Commit graph

1112 commits

Author SHA1 Message Date
Joseph Schorr
ede3a81c68 Disallow dots in repository names to fix reflected text "attack"
Fixes https://jira.coreos.com/browse/QS-125
2018-01-18 13:19:37 -05:00
Joseph Schorr
c887aa543b Change superuser API errors to be more descriptive
Fixes https://jira.coreos.com/browse/QS-103
2018-01-05 17:09:26 -05:00
josephschorr
13b738c43c
Merge pull request #2954 from coreos-inc/joseph.schorr/QS-102/user-api-filter
Add ability to filter users list to enabled users
2018-01-05 15:40:50 -05:00
Joseph Schorr
5b4f5f9859 Regenerate test DB for token changes 2018-01-04 15:27:41 -05:00
Joseph Schorr
524d77f527 Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password 2018-01-04 15:27:41 -05:00
Joseph Schorr
8e473b9779 Add filter for disabled users to superuser user list API
Fixes https://jira.coreos.com/browse/QS-102
2017-12-22 16:45:49 -05:00
Joseph Schorr
3ce9d68a3e Fix broken registry test
Flask now returns a 404 error, rather than redirecting like it used to do
2017-12-20 11:43:55 -05:00
Joseph Schorr
f9bd7ef42b Add validation of Docker V2_1 schemas and add a test for PUTing an invalid schema 2017-12-20 11:43:03 -05:00
Joseph Schorr
11e3724919 Return an http 415 (manifest version not supported) for OCI manifest content types
This was breaking skopeo, as it first tries to send the *OCI* manifest type, which we didn't say we didn't support, thus breaking the tool
2017-12-20 11:02:34 -05:00
josephschorr
024c183f67
Merge pull request #2944 from coreos-inc/joseph.schorr/QS-91/v2-caching
V2 registry blob caching
2017-12-18 14:42:02 -05:00
Joseph Schorr
097cbbeaae Add new Quay pricing plans 2017-12-18 13:12:16 -05:00
Joseph Schorr
b2485934ed Enable caching of blobs in V2 registry protocol, to avoid DB connections after the cache has been loaded
This should help for bursty pull traffic, as it will avoid DB connections on a huge % of requests
2017-12-14 13:38:24 -05:00
Joseph Schorr
a706d99849 Add additional logs and an additional test for verbs 2017-12-07 15:22:20 -05:00
Joseph Schorr
1d1c6f0606 Invalidate all session tokens when a user signs out
Fixes https://jira.coreos.com/browse/QS-85
2017-12-07 13:03:11 -05:00
Joseph Schorr
927d469db0 In password recovery, don't reveal whether an e-mail address is valid (unless it is an org's e-mail address) 2017-12-06 14:07:38 -05:00
Joseph Schorr
2677720577 Fix exception raised for certain non-JSON strings given to is_json
This is breaking pushes in production for certain manifests

Fixes https://jira.prod.coreos.systems/browse/QS-60
2017-11-14 13:46:06 -05:00
Joseph Schorr
9f804de23d Fix bug in deletion of repos with OCI-style linked tags
MySQL does not allow rows in the same table referencing other rows to be deleted in a single statement. We now do a two-pass deletion, and add a test to make sure.

Fixes https://jira.prod.coreos.systems/browse/QS-18
2017-10-18 17:03:27 -04:00
Joseph Schorr
010dda2c52 Add CloudFrontedS3Storage, which redirects to CloudFront for non-S3 ips 2017-09-28 14:40:58 -04:00
Joseph Schorr
c6aad5fef0 Add option to disable partial autocompletion of users 2017-09-12 15:55:37 -04:00
Joseph Schorr
464bccb5a0 Fix permissions on accessing archived logs 2017-08-18 13:45:36 -04:00
Jimmy Zelinskie
9e09612851 Revert "Merge pull request #2844 from coreos-inc/alegrand/use_latest_appr_server_code"
This reverts commit 646fafb2fd, reversing
changes made to 5c1b635439.
2017-08-09 20:45:46 -04:00
Joseph Schorr
854155fe82 Fix missing to_dict and import in robots model
Also adds a test to catch this issue
2017-08-09 20:33:14 -04:00
Antoine Legrand
646fafb2fd Merge pull request #2844 from coreos-inc/alegrand/use_latest_appr_server_code
Migrate from cnr -> appr
2017-08-09 00:01:25 +02:00
Antoine Legrand
6336a4a971 Migrate from cnr -> appr 2017-08-08 11:48:59 +02:00
Evan Cordell
66dc093639 Convert RepositoryUserTransitivePermission security tests to pytest 2017-08-01 11:34:31 -04:00
Evan Cordell
a68ec6966e Add data interface for api-permissions for v2-2 2017-07-31 15:46:13 -04:00
Jake Moshenko
0011ddda16 Release database connections after updating build statuses. 2017-07-26 12:29:51 -04:00
Joseph Schorr
5739e2ef4d Move notifications test into notifications package 2017-07-25 17:00:06 -04:00
Joseph Schorr
ce56031846 Move notifications into its own package 2017-07-25 17:00:06 -04:00
Charlton Austin
8f1200b00d style(data, endpoints, test): ran yapf against changed files
### Description of Changes

