Commit graph

275 commits

Author SHA1 Message Date
Joseph Schorr
3324743bff Fix db migration revision 2017-01-31 11:38:31 -05:00
Joseph Schorr
973a110ac7 Full text search for repository name and description
Adds support for searching full text against the name and description of a repository

[Delivers #134867401]
2017-01-31 11:38:31 -05:00
Joseph Schorr
71ec23b550 Switch QueueItem state_id to be unique after a backfill 2017-01-18 17:43:41 -05:00
josephschorr
e2748fccd9 Merge pull request #2282 from coreos-inc/motd-updates
Severity and Markdown support in MOTD
2017-01-18 17:41:27 -05:00
Joseph Schorr
3106504f39 Severity and Markdown support in MOTD
[Delivers #133555165]
2017-01-18 16:55:32 -05:00
Joseph Schorr
af23d2bedd Remove unique from queue item state_id 2017-01-18 15:04:26 -05:00
Joseph Schorr
8c4e86f48b Change queue to use state-field for claiming items
Before this change, the queue code would check that none of the fields on the item to be claimed had changed between the time when the item was selected and the item is claimed. While this is a safe approach, it also causes quite a bit of lock contention in MySQL, because InnoDB will take a lock on *any* rows examined by the `where` clause of the `update`, even if they will ultimately thrown out due to other clauses (See: http://dev.mysql.com/doc/refman/5.7/en/innodb-locks-set.html: "A ..., an UPDATE, ... generally set record locks on every index record that is scanned in the processing of the SQL statement. It does not matter whether there are WHERE conditions in the statement that would exclude the row. InnoDB does not remember the exact WHERE condition, but only knows which index ranges were scanned").

As a result, we want to minimize the number of fields accessed in the `where` clause on an update to the QueueItem row. To do so, we introduce a new `state_id` column, which is updated on *every change* to the QueueItem rows with a unique, random value. We can then have the queue item claiming code simply check that the `state_id` column has not changed between the retrieval and claiming steps. This minimizes the number of columns being checked to two (`id` and `state_id`), and thus, should significantly reduce lock contention. Note that we can not (yet) reduce to just a single `state_id` column (which should work in theory), because we need to maintain backwards compatibility with existing items in the QueueItem table, which will be given empty `state_id` values when the migration in this change runs.

Also adds a number of tests for other queue operations that we want to make sure operate correctly following this change.

[Delivers #133632501]
2017-01-17 13:29:26 -05:00
Charlton Austin
ca832df975 Adding in new indices for queueitem table. 2017-01-17 10:04:31 -05:00
Charlton Austin
1f03fcb146 Adding in notification type for notification kind. 2016-12-01 12:26:18 -05:00
Charlton Austin
4103a0b75f Adding in cancel notifications 2016-11-30 14:38:34 -05:00
Joseph Schorr
1a61ef4e04 Report the user's name and company to Marketo
Also fixes the API to report the other changes (username and email) as well
2016-11-14 17:34:50 -05:00
Jake Moshenko
b5834a8a66 Collapse all migrations prior to 2.0.0 into one. 2016-11-10 17:31:00 -05:00
Joseph Schorr
0f2eb61f4a Add collection of user metadata: name and company 2016-11-08 16:15:02 -05:00
Joseph Schorr
1e3b354201 Add support for temp usernames and an interstitial to confirm username
When a user now logs in for the first time for any external auth (LDAP, JWT, Keystone, Github, Google, Dex), they will be presented with a confirmation screen that affords them the opportunity to change their Quay-assigned username.

Addresses most of the user issues around #74
2016-11-03 15:59:14 -04:00
Charlton Austin
97d644d95d Adding in the delete api and the delete and create UI. 2016-10-13 10:40:52 -04:00
charltonaustin
1e733ddffb Adding in a new message data model and the corresponding methods to in the API. 2016-10-07 15:56:58 -04:00
Joseph Schorr
608ffd9663 Basic labels support
Adds basic labels support to the registry code (V2), and the API. Note that this does not yet add any UI related support.
2016-08-26 15:24:26 -04:00
Jake Moshenko
d6a396be34 Fix all foreign key constraints to use naming convention. 2016-08-18 14:29:53 -04:00
Joseph Schorr
0f46230493 Add an index for lookup by account to log entries
Also fixes the query to require one less join
2016-08-12 17:39:31 -04:00
Joseph Schorr
bf8f621278 Temporarily remove the migration which drops the foreign keys on LogEntry, as it is invalid 2016-08-08 17:47:04 -04:00
Jimmy Zelinskie
052c31752b MIGRATION: drop foreign keys on logentry table
This migration generates the following for MySQL:

