vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
9235 commits 2 branches 62 tags 205 MiB
Commit graph

119 commits

Author SHA1 Message Date
Joseph Schorr
b86d389c8e Add ability to restrict V1 push behind a namespace whitelist 
Also enables the feature by default with an empty whitelist for QE

Fixes https://jira.coreos.com/browse/QUAY-1342
 2019-03-05 17:33:32 -05:00
Joseph Schorr
bdae32630e Fix V1 push for layers already uploaded 2019-03-05 12:13:01 -05:00
Joseph Schorr
b1dd053b02 Fix an NPE when trying to pull a manifest without a legacy image via V1 2019-01-10 13:59:35 -05:00
Joseph Schorr
c3710a6a5e Add ability for specific geographic regions to be blocked from pulling images within a namespace 2018-12-06 17:14:45 -05:00
Joseph Schorr
276d0d571d Fix support for pulling manifest lists via Docker V1 protocol where applicable 2018-11-14 14:05:06 +02:00
Joseph Schorr
37b20010aa Add support for pushing and pulling schema 2 manifests with remote layers 
This is required for windows image support
 2018-11-14 13:21:50 +02:00
Joseph Schorr
7a794e29c0 Add tests for manifest lists and fix some issues encountered while testing 2018-11-13 21:03:20 +02:00
Joseph Schorr
30f072aeff Add support for creating schema 2 manifests and manifest lists via the OCI model 2018-11-12 23:27:49 +02:00
Joseph Schorr
4520f9e842 Change V1 to use the manifest builder and new registry data model 2018-09-28 17:30:04 -04:00
Joseph Schorr
7567808a10 Fix bug in V1 delete tag code and add a test 2018-09-24 12:54:56 -04:00
Joseph Schorr
077c3908e4 Change V1 upload code to use the new blob uploader 2018-09-24 12:54:56 -04:00
Joseph Schorr
10b14866f5 Fix test notification data for repo_pull to match actual data 
Fixes https://jira.coreos.com/browse/QUAY-1023
 2018-09-12 17:31:07 -04:00
Joseph Schorr
701eac5466 Fix registry tests to not terminate prematurely when looking for errors 
Also reorders a check in the V1 protocol to have better error messaging for the users
 2018-08-10 13:36:20 -04:00
Joseph Schorr
f86c087b3b Prevent registry operations against disabled namespaces 
Allows admins to completely wall off a namespace by disabling it

Fixes https://jira.coreos.com/browse/QUAY-869
 2018-05-22 18:36:04 -04:00
Joseph Schorr
8146646761 Simplifying queries around images and placements 
Only verbs needs to load placements for multiple images, so we can vastly simplify and optimize most queries by making it two-step, and having the rest of the image loads not worry about placements
 2018-04-03 16:23:49 -04:00
josephschorr
6c43b7ff0d
Merge pull request #3024 from coreos-inc/manageable-robots 
Manageable robots epic
 2018-03-21 18:50:17 -04:00
Joseph Schorr
3586955669 Remove license code in Quay 
No longer needed under Red Hat rules \o/

Fixes https://jira.coreos.com/browse/QUAY-883
 2018-03-20 17:03:35 -04:00
Joseph Schorr
f1da3c452f Remove unused code 2018-03-12 20:32:05 -04:00
Joseph Schorr
e220b50543 Refactor auth code to be cleaner and more extensible 
We move all the auth handling, serialization and deserialization into a new AuthContext interface, and then standardize a registration model for handling of specific auth context types (user, robot, token, etc).
 2018-02-14 15:35:27 -05:00
Joseph Schorr
524d77f527 Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password 2018-01-04 15:27:41 -05:00
Joseph Schorr
c1cff32c1e Fix log levels in registry 2018-01-04 13:07:11 -05:00
Joseph Schorr
3bf8973fd9 Change app registry to use the credentials verification system 
Allows for tokens, OAuth tokens and robot accounts to be used as well

