Joseph Schorr
bf966545ba
Reimplement GitLab trigger handler using the V4 API library
...
GitLab has deprecated and removed the V3 API entirely
Fixes https://jira.coreos.com/browse/QUAY-966
2018-06-12 15:01:37 -04:00
Sam Chow
e9d24dc5ff
Make script paths work in docker and locally for config_app
2018-06-12 14:45:00 -04:00
Sam Chow
7f21d0da58
Merge pull request #3096 from quay/refactor/secscan-simple
...
Refactor validators to decouple app
2018-06-01 15:44:18 -04:00
Sam Chow
301cc6992a
Remove jwt validation for jschorr to fix later
...
Refactor oauth validate method to take config over entire appconfig
2018-06-01 15:07:06 -04:00
Sam Chow
7df8ed4a60
Add a security scanner api config object for params
...
Change SecScanAPI to use a uri creation func instead of test context
Pass config provider through validator context
Remove app config dependency for validators
2018-06-01 15:06:50 -04:00
Sam Chow
554d4f47a8
Change validators to use the validator_context
...
Change InstanceKeys to take a namedtuple for context
2018-06-01 14:59:49 -04:00
Joseph Schorr
b2262eaf46
Add feature flag to disable username confirmation
...
Fixes https://jira.coreos.com/browse/QUAY-914
2018-06-01 13:30:50 -04:00
Joseph Schorr
8ee98c1c48
Show starred public repositories in the starred repos list
...
We forgot to check if the repository was public in the filter
Fixes https://jira.coreos.com/browse/QUAY-857
2018-05-31 17:34:17 -04:00
Sam Chow
d45b925155
Move config provider to _init to decouple from app
...
remove app references from validators
2018-05-25 11:15:06 -04:00
Joseph Schorr
fc6eb71ab1
Switch from an image view UI to a manifest view UI
...
We no longer allow viewing individual images, but instead only manifests. This will help with the transition to Clair V3 (which is manifest based) and, eventually, the the new data model (which will also be manifest based)
2018-05-22 13:11:04 -04:00
Joseph Schorr
a007332d4c
Temporarily change to storing logs in a new LogEntry2 table
...
This will prevent us from running out of auto-incrementing ID values until such time as we can upgrade to peewee 3 and change the field type to a BigInt
Fixes https://jira.coreos.com/browse/QUAY-943
2018-05-18 20:15:16 -04:00
josephschorr
58612955d6
Merge pull request #3079 from quay/joseph.schorr/QUAY-927/robots-limit
...
Limit robots displayed in entity search
2018-05-15 13:59:48 -04:00
Joseph Schorr
5c50161d85
Limit robots displayed in entity search
...
Before, we'd load *all* the robots, which can be a huge issue in namespaces with a large number of robots. Now, we only load the top-20 robots (as per recency in login), and we also limit the information returned to the entity search to save some bandwidth.
Fixes https://jira.coreos.com/browse/QUAY-927
2018-05-15 11:00:57 -04:00
Joseph Schorr
e3248bde47
Small fixes to make loading of logs faster
...
Removes filtering of log types where not necessary, removes filtering based on namespace when filtering based on repository (superfluous check that was causing issues in MySQL preventing the use of the correct index) and fix some other small issues around the API
Fixes https://jira.coreos.com/browse/QUAY-931
2018-05-14 11:41:49 -04:00
Joseph Schorr
2ae69dc651
Further fixes to the Kubernetes config provider, and a new set of proper unit tests
2018-05-10 16:44:18 +03:00
Sam Chow
f89ad30320
Merge pull request #3060 from quay/max-results-help-text
...
Configurable options for search, disable next page & add help text when at max results
2018-04-25 08:17:35 -07:00
Sam Chow
1afedafcbb
Configurable options for search, info when at max
...
includes the options for maximum search results per page, and the
maximum number of pages available before help text is shown, and
the next page button is disabled
2018-04-25 11:12:09 -04:00
Joseph Schorr
3309daa32e
Add support for reduced initial build count for new possible abusing users
...
