Jake Moshenko
79f1181a63
Switch build-scheduled to an official build phase.
2015-06-10 16:19:51 -04:00
Jake Moshenko
884fedd229
Improve the log messages in the buildman.
2015-06-10 16:19:51 -04:00
Jake Moshenko
d31e25d5cd
Allow the individual build manager types to specify how long the queue should wait before retring a job that fails to schedule.
2015-06-10 16:19:50 -04:00
Jake Moshenko
a99414b222
Merge pull request #118 from coreos-inc/createfix
...
Fix creation of repositories when having a creator permission
2015-06-10 16:18:56 -04:00
Joseph Schorr
44f49a43dd
Fix creation of repositories when having a creator permission
...
This fixes the grants on a user's session when creating a repository with only the creator permission
Fixes #117
2015-06-10 16:12:42 -04:00
Jimmy Zelinskie
038e0972ac
Merge pull request #119 from coreos-inc/stringfix
...
Parenthesis fix on the JWT auth error message
2015-06-10 16:04:53 -04:00
Joseph Schorr
457ee7306e
Parenthesis fix on the JWT auth error message
2015-06-10 16:00:25 -04:00
Jimmy Zelinskie
b7303665a2
Merge pull request #111 from coreos-inc/incompletefix
...
Requeue build jobs after the work check timeout + some additional padding.
2015-06-09 20:44:40 -04:00
Joseph Schorr
24ce0decd9
Requeue build jobs after the work check timeout + some additional padding. This ensures that if a build somehow gets wedged, other builds can continue to be picked up.
2015-06-09 20:43:48 -04:00
Jimmy Zelinskie
a99f29eee4
Merge pull request #110 from coreos-inc/etcdex
...
Log the etcd exception so we can debug this issue
2015-06-09 20:37:23 -04:00
Joseph Schorr
f82831bff6
Log the etcd exception so we can debug this issue
2015-06-09 20:33:55 -04:00
Jimmy Zelinskie
f7c81e2a34
binarydeps: tengine 2.1.0 -> nginx 1.8.0
...
nginx stable now has unbuffered uploading support, thus we are no longer
required to use tengine.
2015-06-08 15:35:56 -04:00
Jimmy Zelinskie
a933e8bdf4
Merge pull request #107 from coreos-inc/stripefix
...
Change plan subscription to require a new credit card
2015-06-08 15:14:48 -04:00
Joseph Schorr
36cd79c2c0
Change plan subscription to require a new credit card
...
Fixes Issue #101
We change the Stripe plan subscription code to require a new credit card to be entered every time a user moves from the open source plan to a paid plan. When a customer's credit card fails, Stripe auto-desubscribes the user from an active plan, but (before this change) we would try to resubscribe with the invalid card.
2015-06-08 14:23:19 -04:00
Jimmy Zelinskie
eefecd80ff
Merge pull request #98 from coreos-inc/testfix
...
Remove debug flag from JWT tests
2015-06-05 15:41:17 -04:00
Joseph Schorr
f980b892d8
Remove debug flag from JWT tests
...
This can break unit tests running
2015-06-05 15:39:27 -04:00
Jimmy Zelinskie
431267329b
Merge pull request #97 from coreos-inc/jwtdocfix
...
Fix documentation link for JWT auth
2015-06-05 15:25:19 -04:00
Joseph Schorr
de2a64e066
Fix documentation link for JWT auth
2015-06-05 15:21:57 -04:00
Jimmy Zelinskie
c2f80a07a9
Merge pull request #96 from coreos-inc/cachebustfix
...
Add tutorial templates to the grunt compiled list
2015-06-05 14:20:45 -04:00
Joseph Schorr
977ef068df
Add tutorial templates to the grunt compiled list
2015-06-05 14:18:45 -04:00
Jake Moshenko
e09d84b3c8
Merge pull request #55 from coreos-inc/oauthdeny
...
Fix OAuth redirect for denial action when generating for internal tokens
2015-06-05 14:00:16 -04:00
Jake Moshenko
2a2414d6af
Merge pull request #60 from coreos-inc/jwtauthentication
...
Add support for an external JWT-based authentication system
2015-06-05 13:37:42 -04:00
Joseph Schorr
8aac3fd86e
Add support for an external JWT-based authentication system
...
This authentication system hits two HTTP endpoints to check and verify the existence of users:
Existance endpoint:
GET http://endpoint/ with Authorization: Basic (username:) =>
Returns 200 if the username/email exists, 4** otherwise
Verification endpoint:
GET http://endpoint/ with Authorization: Basic (username:password) =>
Returns 200 and a signed JWT with the user's username and email address if the username+password validates, 4** otherwise with the body containing an optional error message
The JWT produced by the endpoint must be issued with an issuer matching that configured in the config.yaml, and the audience must be "quay.io/jwtauthn". The JWT is signed using a private key and then validated on the Quay.io side with the associated public key, found as "jwt-authn.cert" in the conf/stack directory.
2015-06-05 13:20:10 -04:00
Jimmy Zelinskie
6392f32f0d
Merge pull request #88 from coreos-inc/tutfix
...
