vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
7172 commits 2 branches 62 tags 205 MiB
Commit graph

1803 commits

Author SHA1 Message Date
Joseph Schorr
1e3b354201 Add support for temp usernames and an interstitial to confirm username 
When a user now logs in for the first time for any external auth (LDAP, JWT, Keystone, Github, Google, Dex), they will be presented with a confirmation screen that affords them the opportunity to change their Quay-assigned username.

Addresses most of the user issues around #74
 2016-11-03 15:59:14 -04:00
Joseph Schorr
4b926ae189 Add new metrics as requested by some customers 
Note that the `status` field on the pull and push metrics will eventually be set to False for failed pulls and pushes in a followup PR
 2016-11-03 15:28:40 -04:00
josephschorr
840ea4e768 Merge pull request #2047 from coreos-inc/external-auth-email-optional 
Make email addresses optional in external auth if email feature is turned off
 2016-10-31 14:16:33 -04:00
Joseph Schorr
0fc132cffb Make sure Google email addresses are verified 2016-10-31 13:52:09 -04:00
Joseph Schorr
3a473cad2a Enable permanent sessions 
Fixes #1955
 2016-10-31 13:52:09 -04:00
Joseph Schorr
d7f56350a4 Make email addresses optional in external auth if email feature is turned off 
Before this change, external auth such as Keystone would fail if a user without an email address tried to login, even if the email feature was disabled.
 2016-10-31 13:50:24 -04:00
Joseph Schorr
bab17932ac Fix namespace lookup in V1 registry search 
Fixes #2053
 2016-10-31 13:24:40 -04:00
Joseph Schorr
ccb5bc8f1b Add external auth emails to entity search 
Fixes #1791
 2016-10-27 16:08:07 -04:00
josephschorr
934cdecbd6 Merge pull request #1905 from coreos-inc/external-auth-search 
Add support for entity search against external auth users not yet linked
 2016-10-27 16:06:42 -04:00
Joseph Schorr
d145222812 Add support for linking to external users in entity search 2016-10-27 15:42:03 -04:00
Jimmy Zelinskie
30821569a4 key server: fix tests by exporting jwk_with_kid 2016-10-25 16:14:18 -04:00
Jimmy Zelinskie
b1327bcb8f key server: add kid to services JWKs 2016-10-25 15:33:01 -04:00
Joseph Schorr
43a63af44c Add banner bar message when license has expired or is invalid 2016-10-24 15:37:45 -04:00
Joseph Schorr
5ed13da2e6 Add missing security test for delete org 2016-10-21 17:37:49 -04:00
josephschorr
edc2bc8b93 Merge pull request #1698 from coreos-inc/delete-namespace 
Add support for deleting namespaces (users, organizations)
 2016-10-21 16:54:52 -04:00
Joseph Schorr
73eb66eac5 Add support for deleting namespaces (users, organizations) 
Fixes #102
Fixes #105
 2016-10-21 15:41:09 -04:00
Joseph Schorr
b7fc7999c3 Delete old "license" checking code arounds user counts 
This is legacy code that doesn't actually do anything of value
 2016-10-20 14:58:35 -04:00
Joseph Schorr
864c44501e Fix global messages by removing "extra" method 
I think this happened due to a bad merge.
 2016-10-20 13:53:51 -04:00
Joseph Schorr
213cc856e4 Fix UI for real license handling 
Following this change, the user gets detailed errors and entitlement information
 2016-10-19 17:49:15 -04:00
Joseph Schorr
2eabf1a291 Fix tests and test provider for real license format 2016-10-18 23:44:08 -04:00
Jake Moshenko
9f1c12e413 Refactor our license code to be entitlement centric. 2016-10-18 22:33:28 -04:00
josephschorr
2a7dbd3348 Merge pull request #2009 from coreos-inc/qe2-license 
Add license support for QE
 2016-10-17 23:11:43 -04:00
Joseph Schorr
ee96693252 Add superuser config section for updating license 2016-10-17 21:44:25 -04:00
Jimmy Zelinskie
5fee4d6d19 *: misc formatting cleanup 2016-10-17 21:43:45 -04:00
Jimmy Zelinskie
a42eb09a3e util.license: make bp-modification a method 2016-10-17 21:43:45 -04:00
Jimmy Zelinskie
0c5400b7d1 enforce license across registry blueprints 2016-10-17 21:43:45 -04:00
Joseph Schorr
8fe29c5b89 Add license upload step to the setup flow 
Fixes #853
 2016-10-17 21:43:15 -04:00
Joseph Schorr
b1c17b1a45 Fix messages API to not NPE 
show_if does not work on a method route
 2016-10-17 17:43:12 -04:00
Charlton Austin
f45aac063e Merge pull request #2005 from charltonaustin/fix_spacing_for_motd 
Moving the messages endpoint to something more generic, and making th…
 2016-10-17 17:21:03 -04:00
Charlton Austin
8e5dc8d3db Moving the messages endpoint to something more generic, and making the get visible all the time. 2016-10-17 16:23:48 -04:00
Joseph Schorr
18097a1bd6 Fix Link headers for pagination to match RFC 
Fixes part of #2002
 2016-10-17 13:57:05 -04:00
Jake Moshenko
95ced00457 Merge pull request #1982 from jakedt/marsquito 
Write our users to Marketo as leads.
