Joseph Schorr
|
232fa42897
|
Add testing of the new secscan-for-local endpoint and fix a bug
|
2016-05-04 21:47:03 -04:00 |
|
Jake Moshenko
|
67031e4e33
|
Merge pull request #1438 from jakedt/local_analyze
Local analyze
|
2016-05-04 19:07:14 -04:00 |
|
Jake Moshenko
|
9221a515de
|
Use the registry API for security scanning
when the storage engine doesn't support direct download url
|
2016-05-04 18:04:06 -04:00 |
|
Jake Moshenko
|
1ef7008d85
|
Fix our url converters to not be silly
|
2016-05-04 17:38:21 -04:00 |
|
josephschorr
|
73e323c4d6
|
Merge pull request #1436 from coreos-inc/removeexpr
Remove old security scanner UI code
|
2016-05-04 15:27:08 -04:00 |
|
Joseph Schorr
|
9c22ee3e29
|
Remove old security scanner UI code
|
2016-05-04 15:25:30 -04:00 |
|
josephschorr
|
7fcb152e5f
|
Merge pull request #1435 from coreos-inc/smallfixes
Various small fixes in prep for QE release
|
2016-05-04 15:22:10 -04:00 |
|
Joseph Schorr
|
73fa593d02
|
Various small fixes in prep for QE release
|
2016-05-04 15:20:27 -04:00 |
|
josephschorr
|
f55fd2049f
|
Merge pull request #1433 from coreos-inc/ldapoptions
Add additional options for LDAP
|
2016-05-04 14:06:29 -04:00 |
|
Joseph Schorr
|
42515ed9ec
|
Add additional options for LDAP
Fixes #1420
|
2016-05-04 13:59:20 -04:00 |
|
josephschorr
|
550b9cb2b3
|
Merge pull request #1428 from coreos-inc/clair-setup-new
Implement setup tool support for Clair
|
2016-05-04 13:52:54 -04:00 |
|
Joseph Schorr
|
2cbdecb043
|
Implement setup tool support for Clair
Fixes #1387
|
2016-05-04 13:40:50 -04:00 |
|
josephschorr
|
ee6d632e1b
|
Merge pull request #1432 from coreos-inc/fix-keyserver
Fix key server to not list expired keys
|
2016-05-03 17:59:35 -04:00 |
|
Joseph Schorr
|
6e2df3b339
|
Fix key server to not list expired keys
Fixes the key server to not list expire keys and by default not return expired or unapproved keys unless explicitly requested.
Fixes #1430
|
2016-05-03 17:58:47 -04:00 |
|
Evan Cordell
|
53ce4de6aa
|
Merge pull request #1426 from ecordell/wait-for-jwtproxy-config
Don't start jwtproxy if conf is not created yet
|
2016-05-03 13:20:36 -05:00 |
|
josephschorr
|
0d794422bf
|
Merge pull request #1413 from coreos-inc/alwayssecure
Ensure that the `Secure` flag is set on session cookies when under HTTPS
|
2016-05-03 14:13:26 -04:00 |
|
Evan Cordell
|
8da0ba37ea
|
jwtproxy run: sleep between retries
|
2016-05-03 13:09:34 -05:00 |
|
josephschorr
|
f0af2ca9c3
|
Merge pull request #1407 from coreos-inc/enterpriselanding
Add Enterprise Landing page
|
2016-05-03 13:52:22 -04:00 |
|
Jimmy Zelinskie
|
f842545b3e
|
rename config values to remove "Quay" (#1431)
|
2016-05-03 13:11:21 -04:00 |
|
Jimmy Zelinskie
|
e502f50c88
|
tests: add test RSA key for torrent test (#1427)
|
2016-05-03 13:11:02 -04:00 |
|
Evan Cordell
|
ed96c9ec85
|
Don't print 'waiting' message when jwtproxy is restarting
|
2016-05-03 10:47:19 -05:00 |
|
Evan Cordell
|
612c546d16
|
Don't start jwtproxy if conf is not created yet
|
2016-05-02 17:10:56 -05:00 |
|
Jimmy Zelinskie
|
437ec84c9f
|
torrent: use quay.pem to mint JWT (#1425)
|
2016-05-02 18:10:16 -04:00 |
|
Jake Moshenko
|
9969101dac
|
Merge pull request #1424 from coreos-inc/jakedt-patch-1
Fix copy pasta
|
2016-05-02 12:01:34 -04:00 |
|
Jake Moshenko
|
1dd978aa76
|
Fix copy pasta
|
2016-05-02 12:00:26 -04:00 |
|
Jake Moshenko
|
2d08066901
|
Merge pull request #1423 from jakedt/secscanprocess
Split secscan endpoints into a new process
|
2016-05-02 11:47:21 -04:00 |
|
Jake Moshenko
|
cc8e58e7f4
|
Split secscan endpoints into a new process
|
2016-05-02 11:38:00 -04:00 |
|
Quentin Machu
|
fdf81860a1
|
Merge pull request #1419 from coreos-inc/extra_ca
Allow adding extra CA certificates
|
2016-04-29 17:36:35 -04:00 |
|
Quentin Machu
|
1207a71308
|
Allow adding extra CA certificates to the system
|
2016-04-29 17:25:45 -04:00 |
|
Jimmy Zelinskie
|
aadb22aaca
|
Merge pull request #1332 from coreos-inc/keyserver
JWT Key Server
|
2016-04-29 17:16:02 -04:00 |
|
Evan Cordell
|
af4106e5c0
|
Fix generatepresharedkey script
|
2016-04-29 15:21:19 -05:00 |
|
Jimmy Zelinskie
|
2aa88dcb80
|
only send notifications when superusers enabled
|
2016-04-29 15:42:25 -04:00 |
|
Jimmy Zelinskie
|
b89d81d748
|
test: add missing helpers.py file
|
2016-04-29 14:44:52 -04:00 |
|
Jimmy Zelinskie
|
29e2d7c9d4
|
data.model.log: remove unused method
|
2016-04-29 14:22:53 -04:00 |
|
Joseph Schorr
|
b5afc4bed6
|
Tiny CSS merge fix
|
2016-04-29 14:16:19 -04:00 |
|
Jimmy Zelinskie
|
e47b29a974
|
migration: add missing delete from down migration
This also reorganizes the file a bit.
|
2016-04-29 14:10:33 -04:00 |
|
Jimmy Zelinskie
|
4a521f5844
|
database: revert logentry foreign key proxy
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
85ab543e9e
|
Explicit expiration date param
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
489752a0b7
|
Only refresh current instance service key
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
a6f6a114c2
|
service key worker to refresh automatic keys
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
2242c6773d
|
Add 'Automatic' ServiceKeyApprovalType
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
c766727d1d
|
address review comments
- more inline documentation
- don't explicitly specify audience
- approver is optional in `generate_key`
- ADD -> RUN for better caching of jwtproxy
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
9df650688b
|
Install jwtproxy in /usr/local/bin
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
97ad9684d7
|
Use jwtproxy binary from github
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
d2aa4be29e
|
Explicitly set jwtproxy audience
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
0c2ecec9a9
|
Don't check for client certs when talking to clair
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
4d0627f83d
|
Turn down logging on jwtproxy
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
47a52a47eb
|
Remove unneeded service key expiration
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
9ffc32f680
|
Generate preshared key on boot
|
2016-04-29 14:10:33 -04:00 |
|
Evan Cordell
|
f30a9e56f3
|
Be really sure about proxy protocol
|
2016-04-29 14:10:33 -04:00 |
|