BEGIN;

-- Running upgrade 1093d8b212bb -> 6243159408b5

ALTER TABLE logentry DROP FOREIGN KEY fk_logentry_account_id_user;

ALTER TABLE logentry DROP FOREIGN KEY
fk_logentry_repository_id_repository;

ALTER TABLE logentry DROP FOREIGN KEY fk_logentry_performer_id_user;

UPDATE alembic_version SET version_num='6243159408b5' WHERE
alembic_version.version_num = '1093d8b212bb';

COMMIT;
2016-08-08 12:38:15 -04:00
Jimmy Zelinskie
e05bc8bf7d migration.sh: default DOCKER_IP to localhost 2016-08-08 12:36:01 -04:00
Joseph Schorr
80a37fd295 Add various missing indexes
Indexes added:

Image::repository - Needed for model.image.get_repository_images_without_placements
RepositoryTag::image - Needed for model.tag.get_tags_for_image
RepositoryTag::repository - Needed for repository deletion
RepositoryBuild::phase - Needed for model.build.list_repository_builds sorting
RepositoryBuild::started - Needed for model.build.list_repository_builds sorting
RepositoryBuild::repository+started+phase - Needed for model.build.list_repository_builds
RepositoryBuild::started+logs_archived+phase - Needed for model.build.get_archivable_build lookup
2016-08-08 12:34:45 -04:00
Joseph Schorr
a43b741f1b Add a uniqueness hash to derived image storage to break caching over tags
This allows converted ACIs and squashed images to be unique based on the specified tag.

Fixes #92
2016-06-20 16:34:52 -04:00
Joseph Schorr
20816804e5 Add ability for super users to take ownership of namespaces
Fixes #1395
2016-06-13 16:22:52 -04:00
Jimmy Zelinskie
e47b29a974 migration: add missing delete from down migration
This also reorganizes the file a bit.
2016-04-29 14:10:33 -04:00
Joseph Schorr
4f63a50a17 Change account-less logs to use a user and not null
This allows us to skip the migration
2016-04-29 14:09:37 -04:00
Jimmy Zelinskie
5cb6ba4d12 keyserver migration: fix constraint name 2016-04-29 14:09:37 -04:00
Jimmy Zelinskie
370ac3ecd0 service keys: add rotation_duration field 2016-04-29 14:05:16 -04:00
Joseph Schorr
a4a01e76c0 Fix up the migration to include the additional changes needed 2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
5cdc7812dc migration.sh: update to reflect timing 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
dff59b4a39 service key migration 2016-04-29 13:38:25 -04:00
Jake Moshenko
bd5b44cbd2 Move the sequence fixer to a separate tool which can be run 2016-04-01 13:46:13 -04:00
Joseph Schorr
abd2e3c234 V1 Docker ID <-> V2 layer SHA mismatch fix
Fix handling of V1 Docker ID <-> V2 layer SHA mismatch by dynamically rewriting the manifest to use new synthesized IDs for all layers above the mismatch. Also adds a bunch of tests for this and other use cases, fixes a bug around manifest digest uniqueness and fixes the 5.5 migration for MySQL.
2016-02-12 17:39:27 +02:00
Jake Moshenko
59a6f5bc77 Replace incompatible MySQL 5.5 server_default 2016-02-11 15:07:16 -05:00
Joseph Schorr
a80ac8eabb Fix import for alembic 2016-01-29 17:59:23 +02:00
Jimmy Zelinskie
e54b86c6eb s/TORRENT/BITTORRENT 2016-01-22 15:52:28 -05:00
Joseph Schorr
bd715c0c71 Add checksum and torrent info backfill 2016-01-08 17:32:30 -05:00
Jake Moshenko
1ae101c917 Address torrent feature review comments. 2016-01-08 16:38:21 -05:00
Jake Moshenko
073b68cf0d Fix torrent migration and update backfill to compute torrent pieces 2016-01-08 11:15:34 -05:00
Jake Moshenko
77aa58996a Fix the db definition for torrentinfo and add migration 2016-01-06 14:04:03 -05:00
Joseph Schorr
10efa96009 Add support for custom billing invoice email address
Fixes #782
2015-12-28 13:59:50 -05:00
Joseph Schorr
73531d08b5 Add server default for the chunk_count column 2015-12-15 15:44:33 -05:00
Joseph Schorr
9698d6f6a0 Add created column to blob upload
Fixes first half of #1054
2015-12-14 15:27:48 -05:00
Joseph Schorr
54095eb5cb Handle the common case of one chunk when calculating the uncompressed size
Reference #992
2015-12-14 15:27:48 -05:00
Silas Sewell
502e4c04d0 Fix seq migration down_revision 2015-11-30 17:59:04 -05:00
Silas Sewell
3833fb6530 Merge pull request #888 from coreos-inc/remove-hardcoded-ids
Fix seq generators for enum tables in postgres
2015-11-30 17:54:13 -05:00
Joseph Schorr
0f7c8105b0 Remove DerivedImageStorage table 2015-11-25 11:46:59 -05:00
Joseph Schorr
762cd56e64 Change derived storage to be based on image
Fixes #971
2015-11-24 12:44:07 -05:00
Jake Moshenko
18b14001b4 Add indices for the security worker fields on Image
Fixes #906
2015-11-18 13:29:51 -05:00
Silas Sewell
30b0101584 Fix seq generators for enum tables in postgres
This attempts to insert a temporary entry into each enum table until it
succeeds. It re-synchronizes the postgres sequence generators with the max id
of the table.