 2016-10-14 16:30:03 -04:00
Jake Moshenko
f04b018805 Write our users to Marketo as leads. 2016-10-14 16:29:11 -04:00
Joseph Schorr
886489c666 Fix NPE raised if a vulnerability notification doesn't have a level filter 
Fixes #1990
 2016-10-14 14:23:50 -04:00
Charlton Austin
97d644d95d Adding in the delete api and the delete and create UI. 2016-10-13 10:40:52 -04:00
Charlton Austin
be916fb6ed Merge pull request #1966 from charltonaustin/j_code_review_comments 
Adding in security tests and docs.
 2016-10-11 09:50:47 -04:00
charltonaustin
5a4b702888 Adding in security tests and docs. 2016-10-11 09:30:37 -04:00
Jake Moshenko
7a3ee86e53 Merge pull request #1957 from jakedt/absolutecorruption 
Always use absolute URLs in Location headers.
 2016-10-10 18:25:29 -04:00
Jake Moshenko
df1f35e9f9 Always use absolute URLs in Location headers. 
This works around docker/docker#15048
 2016-10-10 16:30:24 -04:00
josephschorr
7fc33a9a57 Merge pull request #1965 from coreos-inc/condense-slack-notifications 
Less verbose notifications for QSS
 2016-10-10 15:38:12 -04:00
Joseph Schorr
ebf4120326 Less verbose notifications for QSS 
Fixes #1914
 2016-10-10 15:18:49 -04:00
charltonaustin
2739a40479 Removing validate annotation. 2016-10-10 15:15:28 -04:00
charltonaustin
f179320944 Adding in validate son request. 2016-10-10 14:15:09 -04:00
charltonaustin
14eb3005b6 Some fixes for code review. 2016-10-10 12:55:00 -04:00
charltonaustin
075e87089f removing debug print statement 2016-10-10 09:36:59 -04:00
charltonaustin
1e733ddffb Adding in a new message data model and the corresponding methods to in the API. 2016-10-07 15:56:58 -04:00
charltonaustin
002f533bf8 Creating message api. 2016-10-07 10:22:30 -04:00
charltonaustin
5264b64999 Adding in an endpoint for super user messages. 2016-10-06 17:33:32 -04:00
Joseph Schorr
ff0a292548 Handle unicode in entity search 
Fixes #1934
 2016-10-04 21:56:47 +03:00
Jake Moshenko
2efaee6aef Fix all of the sample notification calls. 2016-10-03 15:26:49 -04:00
Joseph Schorr
f72cb1d2ba Fix tags API pagination and add a test 2016-10-03 22:06:31 +03:00
Jimmy Zelinskie
671dc73b82 Merge pull request #1924 from coreos-inc/manifestlogs 
v2: better manifest error messages
 2016-10-03 10:32:49 -04:00
Jimmy Zelinskie
afa220a744 v2: add logs around InvalidManifest exception 2016-10-03 10:29:14 -04:00
Jimmy Zelinskie
6c6ef0f22a v2: better manifest error messages 2016-10-03 10:13:39 -04:00
Joseph Schorr
0b7bb6d6c6 Fix issue in V1 registry code with accessing locations under HEAD 
Fixes #1922
 2016-10-03 17:09:12 +03:00
Jimmy Zelinskie
fae9538467 notifications: another switch to repo attrdict 
Fixes #1919.
 2016-10-01 16:44:19 -04:00
Jimmy Zelinskie
31b77cf232 rename auth.auth to auth.process 
This fixes some ambiguity around imports.
 2016-09-29 15:24:57 -04:00
Jimmy Zelinskie
fc7301be0d *: fix legacy imports 
This change reorganizes imports and renames the legacy flask extensions.