If configured, we now check the IP address of the user signing up and, if they are a possible threat, we further reduce their number of allowed maximum builds to the configured value.
2018-04-20 18:46:32 +03:00
Joseph Schorr
8146646761
Simplifying queries around images and placements
...
Only verbs needs to load placements for multiple images, so we can vastly simplify and optimize most queries by making it two-step, and having the rest of the image loads not worry about placements
2018-04-03 16:23:49 -04:00
josephschorr
7b5c22c699
Merge pull request #1205 from coreos-inc/apiimprov
...
Remove 404 when an entity is not a member of a team, but is a robot u…
2018-03-22 21:41:16 -04:00
Joseph Schorr
6d365418b7
Limit the size of then payload for creating robot accounts
2018-03-22 13:54:56 -04:00
josephschorr
6c43b7ff0d
Merge pull request #3024 from coreos-inc/manageable-robots
...
Manageable robots epic
2018-03-21 18:50:17 -04:00
Joseph Schorr
2ea13e86a0
Add last_accessed information to User and expose for robot accounts
...
Fixes https://jira.coreos.com/browse/QUAY-848
2018-03-21 15:28:34 -04:00
Joseph Schorr
3586955669
Remove license code in Quay
...
No longer needed under Red Hat rules \o/
Fixes https://jira.coreos.com/browse/QUAY-883
2018-03-20 17:03:35 -04:00
Brad Ison
e8429f9194
Add organization collaborators API endpoint
...
Adds an API endpoint, `/v1/organization/<orgname>/collaborators`, that
lists an organization's "outside collaborators", i.e. users that have
direct permissions on one or more repositories belonging to the
organization, but who aren't members of any teams in the organization.
2018-03-14 16:11:53 -04:00
Joseph Schorr
254cdfe43a
Add support for metadata on robot accounts
...
Fixes https://jira.coreos.com/browse/QUAY-847
Fixes https://jira.coreos.com/browse/QUAY-816
2018-03-12 20:32:05 -04:00
Joseph Schorr
a693771345
Add creation date information to robots API and UI
...
Fixes https://jira.coreos.com/browse/QUAY-846
2018-03-09 13:55:19 -05:00
Joseph Schorr
da45bedcdb
Remove 404 when an entity is not a member of a team, but is a robot under the org.
...
Fixes #1200
2018-03-02 16:07:03 -05:00
Joseph Schorr
93d79e777e
Automatically disable build triggers with successive failures or internal errors
...
We allow users to reenable them manually once disabled
2018-03-01 16:49:51 -05:00
Joseph Schorr
c35eec0615
Add ability for triggers to be disabled
...
Will be used in the followup commit to automatically disable broken triggers
2018-03-01 16:49:28 -05:00
Joseph Schorr
4be3594ec8
Remove internal_only from superuser APIs for users and orgs
2018-03-01 15:14:39 -05:00
Joseph Schorr
8bc55a5676
Make namespace deletion asynchronous
...
Instead of deleting a namespace synchronously as before, we now mark the namespace for deletion, disable it, and rename it. A worker then comes along and deletes the namespace in the background. This results in a *significantly* better user experience, as the namespace deletion operation now "completes" in under a second, where before it could take 10s of minutes at the worse.
Fixes https://jira.coreos.com/browse/QUAY-838
2018-02-27 13:12:51 -05:00
Joseph Schorr
bcd9b680fa
Add X-Requested-With header to allowed CORS headers
...
Will fix the API explorer
2018-02-21 14:21:27 -05:00
Brad Ison
62971b7f20
Merge pull request #2999 from bison/user-location
...
Add user location metadata filed
2018-02-20 16:48:37 -05:00
Joseph Schorr
188ea98441
Add new decorator to prevent reflected text attacks
...
Instead of disabling repo names with periods in them, we simply disallow calls to the API when they are GET requests, whose path ends in a dot, and that do not have a referrer from the frontend.
2018-02-20 11:33:45 -05:00
josephschorr
ac328da383
Merge pull request #3006 from coreos-inc/joseph.schorr/QUAY-827/noop-team-name
...