Fixes #883 and #880
2015-11-16 15:29:51 -05:00
Joseph Schorr
819d461ed6 Remove migration re-added by merge accidentally 2015-11-12 22:02:26 -05:00
Joseph Schorr
7816b0c657 Merge master into vulnerability-tool 2015-11-12 21:52:47 -05:00
Joseph Schorr
2d2662f53f Fix deleting repos and images under MySQL
MySQL doesn't handle constraints at the end of transactions, so deleting images currently fails. This removes the constraint and just leaves parent_id as an int
2015-11-09 14:42:05 -05:00
Joseph Schorr
d7ace69fe3 Add a vulnerability_found event for notice when we detect a vuln
Fixes #637

Note: This PR does *not* actually raise the event; it merely adds support for it
2015-11-09 12:49:19 -05:00
Quentin Machu
37118423a5 Add support for Quay's vulnerability tool 2015-11-09 12:49:19 -05:00
Quentin Machu
ade664036c Fix migration 57dad559ff2d's header
Fixes #825
2015-11-08 15:22:15 -05:00
Jake Moshenko
fd3f88f489 Re-enable parent id backfill, use new backfill style 2015-11-06 16:17:12 -05:00
Jake Moshenko
9036ca2f2f Backfill the v1 checksums from imagestorage 2015-11-06 16:17:12 -05:00
Jimmy Zelinskie
d5e7f6bea7 resolve migration branches and run initdb 2015-11-06 16:10:31 -05:00
Jimmy Zelinskie
f3c3e684a1 prepare branch to be merged into phase1-11-07-2015
This removes the checksum backfill, removes the migration that runs the
backfills, and defaults the security scan feature off.
2015-11-06 15:22:18 -05:00
Joseph Schorr
0f3db709ea Add a vulnerability_found event for notice when we detect a vuln
Fixes #637

Note: This PR does *not* actually raise the event; it merely adds support for it
2015-11-06 15:22:18 -05:00
Quentin Machu
3677947521 Add support for Quay's vulnerability tool 2015-11-06 15:22:18 -05:00
Quentin Machu
a99b8fcfe4 Fix migration 2015-11-06 15:22:18 -05:00
Quentin Machu
f59e35cc81 Add support for Quay's vulnerability tool 2015-11-06 15:22:18 -05:00
Jake Moshenko
3d0bcbaaeb Move v1 checksums to image and track v2 separately 2015-11-06 15:17:55 -05:00
Joseph Schorr
2b3633b107 Remove the used_legacy_github column 2015-11-06 15:17:55 -05:00
Joseph Schorr
bbf4a1fac4 Remove the used_legacy_github column 2015-11-06 15:17:55 -05:00
Jimmy Zelinskie
c78c450211 UTF-8 v1_json_metadata, comment, manifest
This will allow us to store unicode JSON blobs in the column on MySQL.
2015-11-02 15:40:19 -05:00
Jake Moshenko
3186311669 Test postgres before mysql variations in migration 2015-10-24 15:00:19 -04:00
Jake Moshenko
b920bf6436 Fix references to mysql in migrations 2015-10-24 15:00:19 -04:00
Jake Moshenko
ddbe33e2ce Switch Text to LongText for MySQL manifests 2015-10-24 15:00:19 -04:00
Jake Moshenko
cb7ec2f239 Backport remaining v2 changes to phase4 2015-10-24 15:00:13 -04:00
Jake Moshenko
e965ed9f3b Remove the unused imagestorage columns from the db. 2015-10-24 14:51:35 -04:00
Jimmy Zelinskie
e973289397 Revert "Revert "Merge pull request #682 from jzelinskie/revertrevert""
This reverts commit 278bc736e3.
2015-10-23 15:26:33 -04:00
Jimmy Zelinskie
d568697034 remove migration to get fixes into prod 2015-10-22 15:30:49 -04:00
Jimmy Zelinskie
39cfe77d42 Revert "Merge pull request #557 from coreos-inc/revert-migration"
This reverts commit c4f938898a, reversing
changes made to 7ad2522dbe.
2015-10-21 15:29:57 -04:00
Silas Sewell
9000169b53 Revert "Merge pull request #491 from jakedt/migratebackp2"
This reverts commit 7ad2522dbe, reversing
changes made to a0b191ffa1.
2015-09-28 16:09:22 -04:00
Jake Moshenko
8baacd2741 Migrate old data to new locations, read only new. 2015-09-17 15:47:13 -04:00
Joseph Schorr
b807accfb5 Fix migration head 2015-09-16 18:34:42 -04:00
josephschorr
217779273f Merge pull request #503 from coreos-inc/ghmigrate
Migrate all GitHub build triggers to use deploy keys
2015-09-16 18:32:32 -04:00
Joseph Schorr
eff9ff7a66 Migrate all GitHub build triggers to use deploy keys 2015-09-16 17:55:51 -04:00
Silas Sewell
386c017d99 Add quay releases 2015-09-16 17:18:46 -04:00
Jake Moshenko
b56de3355c Migrate data back to Image in preparation for v2 2015-09-15 11:53:31 -04:00
Joseph Schorr
c0286d1ac3 Add support for Dex to Quay
Fixes #306

