1443 commits

Author	SHA1	Message	Date
Joseph Schorr	343a080833	Make security scan testing much faster	2016-05-05 13:55:24 -04:00
Jake Moshenko	9221a515de	Use the registry API for security scanning ... when the storage engine doesn't support direct download url	2016-05-04 18:04:06 -04:00
Joseph Schorr	73fa593d02	Various small fixes in prep for QE release	2016-05-04 15:20:27 -04:00
josephschorr	550b9cb2b3	Merge pull request #1428 from coreos-inc/clair-setup-new ... Implement setup tool support for Clair	2016-05-04 13:52:54 -04:00
Joseph Schorr	2cbdecb043	Implement setup tool support for Clair ... Fixes #1387	2016-05-04 13:40:50 -04:00
Joseph Schorr	6e2df3b339	Fix key server to not list expired keys ... Fixes the key server to not list expire keys and by default not return expired or unapproved keys unless explicitly requested. Fixes #1430	2016-05-03 17:58:47 -04:00
josephschorr	f0af2ca9c3	Merge pull request #1407 from coreos-inc/enterpriselanding ... Add Enterprise Landing page	2016-05-03 13:52:22 -04:00
Evan Cordell	2242c6773d	Add 'Automatic' ServiceKeyApprovalType	2016-04-29 14:10:33 -04:00
Evan Cordell	668ce2c7cd	Generate private key on startup	2016-04-29 14:10:33 -04:00
Joseph Schorr	6091db983b	Hide expired keys outside of their staleness window	2016-04-29 14:10:33 -04:00
Jimmy Zelinskie	726cb5fe6a	key server: 403 on expired approved keys (#1410)	2016-04-29 14:09:37 -04:00
Joseph Schorr	4f63a50a17	Change account-less logs to use a user and not null ... This allows us to skip the migration	2016-04-29 14:09:37 -04:00
Jimmy Zelinskie	ca5794ba18	key server: use total_seconds() for cache headers	2016-04-29 14:09:37 -04:00
Joseph Schorr	5d6e5a42e8	Add delete logging and tests for logging	2016-04-29 14:09:09 -04:00
Jimmy Zelinskie	6aa7040f39	keyserver: add cache-control headers	2016-04-29 14:05:16 -04:00
Joseph Schorr	bc08ac2749	Fix timeouts in the JWT endpoint tests	2016-04-29 14:05:16 -04:00
Joseph Schorr	522cf68c5d	Lots of smaller fixes: ... - Add the rotation_duration to the keys API - Have the key service UI use the new rotation_duration field - Fix notification deletion lookup path - Add proper support for the new notification in the UI - Only delete expired keys after 7 days (configurable) - Fix angular digest loop - Fix unit tests - Regenerate initdb	2016-04-29 14:05:16 -04:00
Jimmy Zelinskie	d0bd70fb36	endpoints.web: add missing import	2016-04-29 14:05:16 -04:00
Jimmy Zelinskie	370ac3ecd0	service keys: add rotation_duration field	2016-04-29 14:05:16 -04:00
Jimmy Zelinskie	fca258d8bf	endpoints: remove /keys ... BitTorrent support should now be able to use the keyserver infrastructure instead.	2016-04-29 14:05:16 -04:00
Jimmy Zelinskie	9f4a4092da	keyserver: get signer kid from unverified headers	2016-04-29 14:05:16 -04:00
Joseph Schorr	08017c5111	Further UI updates	2016-04-29 14:05:16 -04:00
Jimmy Zelinskie	cfc15746a6	keyserver: tests!	2016-04-29 14:05:16 -04:00
Jimmy Zelinskie	d19eb16b45	keyserver: add generate key function ... The superuser API, initdb, and tests will all need this functionality.	2016-04-29 14:05:16 -04:00
Joseph Schorr	fb1dca4e94	Add API usage tests	2016-04-29 14:05:16 -04:00
Joseph Schorr	11ff3e9b59	keys ui WIP	2016-04-29 14:05:16 -04:00
Jimmy Zelinskie	136f92400f	key_server: remove s at the end of endpoint	2016-04-29 13:38:25 -04:00
Jimmy Zelinskie	e456228434	keyserver: insert rotation policy into metadata	2016-04-29 13:38:25 -04:00
Jimmy Zelinskie	885a41e6f5	key server: misc fixes to make jwtproxy work	2016-04-29 13:38:25 -04:00
Jimmy Zelinskie	50ad1bb6b1	key server: misc cleanup to get it working	2016-04-29 13:38:25 -04:00
Jimmy Zelinskie	c0ab45d335	key server: derive audience from host and scheme	2016-04-29 13:38:25 -04:00
Jimmy Zelinskie	93720bd0f4	superuser: proper view for approvals/keys	2016-04-29 13:38:25 -04:00
Jimmy Zelinskie	d277fe6741	add final service key config	2016-04-29 13:38:25 -04:00
Jimmy Zelinskie	c6b8b3ce8c	service_keys: s/get_keys/list_keys	2016-04-29 13:38:25 -04:00
Jimmy Zelinskie	0ec54fc70e	clear notifications on delete/replace service_key	2016-04-29 13:38:25 -04:00
Jimmy Zelinskie	42b5196b21	add notification path and use for service keys	2016-04-29 13:38:25 -04:00
Jimmy Zelinskie	97ae800e6c	canonicalize json	2016-04-29 13:38:25 -04:00
Jimmy Zelinskie	f406942984	converging on proper rotation	2016-04-29 13:38:25 -04:00
Jimmy Zelinskie	aaf9e83278	basically finish superuser key api	2016-04-29 13:38:25 -04:00
Jimmy Zelinskie	35ed73e195	rework superuser api	2016-04-29 13:38:25 -04:00
Jimmy Zelinskie	4079dba167	service keys: do all the right stuff	2016-04-29 13:38:25 -04:00
Jimmy Zelinskie	499bb16306	service key server wip	2016-04-29 13:38:25 -04:00
Joseph Schorr	c6f7dfa102	Add Enterprise Landing page ... Note: The design comes directparners.	2016-04-28 13:47:54 -04:00
Joseph Schorr	03489c22ad	Log the pushed tag and add IP address display ... Fixes #798	2016-04-20 13:00:21 -04:00
Evan Cordell	9a1d97216b	Switch error mimetype back to application/json	2016-04-18 17:42:08 -05:00
Evan Cordell	4d7843580f	Fix superuser page	2016-04-15 16:50:01 -04:00
josephschorr	cf04fedd6a	Merge pull request #1347 from coreos-inc/marketingtagman ... Add Google Tag Manager support to Quay	2016-04-13 16:50:36 -04:00
Evan Cordell	09064853ac	Merge pull request #1364 from ecordell/error-json-fixes ... Fix error-related issues	2016-04-13 13:32:00 -04:00
Evan Cordell	eb3e7eba88	Merge pull request #1351 from ecordell/document-201-swagger ... Swagger: document 201 responses for POST requests	2016-04-13 09:50:34 -04:00
Evan Cordell	e1b3312495	Add back error_message and error_type for backwards-compatibility	2016-04-13 09:11:40 -04:00