Add messaging when trying to create a team that already exists
2018-02-15 16:41:51 -05:00
Joseph Schorr
72ca758c88
Add messaging when trying to create a team that already exists
...
Fixes https://jira.coreos.com/browse/QUAY-827
2018-02-15 16:03:09 -05:00
Joseph Schorr
e220b50543
Refactor auth code to be cleaner and more extensible
...
We move all the auth handling, serialization and deserialization into a new AuthContext interface, and then standardize a registration model for handling of specific auth context types (user, robot, token, etc).
2018-02-14 15:35:27 -05:00
Brad Ison
5965929187
Include location in user analytics
2018-02-06 16:06:17 -05:00
Brad Ison
3de6b4a646
Add location metadata field for users
2018-02-06 16:06:17 -05:00
josephschorr
6514bf229f
Merge pull request #2973 from coreos-inc/joseph.schorr/QS-116/cloudfront-storage
...
Add support for configuring cloudfront storage
2018-02-02 10:14:28 -05:00
Joseph Schorr
b0f656731c
Add support for configuring CloudFront storage engine
...
Fixes https://jira.coreos.com/browse/QS-116
2018-01-31 11:22:14 -05:00
Joseph Schorr
208dc38d25
Allow expired app specific tokens to be deleted
2018-01-23 11:40:51 -05:00
Joseph Schorr
c887aa543b
Change superuser API errors to be more descriptive
...
Fixes https://jira.coreos.com/browse/QS-103
2018-01-05 17:09:26 -05:00
josephschorr
13b738c43c
Merge pull request #2954 from coreos-inc/joseph.schorr/QS-102/user-api-filter
...
Add ability to filter users list to enabled users
2018-01-05 15:40:50 -05:00
josephschorr
5286fd63b0
Merge pull request #2953 from coreos-inc/joseph.schorr/QS-101/discovery-anon
...
Allow anonymous access to the discovery endpoint
2018-01-05 15:40:39 -05:00
josephschorr
d8fde005d8
Merge pull request #2961 from coreos-inc/joseph.schorr/QS-107/create-repo-opt
...
Small optimizations around create repository code
2018-01-05 15:40:30 -05:00
Joseph Schorr
888b564a9b
Add a banner to the Quay UI when an app specific token is about to expire
2018-01-04 15:27:42 -05:00
Joseph Schorr
2214a2c7ad
Disable fresh login check in auth engines that won't support it
2018-01-04 15:27:41 -05:00
Joseph Schorr
524d77f527
Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password
2018-01-04 15:27:41 -05:00
Joseph Schorr
1e1bec0afe
Remove extra update call on create repo
2018-01-04 13:42:05 -05:00
Joseph Schorr
8e473b9779
Add filter for disabled users to superuser user list API
...
Fixes https://jira.coreos.com/browse/QS-102
2017-12-22 16:45:49 -05:00
Joseph Schorr
1d3a93efcb
Linter fixes for superuser API file
2017-12-22 16:18:58 -05:00
Joseph Schorr
6b42e3e4ca
Allow anonymous access to the discovery endpoint
...
Fixes https://jira.coreos.com/browse/QS-101
2017-12-22 16:13:23 -05:00
josephschorr
6db2ecc19f
Merge pull request #2928 from coreos-inc/joseph.schorr/QS-74/fix-restart
...
Have Quay lookup the sbin/my_init PID to kill
2017-12-07 13:25:16 -05:00
Joseph Schorr
1d1c6f0606
Invalidate all session tokens when a user signs out
...
Fixes https://jira.coreos.com/browse/QS-85
2017-12-07 13:03:11 -05:00
Joseph Schorr
a204dc20fb
Require CAPTCHA for password recovery
...
https://jira.coreos.com/browse/QS-79
2017-12-06 14:25:34 -05:00
Joseph Schorr
927d469db0
In password recovery, don't reveal whether an e-mail address is valid (unless it is an org's e-mail address)
2017-12-06 14:07:38 -05:00
Joseph Schorr
4db1615d94
Fix bugs in updateuser
...