 2016-09-28 20:17:14 -04:00
josephschorr
4943ae3d32 Merge pull request #1857 from coreos-inc/better-404 
Better 404 (and 403) pages
 2016-09-27 11:12:54 +02:00
Jimmy Zelinskie
44eca10c05 update interfaces to use ABC 2016-09-26 14:50:24 -04:00
Jimmy Zelinskie
ca883e5662 port label support to refactored v2 registry 2016-09-26 14:49:58 -04:00
Joseph Schorr
3c8b87e086 Fix verbs in manifestlist 
All registry_tests now pass
 2016-09-26 14:49:58 -04:00
Jimmy Zelinskie
c35413d4f6 add boilerplate for verbs data interface 2016-09-26 14:49:23 -04:00
Jimmy Zelinskie
2e5a94bc0b create key server data interface 2016-09-26 14:49:23 -04:00
Jimmy Zelinskie
c06d395f96 create interfaces for v1 and v2 data model 2016-09-26 14:49:23 -04:00
Joseph Schorr
db60df827d Implement V2 interfaces and remaining V1 interfaces 
Also adds some tests to registry tests for V1 stuff.
Note: All *registry* tests currently pass, but as verbs are not yet converted, the verb tests in registry_tests.py currently fail.
 2016-09-26 14:49:04 -04:00
Jimmy Zelinskie
d67991987b v1: refactor index 2016-09-26 14:48:42 -04:00
Jimmy Zelinskie
419779b9c5 v2/blob: remove references to docker client 2016-09-26 14:48:05 -04:00
Jimmy Zelinskie
c77a7bc0b9 v2/blob: _upload_chunk parse range header 2016-09-26 14:48:05 -04:00
Jimmy Zelinskie
9f743fd6cd address PR comments 2016-09-26 14:48:05 -04:00
Jimmy Zelinskie
16b451437f v2/blob: s/make_response/Response() 2016-09-26 14:48:05 -04:00
Jimmy Zelinskie
35579093ca s/close_db_filter/CloseForLongOperation 2016-09-26 14:48:05 -04:00
Jimmy Zelinskie
b68e1b5efc add "get_" prefix to all db read funcs 2016-09-26 14:48:05 -04:00
Jimmy Zelinskie
32a6c22b43 mv data/types image 
This change also merges formats into the new image module.
 2016-09-26 14:48:05 -04:00
Jimmy Zelinskie
a516c08deb v2: refactor auth to use data.types 2016-09-26 14:48:05 -04:00
Jimmy Zelinskie
3de6000428 v2: refactor blob.py to use data.types 2016-09-26 14:48:05 -04:00
Jimmy Zelinskie
21cbe0bd07 v2: mv _paginate paginate 2016-09-26 14:48:05 -04:00
Jimmy Zelinskie
3f722f880e v2: add pagination decorator 2016-09-26 14:48:05 -04:00
Jimmy Zelinskie
5b630ebdb0 v2/manifest: refactor to use types 2016-09-26 14:48:05 -04:00
Jimmy Zelinskie
a5502b54f8 trackhelper: use data.types.Repository 2016-09-26 14:47:06 -04:00
Joseph Schorr
ea18790dfe Get V1 registry code working with new model methods 2016-09-26 14:47:06 -04:00
Jimmy Zelinskie
8435c254c3 finish v1 registry refactor 2016-09-26 14:47:06 -04:00
Jimmy Zelinskie
c14437e54a initial v1 refactor to use model methods 2016-09-26 14:47:06 -04:00
Jimmy Zelinskie
4f95a814c0 satisfy the pylint gods 2016-09-26 14:47:06 -04:00
josephschorr
ad4efba802 Merge pull request #1830 from coreos-inc/superuser-dashboard 
Add prometheus stats to enable better dashboarding
 2016-09-26 17:19:22 +02:00
josephschorr
1a1a5f7240 Merge pull request #1854 from coreos-inc/invite 
Add feature flag to turn off requirement for team invitations
 2016-09-22 11:36:58 -04:00
Joseph Schorr
6fffc22b8a Fix build should_perform for empty JSON 2016-09-21 15:00:47 -04:00
Joseph Schorr
af79fde50d Fix build notifications 2016-09-21 14:37:23 -04:00
Joseph Schorr
4d5c65e6d4 Better 404 (and 403) pages 
Fixes #1819
 2016-09-21 13:54:21 -04:00
Joseph Schorr
25ed99f9ef Add feature flag to turn off requirement for team invitations 
Fixes #1804
 2016-09-20 16:45:00 -04:00
josephschorr
33bfe2678b Merge pull request #1831 from coreos-inc/well-known 
Add well-known endpoint for Quay
 2016-09-16 21:07:30 -04:00
josephschorr
349bd1e0fa Merge pull request #1839 from coreos-inc/better-notifications 
Better notifications UI and features
 2016-09-16 21:07:14 -04:00
Joseph Schorr
03d4445a02 Add notification filtering for builds based on ref regex 
Fixes #1835
 2016-09-14 16:48:17 -04:00
