Joseph Schorr
7816b0c657
Merge master into vulnerability-tool
2015-11-12 21:52:47 -05:00
Jimmy Zelinskie
7fd53d6783
update IRC channel
2015-11-11 15:42:36 -05:00
Jimmy Zelinskie
dc476470fe
add secscan notification queue
2015-11-10 15:22:30 -05:00
Joseph Schorr
75dfec7875
Fix endpoint
2015-11-09 12:50:39 -05:00
Jimmy Zelinskie
f3c3e684a1
prepare branch to be merged into phase1-11-07-2015
...
This removes the checksum backfill, removes the migration that runs the
backfills, and defaults the security scan feature off.
2015-11-06 15:22:18 -05:00
Joseph Schorr
cfa03951e1
Add a SecScanEndpoint class and move all the cert and config handling in there
2015-11-06 15:22:18 -05:00
Joseph Schorr
e4508fc0d0
Add vulnerabilities and packages API to Quay
...
Fixes #564
2015-11-06 15:22:18 -05:00
Joseph Schorr
0f3db709ea
Add a vulnerability_found event for notice when we detect a vuln
...
Fixes #637
Note: This PR does *not* actually raise the event; it merely adds support for it
2015-11-06 15:22:18 -05:00
Joseph Schorr
2d1df267dd
Add security config
2015-11-06 15:22:18 -05:00
Joseph Schorr
f6a53f7cc5
Change all Quay.io references to Quay, fix tour and change logo
...
Fixes #741
2015-11-02 14:37:48 -05:00
Joseph Schorr
c0286d1ac3
Add support for Dex to Quay
...
Fixes #306
- Adds support for Dex as an OAuth external login provider
- Adds support for OIDC in general
- Extract out external logins on the JS side into a service
- Add a feature flag for disabling direct login
- Add support for directing to the single external login service
- Does *not* yet support the config in the superuser tool
2015-09-04 17:05:06 -04:00
Joseph Schorr
0a91a1d9d8
Redirect to the /setup page automatically in the ER when not fully setup
2015-09-02 14:59:54 -04:00
Joseph Schorr
724b1607d7
Add automatic storage replication
...
Adds a worker to automatically replicate data between storages and update the database accordingly
2015-09-01 14:53:32 -04:00
Joseph Schorr
e53c3e23be
Change docs to load from HTTPS
2015-08-05 14:34:11 -04:00
Joseph Schorr
8a8955d234
Add documentation search to the main search bar
2015-08-03 17:15:53 -04:00
Joseph Schorr
70de107268
Make GC of repositories fully async for whitelisted namespaces
...
This change adds a worker to conduct GC on repositories with garbage every 10s.
Fixes #144
2015-07-28 15:30:04 -04:00
Jake Moshenko
bc29561f8f
Fix and templatize the logic for external JWT AuthN and registry v2 Auth.
...
Make it explicit that the registry-v2 stuff is not ready for prime time.
2015-07-17 11:56:15 -04:00
Joseph Schorr
33b31a2451
Fix logs view in superuser panel
...
This seems to have been broken ever since we moved to syslog
2015-06-15 20:55:23 -04:00
Jake Moshenko
e09d84b3c8
Merge pull request #55 from coreos-inc/oauthdeny
...
Fix OAuth redirect for denial action when generating for internal tokens
2015-06-05 14:00:16 -04:00
Joseph Schorr
5516911de9
Fix OAuth redirect for denial action when generating for internal tokens
2015-06-02 12:25:59 -04:00
Joseph Schorr
54992c23b7
Add a feature flag for disabling unauthenticated access to the registry in its entirety.
2015-05-19 17:52:44 -04:00
Joseph Schorr
ba0fafc857
Add missing default for the gitlab feature flag
2015-05-04 19:04:27 -07:00
Joseph Schorr
c480fb2105
Work in progress: bitbucket support
2015-04-24 15:13:08 -04:00
Joseph Schorr
5cd500257d
Merge branch 'master' into orgview
2015-04-01 13:56:49 -04:00
Joseph Schorr
27a9b84587
Switch avatars to be built out of CSS and only overlayed with the gravatar when a non-default exists
2015-03-30 17:55:04 -04:00
Joseph Schorr
e4b659f107
Add support for encrypted client tokens via basic auth (for the docker CLI) and a feature flag to disable normal passwords
2015-03-25 18:43:12 -04:00
Jake Moshenko
78c8354174
Switch our temporary token lookups for signed grants which will not require DB access.