Fixes https://jira.prod.coreos.systems/browse/QS-36
 2017-12-06 13:52:25 -05:00
Joseph Schorr
aa49b37ad2 Change Docker V1 index to use verify_credentials 2017-12-06 13:52:25 -05:00
Joseph Schorr
56fbbcf7cf Add request IP to get_direct_download_url method 2017-09-25 17:14:28 -04:00
Joseph Schorr
48c79003c6 yap 2017-07-25 17:18:06 -04:00
Joseph Schorr
e7dbc4ee91 Move notification helper code into the root module 2017-07-25 17:00:07 -04:00
Joseph Schorr
ce56031846 Move notifications into its own package 2017-07-25 17:00:06 -04:00
Joseph Schorr
98e2ccf74d Move parse_repository_name into decorators 2017-07-20 16:01:38 -04:00
Jimmy Zelinskie
92e978fa0f endpoints.v2: yapf format 2017-06-29 13:24:00 -04:00
Jimmy Zelinskie
ecd5996386 endpoints.v2: new fs layout for data interface 
Fixes QUAY-656
 2017-06-29 13:19:53 -04:00
Jimmy Zelinskie
4db789b656 add audit logging to app registry endpoints 2017-05-16 15:54:02 -04:00
Joseph Schorr
651666b60b Refactor our auth handling code to be cleaner 
Breaks out the validation code from the auth context modification calls, makes decorators easier to define and adds testing for each individual piece. Will be the basis of better error messaging in the following change.
 2017-03-23 15:42:45 -04:00
Joseph Schorr
1bd4422da9 Move auth decorators into a decorators module 
The non-decorators will be broken out in the followup change
 2017-03-23 15:42:45 -04:00
Jimmy Zelinskie
ca7a0f14d8 endpoints.v1: return 405 for non-docker repos 2017-03-22 17:26:59 -04:00
Jimmy Zelinskie
a2bac7dabd endpoints.v1: only work on docker repositories 2017-03-22 14:31:22 -04:00
josephschorr
432b2d3fe8 Merge pull request #2392 from coreos-inc/search-optimization 
Optimize repository search by changing our lookup strategy
 2017-03-10 15:44:26 -05:00
Joseph Schorr
b5bb76cdea Optimize repository search by changing our lookup strategy 
Previous to this change, repositories were looked up unfiltered in six different queries, and then filtered using the permissions model, which issued a query per repository found, making search incredibly slow. Instead, we now lookup a chunk of repositories unfiltered and then filter them via a single query to the database. By layering the filtering on top of the lookup, each as queries, we can minimize the number of queries necessary, without (at the same time) using a super expensive join.

Other changes:
- Remove the 5 page pre-lookup on V1 search and simply return that there is one more page available, until there isn't. While technically not correct, it is much more efficient, and no one should be using pagination with V1 search anyway.
- Remove the lookup for repos without entries in the RAC table. Instead, we now add a new RAC entry when the repository is created for *the day before*, with count 0, so that it is immediately searchable
- Remove lookup of results with a matching namespace; these aren't very relevant anyway, and it overly complicates sorting
 2017-03-09 19:47:55 -05:00
Jimmy Zelinskie
850c32ebfb Merge pull request #2298 from jzelinskie/maintainers 
MAINTAINERS: init owners to subpkgs
 2017-03-09 17:30:38 -05:00
Joseph Schorr
a319c55616 Don't make permissions request in search for public callers 
They are unnecessary, so we can skip them
 2017-02-17 12:22:21 -05:00
Joseph Schorr
92c0b5ac3e Fix handling of None queries 2017-02-16 15:26:45 -05:00
Joseph Schorr
a0bc0e9488 Implement the full spec for the old Docker V1 registry search API 
This API is still (apparently) being used by the Docker CLI for `docker search` (why?!) and we therefore have customers expecting this to work the same way as the DockerHub.
 2017-02-16 14:45:33 -05:00
Jimmy Zelinskie
64421db0a3 MAINTAINERS: init owners to subpkgs 2017-01-23 17:46:34 -05:00
Brad Ison
df7366eace Add chunk size metric 2016-12-15 13:20:16 -05:00
Brad Ison
8f59ac1251 Don't record size in chunk upload metrics 2016-12-14 12:16:02 -05:00
Joseph Schorr
4b926ae189 Add new metrics as requested by some customers 
Note that the `status` field on the pull and push metrics will eventually be set to False for failed pulls and pushes in a followup PR
 2016-11-03 15:28:40 -04:00
Joseph Schorr
bab17932ac Fix namespace lookup in V1 registry search 
Fixes #2053
 2016-10-31 13:24:40 -04:00
Jimmy Zelinskie
a42eb09a3e util.license: make bp-modification a method 2016-10-17 21:43:45 -04:00
Jimmy Zelinskie
0c5400b7d1 enforce license across registry blueprints 2016-10-17 21:43:45 -04:00
Joseph Schorr
0b7bb6d6c6 Fix issue in V1 registry code with accessing locations under HEAD 
Fixes #1922
 2016-10-03 17:09:12 +03:00
Jimmy Zelinskie
31b77cf232 rename auth.auth to auth.process 
This fixes some ambiguity around imports.
 2016-09-29 15:24:57 -04:00