Joseph Schorr
2fb43196c6 Add well-known endpoint for Quay 
Fixes #1790
 2016-09-12 17:33:08 -04:00
Joseph Schorr
bda0311dbe Allow build triggers to be invoked by any repo admin 
Fixes #1079
 2016-09-09 17:21:14 -04:00
Joseph Schorr
3f2447d831 Make the frontend agnostic to why a trigger can be run manually 2016-09-09 16:54:46 -04:00
Joseph Schorr
c8a1b8abab Add prom stats for repository push, pull and verb actions 2016-09-09 15:13:58 -04:00
Joseph Schorr
5d6876eb81 Remove old metrics dashboard 
It only applies to a single instance, making it fairly useless
 2016-09-09 14:46:33 -04:00
Jake Moshenko
1d8b72235a Add a helper method to Image to parse ancestor string. 2016-09-07 10:48:58 -04:00
josephschorr
cd8b45e25b Merge pull request #1754 from coreos-inc/team-add-perms 
Better UI and permissions handling for robots and teams
 2016-09-06 17:21:19 -04:00
Joseph Schorr
1b7b3ea41d Make sure to filter starred repos to those visible to the user 
Fixes #1793
 2016-08-31 14:08:31 -04:00
Joseph Schorr
357005e33f Raise a 409 if we try to insert a tag twice at the same time 
Also fixes handling of labels for existing manifests

Fixes #1775
 2016-08-29 16:03:35 -04:00
Joseph Schorr
608ffd9663 Basic labels support 
Adds basic labels support to the registry code (V2), and the API. Note that this does not yet add any UI related support.
 2016-08-26 15:24:26 -04:00
Joseph Schorr
391d70d9ec Add repo permissions dialog for existing teams and robots 
Fixes #1686
 2016-08-22 14:43:12 -04:00
Joseph Schorr
6ebb417923 Redesign the teams page to use a table 
Allows for faster loading and easier viewing of important information about teams
 2016-08-22 14:42:54 -04:00
Ben Spoon
979d813551 Merge pull request #1736 from coreos-inc/analytics 
Analytics
 2016-08-19 12:17:34 -07:00
Joseph Schorr
b459581637 Fix handling of dates in logs view 
- Fixes #1742
- Also fixes the time zone on the aggregated logs API
 2016-08-17 16:27:06 -04:00
Joseph Schorr
193040a473 Fix tag links 
Fixes #1741
 2016-08-17 15:06:10 -04:00
Ben Spoon
a706901405 analytics: add google analytics 2016-08-16 11:35:39 -07:00
Joseph Schorr
7f5b536ddb Fix pagination of repositories 
Fixes #1725
 2016-08-15 16:48:04 -04:00
Joseph Schorr
4f5b4e63f2 Really fix the hack (for now) on public repo pagination 2016-08-13 14:40:11 -04:00
Joseph Schorr
0a12c0cd34 Hack to temporarily fix pagination over public repos 2016-08-13 14:21:23 -04:00
Joseph Schorr
75e8af47e5 Switch Olark to Chatlio 2016-08-08 18:18:35 -04:00
Joseph Schorr
b7bde27b3c Fix display for builds which have fully expired 
Fixes #1663
 2016-08-04 11:13:32 -04:00
josephschorr
8bc0080aeb Merge pull request #1672 from coreos-inc/off-by-one 
Fix off-by-one error in repo tags pagination
 2016-08-03 15:00:23 -04:00
josephschorr
b662fad09e Merge pull request #1670 from coreos-inc/blob-upload-logs 
Add additional logs for invalid blob upload
 2016-08-02 14:55:44 -04:00
Joseph Schorr
dc22b50b56 Add missing requires_cors to build log archive URL 
Fixes #1671
 2016-08-02 14:18:58 -04:00
Joseph Schorr
b1b0da7afd Fix off-by-one error in repo tags pagination 
Fixes #1665
 2016-08-02 14:17:33 -04:00
Joseph Schorr
a1a6647ea7 Add additional logs for invalid blob upload 
Fixes #1668
 2016-08-02 12:15:30 -04:00
Joseph Schorr
cb9a99fc7b Change user events tutorial Redis error to be an inline box 
Fixes #1653
 2016-07-27 13:41:26 -07:00
Joseph Schorr
06d52f2c83 Fix handling of multi-part branches in the build triggers 
Fixes #1360
 2016-07-26 13:41:13 -07:00
Joseph Schorr
0fe3e6510a Prevent invalid tags on builds 
Fixes #1632
 2016-07-25 17:50:35 -07:00
Joseph Schorr
cbf7c2bf44 Add better logging to blob uploads 
Fixes #1635
 2016-07-20 17:53:43 -04:00
Joseph Schorr
4e1259b58a Fix the Repository ID in pagination problem once and for all 
But.... ONCE AND FOR ALL!