1) Also check for matching organization names
2) Ensure that errors don't leave the throbber
2017-12-01 14:58:29 -05:00
Joseph Schorr
874a7b0c41
Have Quay lookup the sbin/my_init PID to kill
...
We changed the entry point in Quay to be a shell script that calls `my_init`, which means the init no longer has PID 1. We therefore need to look up the correct PID to kill it.
Fixes https://jira.coreos.com/browse/QS-74
2017-12-01 14:04:43 -05:00
Joseph Schorr
2ced523313
Add Explore tab and query-less searching
...
Allows for exploration of all visible repositories, in paginated form.
This change also fixes the layout of the header on different viewport sizes to be consistently a single line in height.
Fixes https://jira.coreos.com/browse/QS-63
2017-11-28 16:50:23 +02:00
Joseph Schorr
9b2fb46e34
Move recaptcha check after the username check
...
Ensures that if someone chooses an existing username, they don't need to re-recaptcha
Fixes https://jira.coreos.com/browse/QS-65
2017-11-27 16:59:42 +02:00
Joseph Schorr
1b6ecb6c1c
Fix bug in listing owned tags
...
We were indexing into a map using the docker_image_id, but the ancestors use the *image id*. Also cleans up the code and adds some tests.
Fixes https://jira.prod.coreos.systems/browse/QS-55
2017-11-09 16:21:40 -05:00
Joseph Schorr
2ce4e49711
Build job does not have a request context when calling get_file_url
...
We therefore need to specify some sort of IP or get_file_url will attempt to get it from context
2017-10-06 12:57:02 -04:00
josephschorr
3bef21253d
Merge pull request #2695 from coreos-inc/oidc-internal-auth
...
OIDC internal auth support
2017-10-02 16:51:17 -04:00
Joseph Schorr
82ff85b125
Add ability for users to change their name and company information
2017-09-26 16:58:04 -04:00
Joseph Schorr
804d3c46c3
Add feature flag to allow users to be created only if invited to join a team
...
Allows for open user creation, but only if extended an invitation by someone who already has access
2017-09-14 16:28:39 -04:00
Joseph Schorr
c6aad5fef0
Add option to disable partial autocompletion of users
2017-09-12 15:55:37 -04:00
Joseph Schorr
adc70d2fe2
Add alias for callback path
2017-09-12 12:26:42 -04:00
Evan Cordell
1d246784dd
Include invalid oidc token in the error message for debugging
2017-09-12 12:26:42 -04:00
Joseph Schorr
e724125459
Add support for using OIDC tokens via the Docker CLI
2017-09-12 12:23:22 -04:00
Joseph Schorr
e0820c6be5
Remove encoding of credentials in build trigger web hook
...
This now breaks BitBucket
2017-09-07 11:27:02 -04:00
Joseph Schorr
2fdc1be94b
Remove duplicate orgs when using public namespaces
...
Fixes https://coreosdev.atlassian.net/browse/QUAY-770
2017-08-24 14:13:26 -04:00
josephschorr
46e1bd9c75
Merge pull request #2850 from coreos-inc/jpmc-features
...
Features for JPMC
2017-08-16 14:29:00 -04:00
Joseph Schorr
854155fe82
Fix missing to_dict and import in robots model
...
Also adds a test to catch this issue
2017-08-09 20:33:14 -04:00
Joseph Schorr
2184721d28
Fix recursion error in images API
...
We only need parents for the root set of images
2017-08-09 13:27:54 -04:00
Evan Cordell
cac0457540
fix misnamed key in permissions api
2017-08-09 08:37:59 -04:00
Joseph Schorr
650dbe5f5b
Add config to enable "public" namespaces
...
These are namespaces that will be displayed in the repo list view, regardless of whether the user is a member.
2017-08-07 15:59:06 -04:00
Joseph Schorr
dff4207a89
Add feature flag to enable viewing builds and build logs for public repos
2017-08-07 15:24:36 -04:00
Charlton Austin
0359ac8753
Merge pull request #2848 from charltonaustin/fix_bug_robot_stuffs
...
fix(endpoints/api/robot.py): fix misnamed attribute
2017-08-01 15:05:43 -04:00
Charlton Austin
36e58e3bd0
fix(endpoints/api/robot.py): fix missnamed attribute
...