Tutorial improvements
2015-06-04 14:20:58 -04:00
Joseph Schorr
4347e2f344
Tutorial improvements
...
- Skip the build-related tutorial steps when builds are disabled
- Make the styling of the tutorial more consistent with the new layout
2015-06-04 14:15:47 -04:00
Jimmy Zelinskie
973acddd59
Merge pull request #87 from coreos-inc/tutfix
...
Add to the login section of tutorial when encrypted passwords are required
2015-06-04 13:42:24 -04:00
Joseph Schorr
04678e4e64
Add information to the login section of tutorial when encrypted passwords are required
...
When encrypted passwords are required for the Docker CLI, we add a warning to the Docker login portion of the tutorial indicating that this is needed and how to generate an encrypted password
2015-06-04 13:31:45 -04:00
Jimmy Zelinskie
4745247ef1
Merge pull request #72 from coreos-inc/etcdfix
...
Switch the python-etcd client to the sslfix branch
2015-06-03 14:33:44 -04:00
Joseph Schorr
698f62388e
Switch the python-etcd client to the sslfix branch
...
This fixes an issue with urllib3 and SSL
2015-06-03 14:32:32 -04:00
josephschorr
63f289a8cb
Merge pull request #59 from jzelinskie/custom-git-fix
...
triggers: metadata.commit_sha -> metadata.commit
2015-06-02 16:10:26 -04:00
Jimmy Zelinskie
7f4dd7d42f
triggers: backwards compatible schema for metadata
2015-06-02 16:05:17 -04:00
Jake Moshenko
7d1e5a0c6f
Merge pull request #31 from coreos-inc/nolurk
...
Add a feature flag for disabling unauthenticated access to the regist…
2015-06-02 16:03:49 -04:00
Joseph Schorr
477a3fdcdc
Add a test to verify that all important blueprints have all their methods decorated
...
This ensures that we don't accidentally add a blueprint method without either explicitly blacklisting or whitelisting anonymous access
2015-06-02 15:56:44 -04:00
Jimmy Zelinskie
e01bdd4ab0
triggers: metadata.commit_sha -> metadata.commit
...
This resolves an issue where the custom-git trigger's public facing
schema was not the same as the internal metadata schema. Instead of
breaking users, we rework the internal metadata schema to be the same as
the custom-git JSON schema. This commit also updates everything that
used `metadata.commit_sha` including the test database.
2015-06-02 15:32:28 -04:00
Joseph Schorr
075c75d031
Change to always granting a signed token if there is a valid user OR if there is valid permissions on a repository
...
This fixes the issue whereby attempting to pull a public repository as an authenticated user with anonymous access disabled caused an unexpected 401. This change also adds tests for a few other use cases to verify we haven't broken anything.
2015-06-02 15:16:22 -04:00
Joseph Schorr
3602b59465
Add registry tests for anonymous access
2015-06-02 14:27:57 -04:00
Joseph Schorr
c0e995c1d4
Merge branch 'master' into nolurk
2015-06-02 13:55:16 -04:00
Jake Moshenko
42da017d69
Merge pull request #48 from coreos-inc/nobots
...
Change API calls that expect non-robots to explicitly filter
2015-06-02 12:31:19 -04:00
Joseph Schorr
5516911de9
Fix OAuth redirect for denial action when generating for internal tokens
2015-06-02 12:25:59 -04:00
Jake Moshenko
7bc5f7a1ca
Merge pull request #53 from coreos-inc/v1test
...
Add tests for the registry that mimic Docker's calls
2015-06-02 12:24:42 -04:00
Joseph Schorr
9585e2a765
End-to-end registry tests
2015-06-01 16:35:30 -04:00
Jimmy Zelinskie
b7adacb36b
Merge pull request #58 from coreos-inc/gitjsfix
...
Fix small JS issue if the underlying repository has no branches defined
2015-06-01 16:10:04 -04:00
Joseph Schorr
d414111fa7
Fix small JS issue if the underlying repository has no branches defined
...
This allows the user to continue the setup, even if the repo is empty.
2015-06-01 15:45:13 -04:00
Jimmy Zelinskie
8493395aec
Merge pull request #56 from coreos-inc/bbbranchfix
...
Fix bitbucket triggers when the branch tag filter removes all branches
2015-06-01 15:43:38 -04:00
Joseph Schorr
25ee46f5a2
Fix bitbucket triggers when the branch tag filter removes all branches
2015-06-01 15:35:59 -04:00
josephschorr
491de200f6
Merge pull request #45 from coreos-inc/ldapreferfix
...
Fix LDAP referral and multiple pair handling
2015-06-01 14:11:00 -04:00
Joseph Schorr
2a56790d38
Switch to using a named LDAP tuple for more readable code
2015-06-01 14:02:05 -04:00
Jimmy Zelinskie
edee0d1fd5
Merge pull request #54 from coreos-inc/removedep
...
Remove unneeded avatar library
2015-06-01 13:53:02 -04:00
Joseph Schorr
e4e82790ca
Remove unneeded avatar library
2015-06-01 13:32:57 -04:00
Joseph Schorr
dd28a845db
Fix NPE in cache control decorator
2015-05-28 13:22:42 -04:00