Note: Tested on SQLite, Postgres and MySQL
 2016-07-14 17:09:52 -04:00
Joseph Schorr
e252ee07cb Fix popularity metrics on list repos API 2016-07-06 16:15:54 -04:00
josephschorr
6bde6406c9 Merge pull request #1598 from coreos-inc/instance-key-id-health 
Add instance key ID to the health check endpoint
 2016-07-05 15:45:47 -04:00
Joseph Schorr
a1009af61c Move aggregator into its own repo and add it to the image 2016-07-05 15:39:51 -04:00
Joseph Schorr
7fddc61b8f Add instance key ID to the health check endpoint 
Fixes #1429
 2016-07-05 14:14:22 -04:00
Joseph Schorr
1eec6f53b2 Fix SQL error with pagination around Repositories 
Fixes #1591
 2016-06-30 17:31:35 -04:00
Joseph Schorr
310ecd11cc Handle user events Redis not working in tutorial 
Also does some basic restyling

Fixes #1586
 2016-06-28 17:04:31 -04:00
Joseph Schorr
38744c81c5 Change future entries in heat map to be empty 2016-06-23 17:08:11 -04:00
Joseph Schorr
853cca35f3 Change repo stats to use the RAC table and a nice UI 2016-06-22 15:06:53 -04:00
josephschorr
9e6a264f5f Merge pull request #1523 from coreos-inc/verb-tag-cache-fix 
Add a uniqueness hash to derived image storage to break caching over …
 2016-06-20 16:38:25 -04:00
Joseph Schorr
a43b741f1b Add a uniqueness hash to derived image storage to break caching over tags 
This allows converted ACIs and squashed images to be unique based on the specified tag.

Fixes #92
 2016-06-20 16:34:52 -04:00
Joseph Schorr
9158fe38ee Add Marketo munchkin tracking via angulartics 2016-06-20 16:22:30 -04:00
Jake Moshenko
a1cf12e460 Add a sitemap.txt for popular public repos 
and reference it from the robots.txt
 2016-06-17 14:34:20 -04:00
Joseph Schorr
b73b534022 Disable hosted status on 500 pages 
Fixes #1547
 2016-06-16 16:27:18 -04:00
josephschorr
614b9124ae Merge pull request #1512 from coreos-inc/optimize-queries 
Optimize various queries
 2016-06-16 14:22:59 -04:00
Jake Moshenko
746728ba24 Remove escaped_fragment snapshot rendering. 2016-06-14 12:53:10 -04:00
josephschorr
58bef472d9 Merge pull request #1526 from coreos-inc/superuser-grant 
Add ability for super users to take ownership of namespaces
 2016-06-13 16:23:10 -04:00
Joseph Schorr
20816804e5 Add ability for super users to take ownership of namespaces 
Fixes #1395
 2016-06-13 16:22:52 -04:00
josephschorr
92f0db8056 Merge pull request #1514 from coreos-inc/better-logs 
Only send heavy log-based stats for repository where required
 2016-06-09 14:52:30 -04:00
Joseph Schorr
c3701cea7a Only send heavy log-based stats for repository where required 2016-06-09 14:52:15 -04:00
Joseph Schorr
8177c39aff Move privacy and TOS to Angular 
Fixes #1529
 2016-06-09 13:45:37 -04:00
Joseph Schorr
8887f09ba8 Use the instance service key for registry JWT signing 2016-06-07 11:58:10 -04:00
Joseph Schorr
73cb3c00ec Remove unused import 2016-06-03 13:33:22 -04:00
Joseph Schorr
9a747ca6a0 Have get_parent_images not join on placements 
The only case that needs the placements is in verbs, for which we use a new method
 2016-06-03 13:33:15 -04:00
Joseph Schorr
53538f9001 Optimize get_tag_image query 
No caller uses the image placements or locations, so no need to load them.