- Adds support for Dex as an OAuth external login provider
- Adds support for OIDC in general
- Extract out external logins on the JS side into a service
- Add a feature flag for disabling direct login
- Add support for directing to the single external login service
- Does *not* yet support the config in the superuser tool
2015-09-04 17:05:06 -04:00
Joseph Schorr
724b1607d7 Add automatic storage replication
Adds a worker to automatically replicate data between storages and update the database accordingly
2015-09-01 14:53:32 -04:00
Joseph Schorr
e7c405f56b Add missing migration
Should have been in commit 84276ee945
2015-08-21 14:21:11 -04:00
Joseph Schorr
9f2d6282bd Add missing index on retries_remaining 2015-08-04 18:01:28 -04:00
josephschorr
f772bd0c9e Merge pull request #300 from coreos-inc/toomanyutils
Refactor the util directory to use subpackages.
2015-08-03 16:18:55 -04:00
Jake Moshenko
18100be481 Refactor the util directory to use subpackages. 2015-08-03 16:04:19 -04:00
Joseph Schorr
3d6c92901c Switch to using an aggregated logs query and infinite scrolling
This should allow users to work with large logs set.

Fixes #294
2015-07-31 16:38:02 -04:00
Joseph Schorr
c3f269ee23 Add migration for BitBucket web hooks
This needs to added only *after* we roll out #255
2015-07-23 14:45:12 -04:00
Joseph Schorr
ac1b46e7ec Add missing migration 2015-07-22 16:19:10 -04:00
Joseph Schorr
066637f496 Basic Keystone Auth support
Note: This has been verified as working by the end customer
2015-07-20 10:55:21 -04:00
Jake Moshenko
eec7886e01 Add a server default for the broken migration. 2015-07-14 16:58:58 -04:00
Joseph Schorr
dc5af7496c Allow superusers to disable user accounts 2015-06-29 18:40:52 +03:00
Joseph Schorr
8aac3fd86e Add support for an external JWT-based authentication system
This authentication system hits two HTTP endpoints to check and verify the existence of users:

Existance endpoint:
GET http://endpoint/ with Authorization: Basic (username:) =>
    Returns 200 if the username/email exists, 4** otherwise

Verification endpoint:
GET http://endpoint/ with Authorization: Basic (username:password) =>
    Returns 200 and a signed JWT with the user's username and email address if the username+password validates, 4** otherwise with the body containing an optional error message

The JWT produced by the endpoint must be issued with an issuer matching that configured in the config.yaml, and the audience must be "quay.io/jwtauthn". The JWT is signed using a private key and then validated on the Quay.io side with the associated public key, found as "jwt-authn.cert" in the conf/stack directory.
2015-06-05 13:20:10 -04:00
Jimmy Zelinskie
3daa0e6a52 migration: use SA boolean value for server_default 2015-05-15 19:04:54 -04:00
Jimmy Zelinskie
e12d5af52c migration: server_default for boolean field 2015-05-15 17:04:50 -04:00
Joseph Schorr
6a52ffa942 Add missing default value on the new reversion column 2015-05-13 13:49:21 -04:00