Jimmy Zelinskie
bb46cc933d
use kwargs for parse_repository_name
2016-03-09 16:20:28 -05:00
Jake Moshenko
fe2cd240bc
Revert "Remove old search API which is no longer in use"
2016-03-07 10:07:41 -05:00
josephschorr
57430a18b4
Merge pull request #1224 from coreos-inc/removeoldsearch
...
Remove old search API which is no longer in use
2016-03-04 12:05:07 -05:00
Joseph Schorr
85919cbc39
Fix error when constructing DownstreamIssue exception
2016-02-25 17:45:49 -05:00
Jimmy Zelinskie
c7904db30d
v2: always send www-authn headers on unauthorized
...
Fixes #1254 .
2016-02-25 17:09:29 -05:00
Joseph Schorr
f498e92d58
Implement against new Clair paginated notification system
2016-02-25 15:58:42 -05:00
Joseph Schorr
c0374d71c9
Refactor the security worker and API calls and add a bunch of tests
2016-02-25 12:29:41 -05:00
Quentin Machu
0183c519f7
Merge pull request #1253 from Quentin-M/clair2
...
Adapt securityworker, secscan API and Quay UI for Clair 1.0
2016-02-19 18:21:25 -05:00
Quentin Machu
4bd5996bbf
Adapt secscan API for Clair v1.0
...
Squash /vulnerabilities and /packages as it basically does the same
action on Clair and we don't need both for Quay
2016-02-19 17:44:23 -05:00
josephschorr
11af123ba5
Merge pull request #1244 from coreos-inc/enableaci
...
Add UI to the setup tool for enabling ACI conversion
2016-02-17 12:29:48 -05:00
Joseph Schorr
1940fd9939
Add UI to the setup tool for enabling ACI conversion
...
Fixes #1211
2016-02-17 12:05:48 -05:00
Joseph Schorr
8d9f3309aa
Remove internal_only from some APIs now that we expose a user admin scope
...
Fixes #1246
2016-02-16 16:50:33 -05:00
josephschorr
e8faa9f843
Merge pull request #939 from coreos-inc/user-admin
...
Add user admin scope
2016-02-16 16:42:29 -05:00
josephschorr
81a36ee3b8
Merge pull request #1217 from coreos-inc/v2pagination
...
Fix V2 catalog and tag pagination
2016-02-16 15:34:49 -05:00
josephschorr
ded0a27901
Merge pull request #1242 from coreos-inc/receiptemailsbug
...
Fix schema for invoice email updating
2016-02-16 13:26:26 -05:00
Joseph Schorr
ecaa051791
Fix schema for invoice email updating
...
Fixes #1209
2016-02-16 11:52:57 -05:00
Jake Moshenko
6e05920d6b
Delete bad manifests from the DB
2016-02-16 11:42:19 -05:00
Joseph Schorr
4b24556cb3
Check for the parent's ID in the updated ID map.
...
Fixes #1240
2016-02-15 11:02:52 -05:00
Joseph Schorr
69262282fe
Make sure to encode all V1 metadata strings
...
Fixes #1239
2016-02-15 10:57:20 -05:00
Jimmy Zelinskie
70aa7cc731
Merge pull request #1230 from jzelinskie/aci-head
...
allow HEAD on ACI images
2016-02-12 16:29:12 -05:00
Jimmy Zelinskie
2b07b6d8a9
allow HEAD on ACI images
...
Fixes #911 .
2016-02-12 16:28:44 -05:00
Jake Moshenko
6454b5aeb7
Update the layer rename PR to preserve the original manifest
2016-02-12 16:25:47 -05:00
Joseph Schorr
abd2e3c234
V1 Docker ID <-> V2 layer SHA mismatch fix
...
Fix handling of V1 Docker ID <-> V2 layer SHA mismatch by dynamically rewriting the manifest to use new synthesized IDs for all layers above the mismatch. Also adds a bunch of tests for this and other use cases, fixes a bug around manifest digest uniqueness and fixes the 5.5 migration for MySQL.
