Commit graph

8405 commits

Author SHA1 Message Date
Brad Ison
6cfa96bdeb Update all dependencies 2018-02-26 13:09:40 -05:00
Brad Ison
d4ee938a5d Fix license test in Dockerfile 2018-02-26 12:56:01 -05:00
Brad Ison
d1ba2dcfc3 Add labels to test cases for invalid JWTs 2018-02-26 12:55:49 -05:00
Brad Ison
5da8744ddf Reject JWTs with future issued-at times
PyJWT stopped doing this in 1.5.0 because it's not part of the spec,
and there are legitimate reasons to issue future tokens.  We still
want to reject these though as we don't have that need.
2018-02-26 12:55:32 -05:00
Brad Ison
f0d6b69729 Pin cnr_server version 2018-02-26 12:55:16 -05:00
Brad Ison
77e894d958 Remove old cnr from requirements-nover.txt 2018-02-26 12:55:01 -05:00
Brad Ison
cb729d0dfd
Merge pull request #3015 from bison/blobupload-byte-count
Make byte_count on BlobUpload table not nullable
2018-02-26 12:33:40 -05:00
Brad Ison
f89a16a64d Make byte_count on BlobUpload table not nullable
The byte_count field on the BlobUpload model is marked as not
nullable, but the migration to make the field a big integer removed
that restriction (#2388 :: 76de324) in the database.  It's still in
the model though, which means they are out of sync.  This adds a
migration to mark the field as not nullable in the database again.
2018-02-26 11:36:56 -05:00
Brad Ison
f458307ffd
Merge pull request #3009 from bison/drop-image-checksum
Drop checksum from ImageStorage table
2018-02-24 17:27:13 -05:00
Brad Ison
5bd826e7b5 Drop checksum from ImageStorage table
The checksum field was removed from the ImageStorage model in #815,
but was never dropped from the database.  This adds a migration to
drop the unused column.
2018-02-24 17:00:07 -05:00
josephschorr
823ce52466
Merge pull request #3013 from coreos-inc/joseph.schorr/QUAY-837/filtered-check
Have cor-checkable-menus reflect the filtered set of items
2018-02-21 16:43:32 -05:00
Joseph Schorr
e857c676db Have cor-checkable-menus reflect the filtered set of items
Fixes https://jira.coreos.com/browse/QUAY-837
2018-02-21 16:38:21 -05:00
josephschorr
6220df4f88
Merge pull request #3012 from coreos-inc/access-control-header
Add X-Requested-With header to allowed CORS headers
2018-02-21 14:27:36 -05:00
josephschorr
f851693095
Merge pull request #3011 from coreos-inc/mysql-queue-tests
Switch build queue limiter query to use total number of alive jobs
2018-02-21 14:21:57 -05:00
Joseph Schorr
bcd9b680fa Add X-Requested-With header to allowed CORS headers
Will fix the API explorer
2018-02-21 14:21:27 -05:00
Joseph Schorr
e446eb5757 Switch build queue limiter query to use total number of alive jobs
This is slightly more accurate and, not being based on time, will work better under MySQL
2018-02-21 14:04:40 -05:00
josephschorr
d77aa9228f
Merge pull request #3002 from coreos-inc/joseph.schorr/QUAY-822/gc-app-tokens
Add a worker to automatically GC expired app specific tokens
2018-02-20 17:21:48 -05:00
josephschorr
7b106d81ef
Merge pull request #3010 from coreos-inc/schema-fix
Fix config schema for bitbucket trigger
2018-02-20 17:01:28 -05:00
Joseph Schorr
4d0ad0074d Fix config schema for bitbucket trigger 2018-02-20 16:59:34 -05:00
josephschorr
3f2604c61e
Merge pull request #3008 from coreos-inc/build-queue-limits
Add configurable limits for number of builds allowed under a namespace
2018-02-20 16:54:37 -05:00
Joseph Schorr
9a452ace11 Add configurable limits for number of builds allowed under a namespace
We also support that limit being increased automatically once a successful billing charge has gone through
2018-02-20 16:54:22 -05:00
Brad Ison
62971b7f20
Merge pull request #2999 from bison/user-location
Add user location metadata filed
2018-02-20 16:48:37 -05:00
josephschorr
4857cd9c48
Merge pull request #2987 from coreos-inc/joseph.schorr/QUAY-805/dot-fix
Add decorator to prevent reflected text attacks
2018-02-20 12:02:22 -05:00
Joseph Schorr
188ea98441 Add new decorator to prevent reflected text attacks
Instead of disabling repo names with periods in them, we simply disallow calls to the API when they are GET requests, whose path ends in a dot, and that do not have a referrer from the frontend.
2018-02-20 11:33:45 -05:00
Joseph Schorr
b342111edb Add registry tests for pushing and pulling previously bad repo names 2018-02-20 11:31:36 -05:00
Evan Cordell
0db304e169
Merge pull request #3007 from ecordell/log-tuf-api-errors
log response data on non-200 responses in TUF API
2018-02-20 10:24:14 -05:00
Evan Cordell
b545cad380 log response data on non-200 responses in TUF API 2018-02-20 09:46:53 -05:00
josephschorr
ac328da383
Merge pull request #3006 from coreos-inc/joseph.schorr/QUAY-827/noop-team-name
Add messaging when trying to create a team that already exists
2018-02-15 16:41:51 -05:00
Joseph Schorr
72ca758c88 Add messaging when trying to create a team that already exists
Fixes https://jira.coreos.com/browse/QUAY-827
2018-02-15 16:03:09 -05:00
josephschorr
7cd2c00d4d
Merge pull request #2967 from coreos-inc/joseph.schorr/QS-111/auth-refactor
Refactor auth code to be cleaner and more extensible
2018-02-15 16:02:22 -05:00
Joseph Schorr
e220b50543 Refactor auth code to be cleaner and more extensible
We move all the auth handling, serialization and deserialization into a new AuthContext interface, and then standardize a registration model for handling of specific auth context types (user, robot, token, etc).
2018-02-14 15:35:27 -05:00
josephschorr
33b7ca0eaa
Merge pull request #3005 from coreos-inc/2.8.0-release
CHANGELOG updates for v2.8.0
2018-02-13 17:31:10 -05:00
Brad Ison
00e0de5005
Merge pull request #3004 from bison/repo-admin-script
Add script for fixing missing admin permissions
2018-02-13 16:59:03 -05:00
Joseph Schorr
b188cf11cc CHANGELOG updates for v2.8.0 2018-02-13 16:44:21 -05:00
Brad Ison
87e55870b7 Add script for fixing missing admin permissions
Adds a util script to find and fix repositories in user namespaces
that are missing admin permissions for the owning user.  These admin
permissions are required, but were missing in some cases.  See:

  https://github.com/coreos-inc/quay/pull/2998
2018-02-13 16:23:17 -05:00
josephschorr
8ba2e71fb1
Merge pull request #3003 from coreos-inc/joseph.schorr/QUAY-808/expired-app-token-banner
Small fixes for expiring-soon app tokens banner
2018-02-12 17:28:21 -05:00
Joseph Schorr
e1a3857de9 Make sure to filtered already-expired tokens from the "expiring soon" tokens 2018-02-12 17:07:50 -05:00
Joseph Schorr
8c14a8fdf2 Fix language for expiring app tokens notification 2018-02-12 16:56:06 -05:00
Joseph Schorr
d45161b120 Add a worker to automatically GC expired app specific tokens
Fixes https://jira.coreos.com/browse/QUAY-822
2018-02-12 14:56:01 -05:00
josephschorr
06d25816be
Merge pull request #3001 from coreos-inc/fix-azure-storage
Fix bugs in Azure storage engine to make it actually work
2018-02-12 12:28:31 -05:00
Joseph Schorr
143ca8653d Fix bugs in Azure storage engine to make it actually work
Tested against a real Azure account
2018-02-09 16:46:50 -05:00
josephschorr
846deb75fe
Merge pull request #2902 from coreos-inc/joseph.schorr/QS-51/azure-blob-store
Add support for Azure Blob Storage
2018-02-07 11:34:29 -05:00
josephschorr
61363f0ffc
Merge pull request #2997 from coreos-inc/joseph.schorr/QUAY-818/verify-schema
Add test to verify that all defined config fields are found in the schema
2018-02-06 16:39:24 -05:00
Brad Ison
5965929187 Include location in user analytics 2018-02-06 16:06:17 -05:00
Brad Ison
3de6b4a646 Add location metadata field for users 2018-02-06 16:06:17 -05:00
josephschorr
2bdcd7f64f
Merge pull request #2998 from coreos-inc/joseph.schorr/QUAY-826/create-transaction
Make sure to add primary repo permissions under a transaction
2018-02-06 15:32:42 -05:00
Joseph Schorr
5490e64669 Fill out schema and schema whitelist 2018-02-06 15:27:01 -05:00
Joseph Schorr
7893ef6acc Add test to ensure that all config.py properties are defined in the config schema 2018-02-06 15:26:31 -05:00
Joseph Schorr
5a2f6f6faf Add exception if relative path is given to Azure storage engine 2018-02-06 13:48:40 -05:00
Joseph Schorr
de47b13c24 Add superuser config for Azure blob storage 2018-02-06 13:48:40 -05:00