 2016-06-02 16:36:38 -04:00
josephschorr
cad8746f9d Merge pull request #1502 from coreos-inc/image-replication 
Enable storage replication for V2 and add backfill tool
 2016-06-02 15:02:53 -04:00
Joseph Schorr
12924784ce Enable storage replication for V2 and add backfill tool 
Fixes #1501
 2016-06-02 14:36:08 -04:00
Joseph Schorr
48213f9ff9 Reject manifest 2 earlier to make pushes faster 2016-06-02 12:46:20 -04:00
Jimmy Zelinskie
2317938bfa Merge pull request #1496 from jzelinskie/ripRMS 
dockerfile: add check for GPL pip packages
 2016-06-02 12:28:18 -04:00
josephschorr
a85c3ebff7 Merge pull request #1457 from coreos-inc/xauth 
Add support for direct granting of OAuth tokens and add tests
 2016-06-01 12:07:12 -04:00
Joseph Schorr
04df2410ec Add better errors if Redis is down 
Fixes #1497
 2016-05-31 15:24:36 -04:00
Jimmy Zelinskie
70f794b0af replace rfc3987 library with urlparse 
The former is GPL licensed.
 2016-05-26 13:29:48 -04:00
Jake Moshenko
8323c51e6e Extend registry auth to support notary JWTs. 2016-05-24 13:42:28 -04:00
josephschorr
fa3b342901 Merge pull request #1483 from coreos-inc/superuser-external-user 
Fix setup tool when binding to external auth
 2016-05-23 17:17:45 -04:00
Joseph Schorr
7933aecf25 Add support for direct granting of OAuth tokens and add tests 
This allows a client (when authorized in a whitelist) to send direct credentials via a Basic auth header and therefore bypass the OAuth approval UI for that user.
 2016-05-23 17:17:06 -04:00
Joseph Schorr
60bbca2185 Fix setup tool when binding to external auth 
We now query the external auth provider for the external service's identifier before adding the linking row into the database. This fixes the case where the external service resolves a different identifier for the same username.

Fixes #1477
 2016-05-23 17:11:36 -04:00
Joseph Schorr
f670c4c7a9 Change Signer to use the config provider and fix tests 
Fixes the broken ACI tests
 2016-05-23 17:10:03 -04:00
Joseph Schorr
343a080833 Make security scan testing much faster 2016-05-05 13:55:24 -04:00
Jake Moshenko
9221a515de Use the registry API for security scanning 
when the storage engine doesn't support direct download url
 2016-05-04 18:04:06 -04:00
Joseph Schorr
73fa593d02 Various small fixes in prep for QE release 2016-05-04 15:20:27 -04:00
josephschorr
550b9cb2b3 Merge pull request #1428 from coreos-inc/clair-setup-new 
Implement setup tool support for Clair
 2016-05-04 13:52:54 -04:00
Joseph Schorr
2cbdecb043 Implement setup tool support for Clair 
Fixes #1387
 2016-05-04 13:40:50 -04:00
Joseph Schorr
6e2df3b339 Fix key server to not list expired keys 
Fixes the key server to not list expire keys and by default not return expired or unapproved keys unless explicitly requested.

Fixes #1430
 2016-05-03 17:58:47 -04:00
josephschorr
f0af2ca9c3 Merge pull request #1407 from coreos-inc/enterpriselanding 
Add Enterprise Landing page
 2016-05-03 13:52:22 -04:00
Evan Cordell
2242c6773d Add 'Automatic' ServiceKeyApprovalType 2016-04-29 14:10:33 -04:00
Evan Cordell
668ce2c7cd Generate private key on startup 2016-04-29 14:10:33 -04:00
Joseph Schorr
6091db983b Hide expired keys outside of their staleness window 2016-04-29 14:10:33 -04:00
Jimmy Zelinskie
726cb5fe6a key server: 403 on expired approved keys (#1410) 2016-04-29 14:09:37 -04:00
Joseph Schorr
4f63a50a17 Change account-less logs to use a user and not null 
This allows us to skip the migration
 2016-04-29 14:09:37 -04:00
Jimmy Zelinskie
ca5794ba18 key server: use total_seconds() for cache headers 2016-04-29 14:09:37 -04:00
Joseph Schorr
5d6e5a42e8 Add delete logging and tests for logging 2016-04-29 14:09:09 -04:00
Jimmy Zelinskie
6aa7040f39 keyserver: add cache-control headers 2016-04-29 14:05:16 -04:00
Joseph Schorr
bc08ac2749 Fix timeouts in the JWT endpoint tests 2016-04-29 14:05:16 -04:00
Joseph Schorr
522cf68c5d Lots of smaller fixes: 
- Add the rotation_duration to the keys API
- Have the key service UI use the new rotation_duration field
- Fix notification deletion lookup path
- Add proper support for the new notification in the UI
- Only delete expired keys after 7 days (configurable)
- Fix angular digest loop
- Fix unit tests
- Regenerate initdb
 2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
d0bd70fb36 endpoints.web: add missing import 2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
370ac3ecd0 service keys: add rotation_duration field 2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
fca258d8bf endpoints: remove /keys 
BitTorrent support should now be able to use the keyserver
infrastructure instead.