2016-02-12 17:39:27 +02:00
Quentin Machu
5c7f2a5c16
Remove abort(500) on checksum mismatch
2016-02-11 18:32:21 -05:00
josephschorr
a9c64545fa
Merge pull request #1228 from coreos-inc/v2storagevalidation
...
Add a check that will fail if we try to mislink V1 layers
2016-02-11 22:49:33 +02:00
josephschorr
904b2d53d2
Merge pull request #1197 from coreos-inc/webpytest
...
Tests for endpoints/web and some small fixes
2016-02-11 22:42:43 +02:00
Joseph Schorr
27f1cc0a13
Add a check that will fail if we try to mislink V1 layers
...
Also logs some useful information
2016-02-11 22:40:00 +02:00
Joseph Schorr
1887dc879c
Remove old search API which is no longer in use
2016-02-10 15:02:27 +02:00
Joseph Schorr
db0eab0461
Fix V2 catalog and tag pagination
2016-02-10 00:25:33 +02:00
Jimmy Zelinskie
deadd5eee3
Merge pull request #1210 from jzelinskie/torrent-life
...
extend torrent webseed lifetime to an hour
2016-02-09 14:51:26 -05:00
Jimmy Zelinskie
463dc98a42
return an error when writing manifest v2 schema2
2016-02-09 14:42:58 -05:00
Jimmy Zelinskie
e18dacd26b
extend torrent webseed lifetime to an hour
2016-02-08 17:57:28 -05:00
Joseph Schorr
6a8331d305
Tests for endpoints/web and some small fixes
2016-02-05 09:45:25 +02:00
Joseph Schorr
534ec9cb2b
Add pagination to the repository list API to make it better for public
...
Fixes #1166
2016-02-01 22:42:44 +02:00
Jake Moshenko
9310fe1832
Convert some flask-login user methods to properties
2016-01-29 10:36:28 -05:00
Joseph Schorr
accc576a98
Fix V1 push URL to match Docker and fix registry tests
2016-01-29 16:42:15 +02:00
Jake Moshenko
018bf8c5ad
Refactor how parsed_args are passed to methods
2016-01-26 16:27:36 -05:00
Joseph Schorr
335c8eb3a9
Add 2 day TTL to page tokens
2016-01-26 14:04:03 -05:00
Joseph Schorr
b4bddacedb
Switch to Fernet crypto as per gtank's recommendation
2016-01-26 12:50:48 -05:00
Joseph Schorr
bd0a098282
Add ID-based pagination to logs using new decorators and an encrypted token
...
Fixes #599
2016-01-26 12:50:48 -05:00
Joseph Schorr
a03f0f1970
Fix manifest content type
...
Fixes #1168
2016-01-25 16:39:59 -05:00
josephschorr
b081e234f8
Merge pull request #1162 from coreos-inc/publicnocredauth
...
Fix issue with Docker 1.8.3 and pulling public repos with no creds
2016-01-25 16:07:55 -05:00
Joseph Schorr
8cd38569d6
Fix issue with Docker 1.8.3 and pulling public repos with no creds
...
We now return the valid subset of auth scopes requested.
Adds a test for this case and adds testing of all returned JWTs in the V2 login tests
2016-01-25 15:54:17 -05:00
Jimmy Zelinskie
85ae1a2a0a
Merge pull request #1161 from jzelinskie/torrenthmac
...
misc torrent changes
2016-01-22 23:02:44 -05:00
josephschorr
566a91f003
Merge pull request #1160 from coreos-inc/dockerv2authsucks
...
Fix Docker Auth and our V2 registry paths to support library (i.e. namespace-less) repositories.
2016-01-22 16:00:30 -05:00
Joseph Schorr
e4ffaff869
Fix Docker Auth and our V2 registry paths to support library (i.e. namespace-less) repositories.
