Jimmy Zelinskie
4079dba167
service keys: do all the right stuff
2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
cca95ac583
add GITLAB_TRIGGER_CONFIG to config.py
...
We were already using this in production in our config.yml. We just
didn't have a default value for it inside of config.py.
2016-03-18 14:56:09 -04:00
Quentin Machu
d36528a77a
Increase POST timeout in secscan API
2016-03-04 11:59:00 -05:00
Quentin Machu
888f976e8d
Use a feature flag to toggle security notifications
2016-03-01 15:54:18 -05:00
Joseph Schorr
f498e92d58
Implement against new Clair paginated notification system
2016-02-25 15:58:42 -05:00
Joseph Schorr
1940fd9939
Add UI to the setup tool for enabling ACI conversion
...
Fixes #1211
2016-02-17 12:05:48 -05:00
Jimmy Zelinskie
e18dacd26b
extend torrent webseed lifetime to an hour
2016-02-08 17:57:28 -05:00
Joseph Schorr
b4bddacedb
Switch to Fernet crypto as per gtank's recommendation
2016-01-26 12:50:48 -05:00
Joseph Schorr
bd0a098282
Add ID-based pagination to logs using new decorators and an encrypted token
...
Fixes #599
2016-01-26 12:50:48 -05:00
Jimmy Zelinskie
85ae1a2a0a
Merge pull request #1161 from jzelinskie/torrenthmac
...
misc torrent changes
2016-01-22 23:02:44 -05:00
Joseph Schorr
e4ffaff869
Fix Docker Auth and our V2 registry paths to support library (i.e. namespace-less) repositories.
...
This support is placed behind a feature flag.
2016-01-22 15:54:06 -05:00
Jimmy Zelinskie
e54b86c6eb
s/TORRENT/BITTORRENT
2016-01-22 15:52:28 -05:00
Jake Moshenko
1ae101c917
Address torrent feature review comments.
2016-01-08 16:38:21 -05:00
Jimmy Zelinskie
087c6828ad
add feature.BITTORRENT and jwk set URI
2016-01-07 19:07:23 -05:00
Jimmy Zelinskie
a0e5de8f29
add torrent options to config
2016-01-04 16:17:51 -05:00
Jake Moshenko
fe87d3c796
Hash and track layer file chunks for torrenting
2016-01-04 16:17:51 -05:00
Joseph Schorr
ab166c4448
Delete the image diff feature
...
Fixes #1077
2015-12-23 13:08:01 -05:00
Jimmy Zelinskie
f439ad7804
Merge pull request #618 from jzelinskie/logsworker
...
add a log rotation worker
2015-12-16 17:25:50 -05:00
Jimmy Zelinskie
e1f955a3f6
add a log rotation worker
...
Fixes #609 .
2015-12-16 17:22:28 -05:00
Joseph Schorr
c888a8b3be
Make GC timeout configurable
2015-12-16 15:45:02 -05:00
Jake Moshenko
766d60493f
Add the ability to blacklist v2 for specific versions
2015-12-15 18:27:10 -05:00
Jake Moshenko
0459c3bc54
Merge remote-tracking branch 'upstream/master' into python-registry-v2
2015-11-16 14:22:54 -05:00
Joseph Schorr
7816b0c657
Merge master into vulnerability-tool
2015-11-12 21:52:47 -05:00
Jimmy Zelinskie
7fd53d6783
update IRC channel
2015-11-11 15:42:36 -05:00
Jimmy Zelinskie
dc476470fe
add secscan notification queue
2015-11-10 15:22:30 -05:00
Joseph Schorr
75dfec7875
Fix endpoint
2015-11-09 12:50:39 -05:00
Jake Moshenko
c2fcf8bead
Merge remote-tracking branch 'upstream/phase4-11-07-2015' into python-registry-v2
2015-11-06 18:18:29 -05:00
Jimmy Zelinskie
f3c3e684a1
prepare branch to be merged into phase1-11-07-2015
...
This removes the checksum backfill, removes the migration that runs the
backfills, and defaults the security scan feature off.