 2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
9f4a4092da keyserver: get signer kid from unverified headers 2016-04-29 14:05:16 -04:00
Joseph Schorr
08017c5111 Further UI updates 2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
cfc15746a6 keyserver: tests! 2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
d19eb16b45 keyserver: add generate key function 
The superuser API, initdb, and tests will all need this functionality.
 2016-04-29 14:05:16 -04:00
Joseph Schorr
fb1dca4e94 Add API usage tests 2016-04-29 14:05:16 -04:00
Joseph Schorr
11ff3e9b59 keys ui WIP 2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
136f92400f key_server: remove s at the end of endpoint 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
e456228434 keyserver: insert rotation policy into metadata 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
885a41e6f5 key server: misc fixes to make jwtproxy work 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
50ad1bb6b1 key server: misc cleanup to get it working 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
c0ab45d335 key server: derive audience from host and scheme 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
93720bd0f4 superuser: proper view for approvals/keys 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
d277fe6741 add final service key config 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
c6b8b3ce8c service_keys: s/get_keys/list_keys 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
0ec54fc70e clear notifications on delete/replace service_key 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
42b5196b21 add notification path and use for service keys 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
97ae800e6c canonicalize json 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
f406942984 converging on proper rotation 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
aaf9e83278 basically finish superuser key api 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
35ed73e195 rework superuser api 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
4079dba167 service keys: do all the right stuff 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
499bb16306 service key server wip 2016-04-29 13:38:25 -04:00
Joseph Schorr
c6f7dfa102 Add Enterprise Landing page 
Note: The design comes directparners.
 2016-04-28 13:47:54 -04:00
Joseph Schorr
03489c22ad Log the pushed tag and add IP address display 
Fixes #798
 2016-04-20 13:00:21 -04:00
Evan Cordell
9a1d97216b Switch error mimetype back to application/json 2016-04-18 17:42:08 -05:00
Evan Cordell
4d7843580f Fix superuser page 2016-04-15 16:50:01 -04:00
josephschorr
cf04fedd6a Merge pull request #1347 from coreos-inc/marketingtagman 
Add Google Tag Manager support to Quay
 2016-04-13 16:50:36 -04:00
Evan Cordell
09064853ac Merge pull request #1364 from ecordell/error-json-fixes 
Fix error-related issues
 2016-04-13 13:32:00 -04:00
Evan Cordell
eb3e7eba88 Merge pull request #1351 from ecordell/document-201-swagger 
Swagger: document 201 responses for POST requests
 2016-04-13 09:50:34 -04:00
Evan Cordell
e1b3312495 Add back error_message and error_type for backwards-compatibility 2016-04-13 09:11:40 -04:00
Evan Cordell
7b44beb1fd Fix WWW-Authenticate header on 401 2016-04-13 09:01:42 -04:00
Evan Cordell
d67c4ba46c Fix formatting in endpoints/api/error.py 2016-04-12 16:53:50 -04:00
Joseph Schorr
891f7d9213 Add Google Tag Manager support to Quay 2016-04-12 15:28:24 -04:00
Evan Cordell
1cdbd89120 Fix test (response validation in debug mode) 2016-04-12 07:56:58 -04:00
Evan Cordell
693a11c58e Add RFC citation 2016-04-11 20:08:45 -04:00
Evan Cordell
7c361c07f9 Use ApiService to get error message 2016-04-11 17:31:30 -04:00
Evan Cordell
b5db41920f Address review comments 2016-04-11 16:34:40 -04:00
Evan Cordell
eba75494d9 Use new error format for auth errors (factor exceptions into module) 2016-04-11 16:22:26 -04:00
Evan Cordell
9c08717173 Return application/problem+json format errors and provide error endpoint 
to dereference error codes.
 2016-04-11 14:57:24 -04:00
Evan Cordell
d69d79d302 swagger: document 201 responses for POST requests 2016-04-07 09:26:28 -04:00
Joseph Schorr
a06bda5910 Never include Stripe checking in LDN 
Instead, we always load it from Stripe when billing is enabled. Also fixes our Stripe icon.