...
This support is placed behind a feature flag.
2016-01-22 15:54:06 -05:00
Jimmy Zelinskie
e54b86c6eb
s/TORRENT/BITTORRENT
2016-01-22 15:52:28 -05:00
josephschorr
d00db518df
Merge pull request #1153 from coreos-inc/fixtutorial
...
Fix tutorial by properly publishing user events for V2 API
2016-01-22 12:51:47 -05:00
josephschorr
cd81d1e4f5
Merge pull request #1156 from coreos-inc/torrentverb
...
Add support for torrenting verbs
2016-01-20 18:15:52 -05:00
Joseph Schorr
7c572fd218
Add support for torrenting verbs
...
Fixes #1130
2016-01-20 18:15:32 -05:00
Joseph Schorr
068301ef1f
Add more debugging statements to V2 auth
...
Also fixes a spurious return
2016-01-20 18:06:46 -05:00
Joseph Schorr
22b8a562be
Fix tutorial by properly publishing user events for V2 API
...
Fixes #1123
2016-01-20 13:42:30 -05:00
Jake Moshenko
5f10c3f7ed
Merge pull request #1149 from jakedt/notsoswift
...
Improve swift path computations
2016-01-15 15:54:35 -05:00
Jake Moshenko
612098b645
Use the centrally initialized storage engine for verbs in master process
2016-01-15 15:35:04 -05:00
Jake Moshenko
3071152dd1
Fix the JWK to use base64 encoded bytes
2016-01-14 10:08:35 -05:00
Jimmy Zelinskie
de750defdb
s/RSA256/RS256
2016-01-13 12:59:53 -05:00
Jimmy Zelinskie
bcdbf0301d
add cache-control headers to /keys
2016-01-12 17:58:21 -05:00
Joseph Schorr
e4da61a05d
Fix piece hash calculation
2016-01-12 17:44:19 -05:00
Jake Moshenko
8ab6c8a22d
Fix torrent hash generation to work in mixed stacks
2016-01-11 16:43:46 -05:00
Jimmy Zelinskie
d21b4adc62
remove global for get_route_data
2016-01-08 16:43:15 -05:00
Jake Moshenko
1ae101c917
Address torrent feature review comments.
2016-01-08 16:38:21 -05:00
Jimmy Zelinskie
8a924aae4a
move jwk set URI to /keys
2016-01-08 16:22:31 -05:00
Jimmy Zelinskie
559a55b1de
add lru cache to _get_route_data()
2016-01-08 16:22:17 -05:00
Jake Moshenko
b9821290f6
Merge remote-tracking branch 'upstream/master' into torrent
2016-01-08 15:43:12 -05:00
Jake Moshenko
17d3b5e204
Fix a bug with torrent calculation on duplicate v2 uploads
2016-01-08 15:08:12 -05:00
josephschorr
269bd80f53
Merge pull request #1121 from coreos-inc/typofix2
...
