `state` argument against a session-stored CSRF token.

Fixes https://www.pivotaltracker.com/story/show/135803615
 2016-12-08 16:11:57 -05:00
Charlton Austin
ec6ecc02ed Merge pull request #2223 from charltonaustin/removing_unused_imports 
Removing an unused import.
 2016-12-08 15:31:36 -05:00
Charlton Austin
0b8c2ef92f Removing an unused import. 2016-12-08 13:53:52 -05:00
josephschorr
34f2ddce87 Merge pull request #2222 from coreos-inc/bust-apt-cache 
Bust apt cache
 2016-12-07 18:10:26 -05:00
Joseph Schorr
1fdca26632 Bust apt cache 2016-12-07 18:09:33 -05:00
josephschorr
410b9d74fc Merge pull request #2214 from coreos-inc/clair-gc 
Add GC of layers in Clair
 2016-12-07 17:58:21 -05:00
josephschorr
543d86ae10 Merge pull request #2221 from coreos-inc/fix-error-pages 
Have all error pages be rendered by Angular
 2016-12-07 17:53:14 -05:00
josephschorr
111b7b0788 Merge pull request #2206 from coreos-inc/ldap-user-search-fix 
Fix external auth returns for query_user calls
 2016-12-07 17:53:04 -05:00
josephschorr
c5111d7930 Merge pull request #2144 from coreos-inc/buildlogs-improvements 
Change the append build log method to execute the two calls via one pipelined connection
 2016-12-07 17:52:22 -05:00
Joseph Schorr
c06bba38de Have all error pages be rendered by Angular 
Fixes #2198

Fixes https://www.pivotaltracker.com/story/show/135724483
 2016-12-07 17:49:02 -05:00
Jimmy Zelinskie
00eafff747 Merge pull request #2204 from jzelinskie/429builds 
add rate limiting to build queues
 2016-12-07 15:03:31 -05:00
Joseph Schorr
3203fd6de1 Fix external auth returns for query_user calls 
Adds the missing field on the query_user calls, updates the external auth tests to ensure it is returned properly, and adds new end-to-end tests which call the external auth engines via the *API*, to ensure this doesn't break again
 2016-12-07 14:28:42 -05:00
Charlton Austin
9720efbdb6 Merge pull request #2218 from charltonaustin/fix_set_to_Set 
Fixing api usage.
 2016-12-07 13:28:01 -05:00
Jimmy Zelinskie
b671ee938a Merge pull request #2174 from jzelinskie/pngcrush 
dockerfile: optimize static images
 2016-12-07 13:04:28 -05:00
Jimmy Zelinskie
ebbe58d311 replace prefix w/ canonical name list 2016-12-07 12:56:56 -05:00
Charlton Austin
9e25fde3a0 Fixing api usage. 2016-12-07 12:53:07 -05:00
Ian Minoso
548bae0384 Merge pull request #2215 from iminoso/services 
Inject ApiService to be accessible in the body react component
 2016-12-07 12:01:32 -05:00
josephschorr
57ace09a97 Merge pull request #2217 from coreos-inc/comment-fix 
Fix doc comment on security scan API endpoint
 2016-12-07 11:53:40 -05:00
Joseph Schorr
d349e1639a Fix doc comment on security scan API endpoint 
Fixes #2216
 2016-12-07 11:50:22 -05:00
Ian Minoso
a7594d6e57 Inject ApiService to be accessible in the body react component 2016-12-07 03:29:29 -05:00
Jimmy Zelinskie
c41de8ded6 build queue rate limiting: address PR comments 2016-12-06 20:40:54 -05:00
Joseph Schorr
49872838ab Add GC of layers in Clair 
Fixes https://www.pivotaltracker.com/story/show/135583207
 2016-12-06 19:52:56 -05:00
Ben Spoon
1d0aff9906 Merge pull request #2205 from spoonben/update-landing-css 
landing: remove gray background
 2016-12-06 14:03:03 -08:00
Jimmy Zelinskie
eb69abff8b build rate limiting: tests 2016-12-06 16:30:12 -05:00
Jimmy Zelinskie
57770493fa build rate limiting: use a rate 2016-12-06 16:30:12 -05:00
Jimmy Zelinskie
7877c6ab94 add rate limiting to build queues 2016-12-06 16:30:12 -05:00
Jimmy Zelinskie
1d5de937c6 dockerfile: optimize static images 2016-12-06 15:03:11 -05:00
Charlton Austin
0aa6e6cd58 Merge pull request #2203 from charltonaustin/fix_build_component_cleanup 
Adding in a cancel method to the build component so we can properly c…
 2016-12-06 14:13:10 -05:00
Jake Moshenko
ce0ba3f68f Merge pull request #2211 from jakedt/bulkqueue 
Bulk queue methods
 2016-12-06 14:02:38 -05:00
Jake Moshenko
d656e54d99 Fix unsafe mutable default params. 2016-12-06 14:00:16 -05:00