 2016-04-01 14:10:11 -04:00
Joseph Schorr
a882055f62 Better error message for invalid recovery codes 2016-03-30 16:02:47 -04:00
Joseph Schorr
42e934d84f Make notification lookup faster and fix repo pagination on Postgres 2016-03-30 14:46:31 -04:00
josephschorr
4aa079e743 Merge pull request #1247 from coreos-inc/useradminscopes 
Remove internal_only from some APIs now that we expose a user admin scope
 2016-03-23 14:16:02 -04:00
Joseph Schorr
aa5587c93c Fixes and added tests for the security notification worker 
Fixes #1301

- Ensures that the worker uses pagination properly
- Ensures that the worker handles failure as expected
- Moves marking the notification as read to after the worker processes it
- Increases the number of layers requested to 100
 2016-03-18 20:28:06 -04:00
Joseph Schorr
6a4584b87a Add another test for security notification filtering 2016-03-17 12:59:27 -04:00
Joseph Schorr
57e5141fb5 Fix link-to-parent-with-different-blob issue and add a test 2016-03-14 15:35:18 -04:00
Jimmy Zelinskie
ea2e17cc11 v2: send proper scopes for authorization failures 
Fixes #1278.
 2016-03-11 13:41:38 -05:00
Jimmy Zelinskie
bb46cc933d use kwargs for parse_repository_name 2016-03-09 16:20:28 -05:00
Jake Moshenko
fe2cd240bc Revert "Remove old search API which is no longer in use" 2016-03-07 10:07:41 -05:00
josephschorr
57430a18b4 Merge pull request #1224 from coreos-inc/removeoldsearch 
Remove old search API which is no longer in use
 2016-03-04 12:05:07 -05:00
Joseph Schorr
85919cbc39 Fix error when constructing DownstreamIssue exception 2016-02-25 17:45:49 -05:00
Jimmy Zelinskie
c7904db30d v2: always send www-authn headers on unauthorized 
Fixes #1254.
 2016-02-25 17:09:29 -05:00
Joseph Schorr
f498e92d58 Implement against new Clair paginated notification system 2016-02-25 15:58:42 -05:00
Joseph Schorr
c0374d71c9 Refactor the security worker and API calls and add a bunch of tests 2016-02-25 12:29:41 -05:00
Quentin Machu
0183c519f7 Merge pull request #1253 from Quentin-M/clair2 
Adapt securityworker, secscan API and Quay UI for Clair 1.0
 2016-02-19 18:21:25 -05:00
Quentin Machu
4bd5996bbf Adapt secscan API for Clair v1.0 
Squash /vulnerabilities and /packages as it basically does the same
action on Clair and we don't need both for Quay
 2016-02-19 17:44:23 -05:00
josephschorr
11af123ba5 Merge pull request #1244 from coreos-inc/enableaci 
Add UI to the setup tool for enabling ACI conversion
 2016-02-17 12:29:48 -05:00
Joseph Schorr
1940fd9939 Add UI to the setup tool for enabling ACI conversion 
Fixes #1211
 2016-02-17 12:05:48 -05:00
Joseph Schorr
8d9f3309aa Remove internal_only from some APIs now that we expose a user admin scope 
Fixes #1246
 2016-02-16 16:50:33 -05:00
josephschorr
e8faa9f843 Merge pull request #939 from coreos-inc/user-admin 
Add user admin scope
 2016-02-16 16:42:29 -05:00
josephschorr
81a36ee3b8 Merge pull request #1217 from coreos-inc/v2pagination 
Fix V2 catalog and tag pagination
 2016-02-16 15:34:49 -05:00
josephschorr
ded0a27901 Merge pull request #1242 from coreos-inc/receiptemailsbug 
Fix schema for invoice email updating
 2016-02-16 13:26:26 -05:00
Joseph Schorr
ecaa051791 Fix schema for invoice email updating 
Fixes #1209
 2016-02-16 11:52:57 -05:00
Jake Moshenko
6e05920d6b Delete bad manifests from the DB 2016-02-16 11:42:19 -05:00
Joseph Schorr
4b24556cb3 Check for the parent's ID in the updated ID map. 
Fixes #1240
 2016-02-15 11:02:52 -05:00
Joseph Schorr
69262282fe Make sure to encode all V1 metadata strings 
Fixes #1239
 2016-02-15 10:57:20 -05:00
Jimmy Zelinskie
70aa7cc731 Merge pull request #1230 from jzelinskie/aci-head 
allow HEAD on ACI images
 2016-02-12 16:29:12 -05:00
Jimmy Zelinskie
2b07b6d8a9 allow HEAD on ACI images 
Fixes #911.
 2016-02-12 16:28:44 -05:00
Jake Moshenko
6454b5aeb7 Update the layer rename PR to preserve the original manifest 2016-02-12 16:25:47 -05:00