Fix typo
2016-01-08 14:30:42 -05:00
Joseph Schorr
161475baaa
Break circular dependencies introduced by importing common in verbs
2016-01-08 13:54:40 -05:00
Jimmy Zelinskie
087c6828ad
add feature.BITTORRENT and jwk set URI
2016-01-07 19:07:23 -05:00
Jimmy Zelinskie
e8c0a8355f
only check repo usage when billing enabled
2016-01-07 14:34:19 -05:00
Jimmy Zelinskie
a089b3c383
torrent: don't get user when public repo
2016-01-07 14:16:21 -05:00
Joseph Schorr
cd204d8940
Fix typo
2016-01-06 15:00:36 -05:00
Jake Moshenko
476ac8cec9
Add piece hashing to verbs generated image storages
2016-01-06 12:01:15 -05:00
Jake Moshenko
9e2b6a312a
Fix typo in method name
2016-01-06 10:59:54 -05:00
Jake Moshenko
8f80d7064b
Hash v1 uploads for torrent chunks
2016-01-05 14:43:40 -05:00
Jake Moshenko
44fcc7e44b
Fix logic when deciding whether to hash for torrent
2016-01-05 12:13:26 -05:00
Jimmy Zelinskie
0f6c77caab
s/repository/repo_name
2016-01-04 16:17:51 -05:00
Jimmy Zelinskie
c780572e69
add public/private torrent swarms
2016-01-04 16:17:51 -05:00
Jimmy Zelinskie
4cb06525a4
finish implementing torrent verb
2016-01-04 16:17:51 -05:00
Jake Moshenko
ce8fcbeaae
Update the pieces to use base64 encoded binary
2016-01-04 16:17:51 -05:00
Jake Moshenko
fe87d3c796
Hash and track layer file chunks for torrenting
2016-01-04 16:17:51 -05:00
Jimmy Zelinskie
6f6c82a217
implement torrent verb
2016-01-04 16:16:40 -05:00
josephschorr
f748d4348d
Merge pull request #1106 from coreos-inc/billingemail
...
Add support for custom billing invoice email address
2016-01-04 14:34:30 -05:00
josephschorr
0ca01e5ae4
Merge pull request #1105 from coreos-inc/qeversion
...
Show version number next to copyright in QE
2016-01-03 17:57:11 -05:00
Jimmy Zelinskie
a967340aad
update format_date to handle December
2016-01-01 18:59:27 -05:00
josephschorr
28eb31ed36
Merge pull request #1102 from coreos-inc/deleteimagediff
...
Delete the image diff feature
2015-12-29 14:47:38 -05:00
josephschorr
6371f5e9be
Merge pull request #1107 from coreos-inc/errorresponsetype
...
Switch error messages to have content type JSON
2015-12-29 12:26:35 -05:00
Joseph Schorr
31a8a0fba4
Better UX when recovering organization emails
...
Fixes #291
2015-12-28 15:25:31 -05:00
Joseph Schorr
2f3d77157b
Switch error messages to have content type JSON
...
Fixes #893
2015-12-28 14:17:44 -05:00
Joseph Schorr
10efa96009
Add support for custom billing invoice email address
...
Fixes #782
2015-12-28 13:59:50 -05:00
Joseph Schorr
be61730224
Show version number next to copyright in QE
...
Fixes #672
2015-12-28 13:27:32 -05:00
Joseph Schorr
ab166c4448
Delete the image diff feature
...
Fixes #1077
2015-12-23 13:08:01 -05:00
Joseph Schorr
327258c83e
Add namespace to be returned by docker search
...
Fixes #956
2015-12-17 16:38:06 -05:00
Jake Moshenko
3fda6696e5
Merge pull request #1069 from jakedt/trackhostname
...
Trackhostname
2015-12-16 14:08:55 -05:00
Jake Moshenko
d5bebe2149
Add the hostname to mixpanel requests.
2015-12-16 13:43:31 -05:00
Jake Moshenko
766d60493f
Add the ability to blacklist v2 for specific versions
2015-12-15 18:27:10 -05:00
Joseph Schorr
ca7d36bf14
Handle empty scopes and always send the WWW-Authenticate header, as per spec
...
Fixes #1045
2015-12-15 14:59:47 -05:00
Joseph Schorr
ea9ebb98e6
Sample repo pulls in V2
...
Fixes #1058
2015-12-14 17:41:16 -05:00
Joseph Schorr
54095eb5cb
Handle the common case of one chunk when calculating the uncompressed size
...
Reference #992
2015-12-14 15:27:48 -05:00
josephschorr
1323da20e3
Merge pull request #1050 from coreos-inc/v2betterlogging
...
Make our JWT subjects better and log using the info
2015-12-14 15:24:39 -05:00
Silas Sewell
881fd53714
Merge pull request #1056 from coreos-inc/dont-hide-ioerror
...