2015-11-06 15:22:18 -05:00
Joseph Schorr
cfa03951e1
Add a SecScanEndpoint class and move all the cert and config handling in there
2015-11-06 15:22:18 -05:00
Joseph Schorr
e4508fc0d0
Add vulnerabilities and packages API to Quay
...
Fixes #564
2015-11-06 15:22:18 -05:00
Joseph Schorr
0f3db709ea
Add a vulnerability_found event for notice when we detect a vuln
...
Fixes #637
Note: This PR does *not* actually raise the event; it merely adds support for it
2015-11-06 15:22:18 -05:00
Joseph Schorr
2d1df267dd
Add security config
2015-11-06 15:22:18 -05:00
Joseph Schorr
f6a53f7cc5
Change all Quay.io references to Quay, fix tour and change logo
...
Fixes #741
2015-11-02 14:37:48 -05:00
Jake Moshenko
fc55730db8
Add a feature flag to advertise v2 endpoints
2015-10-26 14:20:51 -04:00
Jake Moshenko
26cea9a07c
Merge remote-tracking branch 'upstream/master' into python-registry-v2
2015-09-17 16:16:27 -04:00
Jake Moshenko
9c3ddf846f
Some fixes and tests for v2 auth
...
Fixes #395
2015-09-10 15:38:57 -04:00
Joseph Schorr
c0286d1ac3
Add support for Dex to Quay
...
Fixes #306
- Adds support for Dex as an OAuth external login provider
- Adds support for OIDC in general
- Extract out external logins on the JS side into a service
- Add a feature flag for disabling direct login
- Add support for directing to the single external login service
- Does *not* yet support the config in the superuser tool
2015-09-04 17:05:06 -04:00
Jake Moshenko
210ed7cf02
Merge remote-tracking branch 'upstream/master' into python-registry-v2
2015-09-04 16:32:01 -04:00
Joseph Schorr
0a91a1d9d8
Redirect to the /setup page automatically in the ER when not fully setup
2015-09-02 14:59:54 -04:00
Joseph Schorr
724b1607d7
Add automatic storage replication
...
Adds a worker to automatically replicate data between storages and update the database accordingly
2015-09-01 14:53:32 -04:00
Jake Moshenko
e1b3e9e6ae
Another huge batch of registry v2 changes
...
Add patch support and resumeable sha
Implement all actual registry methods
Add a simple database generation option
2015-08-12 16:41:12 -04:00
Joseph Schorr
e53c3e23be
Change docs to load from HTTPS
2015-08-05 14:34:11 -04:00
Joseph Schorr
8a8955d234
Add documentation search to the main search bar
2015-08-03 17:15:53 -04:00
Joseph Schorr
70de107268
Make GC of repositories fully async for whitelisted namespaces
...
This change adds a worker to conduct GC on repositories with garbage every 10s.
Fixes #144
2015-07-28 15:30:04 -04:00
Jake Moshenko
bc29561f8f
Fix and templatize the logic for external JWT AuthN and registry v2 Auth.
...
Make it explicit that the registry-v2 stuff is not ready for prime time.
2015-07-17 11:56:15 -04:00
Joseph Schorr
33b31a2451
Fix logs view in superuser panel
...
This seems to have been broken ever since we moved to syslog
2015-06-15 20:55:23 -04:00
Jake Moshenko
e09d84b3c8
Merge pull request #55 from coreos-inc/oauthdeny
...
Fix OAuth redirect for denial action when generating for internal tokens
2015-06-05 14:00:16 -04:00
Joseph Schorr
5516911de9
Fix OAuth redirect for denial action when generating for internal tokens
2015-06-02 12:25:59 -04:00
Joseph Schorr
54992c23b7
Add a feature flag for disabling unauthenticated access to the registry in its entirety.