2015-02-19 16:54:23 -05:00
Jake Moshenko
ec01373240
Rename the config variable for temp tag expiration per the pull request feedback.
2015-02-18 17:06:41 -05:00
Jake Moshenko
41108a0856
Allow tags to be marked as hidden. Create a hidden tag on every image during a push to prevent them from getting GCed.
2015-02-18 17:05:16 -05:00
Joseph Schorr
3cae6609a7
Remove old services from the blacklist
2015-02-18 16:34:42 -05:00
Joseph Schorr
0d2c42ad03
Fix tests
2015-01-09 17:11:51 -05:00
Joseph Schorr
40d2b1748f
Fix handling of secret key: We now generate it on app startup if it doesn't exist in the config (which it doesn't anymore in the base config.py).
2015-01-05 12:31:02 -05:00
Joseph Schorr
1bf25f25c1
WIP
2015-01-04 14:38:41 -05:00
Joseph Schorr
4ca877c1d4
Add ability to download system logs
2014-12-23 14:01:00 -05:00
Jimmy Zelinskie
f3259c862b
Merge branch 'koh'
...
Conflicts:
auth/scopes.py
requirements-nover.txt
requirements.txt
static/css/quay.css
static/directives/namespace-selector.html
static/js/app.js
static/partials/manage-application.html
templates/oauthorize.html
2014-12-01 12:30:09 -08:00
Joseph Schorr
72d613614d
Merge branch 'bagger'
2014-12-01 12:48:59 -05:00
Joseph Schorr
660a640de6
Better organize the source file structure of the build manager and change it to choose a lifecycle manager based on the config
2014-11-25 16:14:44 -05:00
Joseph Schorr
e9cac407df
Add a configurable avatar system and add an internal avatar system for enterprise
2014-11-24 19:25:13 -05:00
Jimmy Zelinskie
716d7a737b
Strip whitespace from ALL the things.
2014-11-24 16:07:38 -05:00
Jake Moshenko
8b3184a7cb
Change the default username and password for flask-mail to None instead of empty string.
2014-11-21 12:32:30 -05:00
Jake Moshenko
2b8c246476
Temporarily put user rename behind a feature flag. Switch queue names back to using the username for namespace while we figure out a real migration strategy.
2014-11-20 15:36:39 -05:00
Joseph Schorr
3e79379942
- Make the OAuth config system centralized
...
- Add support for Github Enterprise login
2014-11-05 16:43:37 -05:00
Joseph Schorr
98602a2d0c
Add a new configurable health check, to make sure production instances are not taken down by Redis or non-local DB issues
2014-11-02 15:06:17 -05:00
Joseph Schorr
4eedd54b66
- Make usage language more accurate by stating "repositories"
...
- Have usage counter be based on a 4 weeks TTL
- Add a simple usage counter breakage test
2014-10-30 13:26:02 -04:00
Joseph Schorr
c1398c6d2b
- Add a log entry for repo verb handling and make the container usage calculation take it into account
...
- Move all the repo push/pull/verb logging into a central track_and_log method
- Readd images accidentally deleted in the last CL
- Make the uncompressed size migration script better handle exceptions
2014-10-29 15:42:44 -04:00
Joseph Schorr
8b331b453e
Make the contact page dynamic so that enterprise customers can configure it however they like
2014-10-22 14:49:33 -04:00
Jake Moshenko
fa6a06502d
Change the default redis host to localhost. Fix some whitespace issues in the userevents module.
2014-10-14 14:37:02 -04:00
Jake Moshenko
44637dad96
Merge branch 'master' of bitbucket.org:yackob03/quay
2014-10-14 13:58:14 -04:00
Jake Moshenko
328db8b660
Split the app into separate backends, which can use different worker types and different timeouts.
2014-10-14 13:58:08 -04:00
Joseph Schorr
49f8629566
Make the default mail sender use the Flask mail config value
2014-10-10 13:14:33 -04:00