Handle IOErrors in v2 uploads
2015-12-14 14:46:46 -05:00
Joseph Schorr
4a4eee5e05
Make our JWT subjects better and log using the info
...
Fixes #1039
2015-12-14 14:00:33 -05:00
Silas Sewell
2dcc1f13a6
Handle IOErrors in v2 uploads
2015-12-14 11:58:24 -05:00
Joseph Schorr
d963f7174a
Change manifest delete to mark tag as dead and log
2015-12-10 15:45:53 -05:00
Jake Moshenko
9f13bb8960
Fix the overlap condition on resumed uploads
2015-12-10 13:14:11 -05:00
josephschorr
37dec895ce
Merge pull request #987 from coreos-inc/multimanifest
...
Make manifest generation safe for multiple callers
2015-12-08 14:12:39 -05:00
josephschorr
6c897a7c22
Merge pull request #1035 from coreos-inc/closeforlong
...
Close for long operation before we upload chunks
2015-12-07 14:22:29 -05:00
Joseph Schorr
bcd7f45905
Close for long operation before we upload chunks
2015-12-07 14:11:56 -05:00
Joseph Schorr
b8bd92a64f
Handle 404s on blob uploads
...
Fixes #1033
2015-12-07 12:30:28 -05:00
Joseph Schorr
ee0eb80c8f
Fix blob content types
...
Fixes #990
2015-12-04 16:13:58 -05:00
josephschorr
32fae5533c
Merge pull request #1022 from coreos-inc/manifestexc
...
Only write exceptions for manifest gen when a tag exists
2015-12-04 14:32:06 -05:00
Silas Sewell
d28768f792
Make eventConfig required in create notification
2015-12-03 18:28:07 -05:00
Joseph Schorr
c324ebd7f6
Only write exceptions for manifest gen when a tag exists
...
Fixes #1019
Currently, we just raise an exception to the logs regardless, which can make it appear as if there is an issue (when there isn't).
2015-12-03 16:04:17 -05:00
Silas Sewell
8781cf6e11
Increase nginx proxy timeout and close db before storage operation
2015-12-03 11:19:39 -05:00
Silas Sewell
664a2951cc
Don't send content-length when redirecting v2 blob
...
Fixes #1012
2015-12-02 21:28:11 -05:00
Quentin Machu
8a539c4bc1
Fix security notification perform condition
...
As defined in util/secscan/api.py, Critical < High < Medium < Low < Negligible < Unknown. We have to send the notification if the expected level is higher than the vulnerability level, not the opposite.
2015-11-30 13:54:34 -05:00
josephschorr
dc1f6c2d87
Merge pull request #974 from coreos-inc/derivedfix
...
Derived image fixes
2015-11-25 11:57:16 -05:00
Joseph Schorr
6ed705be15
Make manifest generation safe for multiple callers
...
Fixes #985
2015-11-24 18:38:29 -05:00
josephschorr
0dbd19a236
Merge pull request #976 from coreos-inc/incidentaltests
...
Add login tests and fix scope security issue
2015-11-24 13:42:06 -05:00
Joseph Schorr
75a91f0f92
Add login tests and fix scope security issue
2015-11-24 13:39:16 -05:00
Joseph Schorr
762cd56e64
Change derived storage to be based on image
...
Fixes #971
2015-11-24 12:44:07 -05:00
josephschorr
1eb019cd16
Merge pull request #970 from coreos-inc/disableverbcaching
...
Disable derived image storage entirely until we fix it to be by image…
2015-11-23 23:56:51 -05:00
Joseph Schorr
5d3aa2a2b9
Disable derived image storage entirely until we fix it to be by image, not storage
2015-11-23 23:49:46 -05:00
Joseph Schorr
a0e597f957
Send Docker-Content-Digest headers on GET requests
...