Issue: https://coreosdev.atlassian.net/browse/QUAY-633

## Reviewer Checklist

- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-24 11:05:15 -04:00
Charlton Austin
9e1106f164 refactor(endpoints/api/repository*): added in pre_oci_model abstraction
this is a part of getting ready for oci stuff

[TESTING->using new PR stack]

Issue: https://coreosdev.atlassian.net/browse/QUAY-633

- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-24 11:03:03 -04:00
josephschorr
a6db05e8b5 Merge pull request #2718 from coreos-inc/tag-expiration
Formal tag expiration support
2017-07-19 17:48:11 -04:00
Joseph Schorr
7d4fed6892 Change error message when trying to pull a deleted or expired tag
Will let the users know they can recover the tag via time machine

Note: This was tested with the Docker protocol, but the new error code is *technically* out of spec; we should make sure its okay.
2017-07-19 17:13:48 -04:00
Joseph Schorr
c5d8b5f86b Add support for tag expiration based on a quay.expires-after label 2017-07-19 17:13:06 -04:00
josephschorr
460a9b7fe8 Merge pull request #2732 from coreos-inc/swift-etag
Make sure to etag check Swift uploads
2017-07-19 17:06:53 -04:00
Jimmy Zelinskie
9f4ffca736 Merge pull request #2751 from jzelinskie/registry-tests
test: convert registry auth test to pytest
2017-07-13 15:09:57 -04:00
Evan Cordell
4ec4b7c6e6 Merge pull request #2782 from ecordell/no-signing-whitelist
Revert "Only show signing UI when namespace is explicitly whitelisted"
2017-07-13 10:20:53 -04:00
Evan Cordell
45bf7efc84 Merge branch 'master' into no-signing-whitelist 2017-07-12 15:50:32 -04:00
Evan Cordell
75c1533aec Revert "Only show signing UI when namespace is explicitly whitelisted"
85d382cd84
2017-07-12 15:48:35 -04:00
Jimmy Zelinskie
7d1bbbfe19 test: convert registry auth test to pytest
This also moves them into the auth package.
2017-07-12 15:14:12 -04:00
Joseph Schorr
b6f1782642 Change notificationworker to use a data interface 2017-07-12 17:40:45 +03:00
Joseph Schorr
50c2f1fde8 Move notification worker test under its own package 2017-07-12 17:35:09 +03:00
Evan Cordell
939ddfd1d7 Merge v2.4.0-release into cherrypick-2.4.0 2017-07-10 10:25:18 -04:00
Evan Cordell
d4ef594c13 Mark fields as required on globalmessages API so that they are
properly checked when the request comes in
2017-07-05 18:16:55 -04:00
josephschorr
89ab94ffbb Merge pull request #2720 from coreos-inc/gc-opt
GC optimizations
2017-06-29 20:55:14 +03:00
josephschorr
0e702c72f2 Merge pull request #2739 from coreos-inc/joseph.schorr/QUAY-664/verbs-interface-refactor
Refactor Verbs model definitions to match new style
2017-06-29 10:07:36 +03:00
Jimmy Zelinskie
5a651544bc Merge pull request #2716 from jzelinskie/secscan-catch-all
util.secscan.api: add catch all for API failures
2017-06-28 13:42:33 -04:00
Jimmy Zelinskie
1d2640e012 util.secscan.fake: add test for unexpected status 2017-06-28 13:40:04 -04:00
Joseph Schorr
8ac20edfb2 Move verbs security tests into pytest style 2017-06-28 12:48:02 +03:00
Joseph Schorr
8dcea30d58 Fix build by pre-calling the caches
They were being called in a test-dependent order, which caused any tests which relied on query count to fail
2017-06-27 18:11:46 +03:00