Issue:NA
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-08-01 14:43:20 -04:00
Charlton Austin
524af4331d
Merge pull request #2847 from charltonaustin/fix_bug_superuser_panel
...
fix(superuser_models_pre_oci): have None for approver
2017-08-01 13:37:50 -04:00
josephschorr
83e9dfac7a
Merge pull request #2817 from coreos-inc/joseph.schorr/QUAY-688/dex-fixes
...
Dex Fixes
2017-08-01 13:26:50 -04:00
Charlton Austin
f05e684b31
fix(superuser_models_pre_oci): have None for approver
...
### Description of Changes
this fixes a null pointer exception
Issue: https://coreosdev.atlassian.net/browse/QUAY-fix_bug_superuser_panel
## Reviewer Checklist
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-08-01 13:09:41 -04:00
Charlton Austin
044036ff4d
Merge pull request #2843 from charltonaustin/create_data_interface_for_subsystem_api/superuser.py_750
...
Create data interface for subsystem api/superuser.py 750
2017-08-01 12:03:19 -04:00
Evan Cordell
e407bc1441
Merge pull request #2806 from ecordell/QUAY-643/api-permission-v22
...
Add data interface for api-permissions for v2-2
2017-08-01 11:56:40 -04:00
Evan Cordell
66dc093639
Convert RepositoryUserTransitivePermission security tests to pytest
2017-08-01 11:34:31 -04:00
Charlton Austin
6c29ec873a
refactor(endpoints/api/superuser*): refactored code behind db model
...
this moves all the db model code behind an interface in prep for v2-2
Issue: https://coreosdev.atlassian.net/browse/QUAY-750
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-08-01 11:27:55 -04:00
Evan Cordell
37ebfd9ab5
Merge pull request #2808 from ecordell/QUAY-647/api-globalmessages-v22
...
Add data interface for globalmessages API
2017-08-01 10:59:35 -04:00
Charlton Austin
3688b6a8df
style(endpoints/api/suconfig_models_interface.py): formatted file
...
### Description of Changes
Issue: https://coreosdev.atlassian.net/browse/QUAY-750
## Reviewer Checklist
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-08-01 09:39:17 -04:00
Charlton Austin
d55397e851
Merge pull request #2820 from charltonaustin/create_data_interface_for_subsystem_api/robot.py_630
...
refactor(endpoints/api/robot*): adding in database interface
2017-08-01 09:37:09 -04:00
Evan Cordell
4734cc90b4
Merge pull request #2809 from ecordell/QUAY-649/api-manifest-v22
...
Add a data interface for manifest labels API
2017-08-01 09:34:10 -04:00
josephschorr
0ae767d506
Merge pull request #2811 from coreos-inc/joseph.schorr/QUAY-631/repotoken-data-interface
...
Change repotoken to use a data interface
2017-07-31 18:02:12 -04:00
josephschorr
004fb88726
Merge pull request #2815 from coreos-inc/joseph.schorr/QUAY-650/image-api-data-interface
...
Change Image API to use a data interface
2017-07-31 18:01:55 -04:00
Joseph Schorr
9676d7d8c7
Make downstream issues show their error in the UI
2017-07-31 17:07:22 -04:00
Evan Cordell
6528c1f3bc
Adds docstrings for permission api data interface
2017-07-31 15:46:13 -04:00
Evan Cordell
a68ec6966e
Add data interface for api-permissions for v2-2
2017-07-31 15:46:13 -04:00
Evan Cordell
c92b566427
Add doc comments to data interface for manifest labels
2017-07-31 15:45:52 -04:00
Evan Cordell
af27a1b6dc
Add a data interface for manifest labels API
2017-07-31 15:45:52 -04:00
Evan Cordell
0d239e08c2
Add docstrings to globalmessages data interface
2017-07-31 15:44:54 -04:00