Fixes #955
2015-11-23 13:56:34 -05:00
Joseph Schorr
5c8eea2728
Log when pulls occur in V2
...
Fixes #958
2015-11-20 21:30:03 -05:00
Jake Moshenko
0c44949017
Return a 401 when doing a login with bad credentials
2015-11-20 18:37:52 -05:00
Joseph Schorr
b49435bfee
Fix track_and_log for grant-ed users
2015-11-19 17:41:27 -05:00
Jake Moshenko
b564492ea7
Improve the performance of fetching manifest blobs by checksum.
2015-11-19 11:01:47 -05:00
Jake Moshenko
e01f5ce06e
Re-enable squashed caching
2015-11-18 22:05:07 -05:00
Jake Moshenko
39d799b1aa
Fix anonymous repository pulls
2015-11-18 20:11:06 -05:00
Jake Moshenko
c27f91f7cf
Fix token pushes for v2 auth, tokens have no user
2015-11-18 19:18:12 -05:00
Matt Jibson
f02bb3caee
Add user admin scope
...
Also remove unused scope decorator.
fixes #890
2015-11-18 12:01:40 -05:00
Silas Sewell
f3dafd50e4
Fix squash pull after v2 merge
2015-11-17 18:25:43 -05:00
Jake Moshenko
7205bf5e7f
Merge pull request #885 from jakedt/python-registry-v2
...
Python registry v2 mega merge
2015-11-16 16:15:40 -05:00
Matt Jibson
d5fb8cafd4
Don't expose unnamed API operations
...
fixes #861
2015-11-16 15:40:33 -05:00
Jake Moshenko
4cc619f4ca
Clean up v2 branch to no longer warn about readiness
2015-11-16 14:42:43 -05:00
Jake Moshenko
0459c3bc54
Merge remote-tracking branch 'upstream/master' into python-registry-v2
2015-11-16 14:22:54 -05:00
Jake Moshenko
52125bbfed
Fix gc by using the v1/v2 storage location helper everywhere
2015-11-16 14:13:37 -05:00
Joseph Schorr
32a799a067
Remove code that adds images to the image diff queue
2015-11-13 12:42:43 -05:00
Joseph Schorr
db1fae4cfc
Fix security scan endpoint status
2015-11-13 01:06:18 -05:00
Joseph Schorr
b7206a8cfc
Remove file added accidentally by merge
2015-11-12 22:03:13 -05:00
Joseph Schorr
7816b0c657
Merge master into vulnerability-tool
2015-11-12 21:52:47 -05:00
Joseph Schorr
3b3f101ea6
Vulnerability UI part 2
...
Fixes #860
Fixes #855
2015-11-12 16:59:36 -05:00
Jake Moshenko
44d06b0c2e
Fix v1 backward compatibility
2015-11-12 16:22:19 -05:00
Joseph Schorr
76ce63895f
New Quay Sec UI and fix some small bugs
...
Fixes #855
2015-11-11 18:15:58 -05:00
Jake Moshenko
ab340e20ea
Merge remote-tracking branch 'upstream/master' into python-registry-v2
2015-11-11 16:41:40 -05:00
Jake Moshenko
a1ccd860e7
Merge pull request #823 from coreos-inc/phase3-11-07-2015
...
Phase3 11 07 2015
2015-11-11 14:22:19 -05:00
Joseph Schorr
ca7d736db2
Only send vulnerability events if the minimum priority is gte to that specified
...
Fixes #770
2015-11-10 16:05:55 -05:00
Joseph Schorr
888ec17538
Recover by email needs to allow anon access to its endpoints
2015-11-10 15:41:19 -05:00
Jimmy Zelinskie
8e2868737b
rename secscan_endpoint and move db close to API
2015-11-10 15:22:31 -05:00
Jimmy Zelinskie
d651ea4b48
initial security notification worker
2015-11-10 15:22:30 -05:00