2015-05-19 17:52:44 -04:00
Joseph Schorr
ba0fafc857
Add missing default for the gitlab feature flag
2015-05-04 19:04:27 -07:00
Joseph Schorr
c480fb2105
Work in progress: bitbucket support
2015-04-24 15:13:08 -04:00
Joseph Schorr
5cd500257d
Merge branch 'master' into orgview
2015-04-01 13:56:49 -04:00
Joseph Schorr
27a9b84587
Switch avatars to be built out of CSS and only overlayed with the gravatar when a non-default exists
2015-03-30 17:55:04 -04:00
Joseph Schorr
e4b659f107
Add support for encrypted client tokens via basic auth (for the docker CLI) and a feature flag to disable normal passwords
2015-03-25 18:43:12 -04:00
Jake Moshenko
78c8354174
Switch our temporary token lookups for signed grants which will not require DB access.
2015-02-19 16:54:23 -05:00
Jake Moshenko
ec01373240
Rename the config variable for temp tag expiration per the pull request feedback.
2015-02-18 17:06:41 -05:00
Jake Moshenko
41108a0856
Allow tags to be marked as hidden. Create a hidden tag on every image during a push to prevent them from getting GCed.
2015-02-18 17:05:16 -05:00
Joseph Schorr
3cae6609a7
Remove old services from the blacklist
2015-02-18 16:34:42 -05:00
Joseph Schorr
0d2c42ad03
Fix tests
2015-01-09 17:11:51 -05:00
Joseph Schorr
40d2b1748f
Fix handling of secret key: We now generate it on app startup if it doesn't exist in the config (which it doesn't anymore in the base config.py).
2015-01-05 12:31:02 -05:00
Joseph Schorr
1bf25f25c1
WIP
2015-01-04 14:38:41 -05:00
Joseph Schorr
4ca877c1d4
Add ability to download system logs
2014-12-23 14:01:00 -05:00
Jimmy Zelinskie
f3259c862b
Merge branch 'koh'
...
Conflicts:
auth/scopes.py
requirements-nover.txt
requirements.txt
static/css/quay.css
static/directives/namespace-selector.html
static/js/app.js
static/partials/manage-application.html
templates/oauthorize.html
2014-12-01 12:30:09 -08:00
Joseph Schorr
72d613614d
Merge branch 'bagger'
2014-12-01 12:48:59 -05:00
Joseph Schorr
660a640de6
Better organize the source file structure of the build manager and change it to choose a lifecycle manager based on the config
2014-11-25 16:14:44 -05:00
Joseph Schorr
e9cac407df
Add a configurable avatar system and add an internal avatar system for enterprise
2014-11-24 19:25:13 -05:00
Jimmy Zelinskie
716d7a737b
Strip whitespace from ALL the things.
2014-11-24 16:07:38 -05:00
Jake Moshenko
8b3184a7cb
Change the default username and password for flask-mail to None instead of empty string.
2014-11-21 12:32:30 -05:00
Jake Moshenko
2b8c246476
Temporarily put user rename behind a feature flag. Switch queue names back to using the username for namespace while we figure out a real migration strategy.
2014-11-20 15:36:39 -05:00
Joseph Schorr
3e79379942
- Make the OAuth config system centralized
...
- Add support for Github Enterprise login
2014-11-05 16:43:37 -05:00
Joseph Schorr
98602a2d0c
Add a new configurable health check, to make sure production instances are not taken down by Redis or non-local DB issues
2014-11-02 15:06:17 -05:00
Joseph Schorr
4eedd54b66
- Make usage language more accurate by stating "repositories"
...
- Have usage counter be based on a 4 weeks TTL
- Add a simple usage counter breakage test
2014-10-30 13:26:02 -04:00
Joseph Schorr
c1398c6d2b
- Add a log entry for repo verb handling and make the container usage calculation take it into account
...
- Move all the repo push/pull/verb logging into a central track_and_log method
- Readd images accidentally deleted in the last CL
- Make the uncompressed size migration script better handle exceptions
2014-10-29 15:42:44 -04:00
Joseph Schorr
8b331b453e
Make the contact page dynamic so that enterprise customers can configure it however they like
2014-10-22 14:49:33 -04:00
Jake Moshenko
fa6a06502d
Change the default redis host to localhost. Fix some whitespace issues in the userevents module.
2014-10-14 14:37:02 -04:00
Jake Moshenko
44637dad96
Merge branch 'master' of bitbucket.org:yackob03/quay
2014-10-14 13:58:14 -04:00
Jake Moshenko
328db8b660
Split the app into separate backends, which can use different worker types and different timeouts.
2014-10-14 13:58:08 -04:00
Joseph Schorr
49f8629566
Make the default mail sender use the Flask mail config value
2014-10-10 13:14:33 -04:00
Joseph Schorr
c682899861
Add a feature flag to disable user creation
2014-10-02 14:49:18 -04:00
Joseph Schorr
2c5cc7990f
Allow for additional REDIS config such as password and port
2014-10-01 14:16:42 -04:00
Joseph Schorr
f3b03ebc34
Add a feature flag for disabling all emails
2014-09-22 19:11:48 -04:00
Jake Moshenko
2455c17f96
Merge remote-tracking branch 'origin/master' into waltermitty
...
Conflicts:
app.py
data/userfiles.py
2014-09-11 11:18:28 -04:00
Jake Moshenko
c9e1648781
Small fixes to bugs in the streaming handler for use with magic and radosgw.
2014-09-09 18:30:14 -04:00
Jake Moshenko
451e034ca1
Archived logs commit 1. Squash me.
2014-09-08 16:43:17 -04:00
Joseph Schorr
e028d4ae0a
Merge master into branch
2014-09-04 18:08:18 -04:00
Joseph Schorr
4140e115e5
Put building behind a feature flag
2014-08-22 18:03:22 -04:00
Joseph Schorr
2597bcef3f
Add support for login with Google. Note that this CL is not complete
2014-08-11 15:47:44 -04:00
Joseph Schorr
6f804c222a
Replace references seen in the enterprise version to "Quay.io" with a config-pulled value
2014-08-08 13:50:04 -04:00
Joseph Schorr
bcbea37fce
Change distributed config format to make it easier for the setup tool
2014-08-07 13:45:15 -04:00
Joseph Schorr
49801bc2c4
- Add web hook queue code back in. We'll remove it and turn it off after this CL goes to prod
...
- Make notification lookup always be by repo and its UUID, rather than the internal DB ID
- Add the init script for the notification worker
2014-07-31 13:30:54 -04:00
Joseph Schorr
8d7493cb86
Convert over to notifications system. Note this is incomplete
2014-07-17 22:51:58 -04:00
Jake Moshenko
6047f3759f
Remove the placement fallback since the DB has been fully backfilled.
2014-06-24 17:01:23 -04:00
Jake Moshenko
cf2ba9f0b6
Fix a typo in the config for the backfill location.
2014-06-23 11:25:14 -04:00
Jake Moshenko
0a62f7f725
Add the ability to look up images which do not have a placement yet.
2014-06-18 12:40:23 -04:00
Jake Moshenko
bf98575feb
Add the basics of geographic data distribution and get the tests to work.
2014-06-17 16:03:43 -04:00
Jake Moshenko
0057ced98c
Move GitHub build trigger behind a feature flag.
2014-05-30 18:28:18 -04:00
Jake Moshenko
d1f4fbdacc
Split out the redis hostname for user events and build logs as a string config. Modularize the user events and fix all callers.
2014-05-30 14:25:29 -04:00
Joseph Schorr
69be86be97
Add extra seat check in the user API call and turn off user->org conversion when authentication is LDAP
2014-05-28 15:53:53 -04:00
Jake Moshenko
f6726bd0a4
Merge branch 'ldapper'
...
Conflicts:
Dockerfile
app.py
data/database.py
endpoints/index.py
test/data/test.db
2014-05-22 12:13:41 -04:00
Jake Moshenko
d14798de1d
Add a queue capacity reporter plugin to the queue. Move the queue definitions to app. Add a cloudwatch reporter to the dockerfile build queue.
2014-05-21 19:50:37 -04:00