Commit graph

4163 commits

Author SHA1 Message Date
Jake Moshenko
79c89ba11d Re-enable parent id backfill, use new backfill style 2015-11-06 15:45:39 -05:00
Jake Moshenko
88b9e80cbb Backfill the v1 checksums from imagestorage 2015-11-06 15:28:44 -05:00
Jimmy Zelinskie
f3c3e684a1 prepare branch to be merged into phase1-11-07-2015
This removes the checksum backfill, removes the migration that runs the
backfills, and defaults the security scan feature off.
2015-11-06 15:22:18 -05:00
Quentin Machu
af4511455f Remove .distinct() from these queries 2015-11-06 15:22:18 -05:00
Joseph Schorr
cfa03951e1 Add a SecScanEndpoint class and move all the cert and config handling in there 2015-11-06 15:22:18 -05:00
Joseph Schorr
e4508fc0d0 Add vulnerabilities and packages API to Quay
Fixes #564
2015-11-06 15:22:18 -05:00
Quentin Machu
a4c78ba99a Add support for Quay's vulnerability tool 2015-11-06 15:22:18 -05:00
Joseph Schorr
0f3db709ea Add a vulnerability_found event for notice when we detect a vuln
Fixes #637

Note: This PR does *not* actually raise the event; it merely adds support for it
2015-11-06 15:22:18 -05:00
Quentin Machu
3677947521 Add support for Quay's vulnerability tool 2015-11-06 15:22:18 -05:00
Joseph Schorr
2d1df267dd Add security config 2015-11-06 15:22:18 -05:00
Quentin Machu
1b41200e49 Fix PostgresSQL compatibility and parent omittance securityworker 2015-11-06 15:22:18 -05:00
Quentin Machu
a99b8fcfe4 Fix migration 2015-11-06 15:22:18 -05:00
Quentin Machu
f59e35cc81 Add support for Quay's vulnerability tool 2015-11-06 15:22:18 -05:00
Jake Moshenko
3d0bcbaaeb Move v1 checksums to image and track v2 separately 2015-11-06 15:17:55 -05:00
Joseph Schorr
2b3633b107 Remove the used_legacy_github column 2015-11-06 15:17:55 -05:00
Joseph Schorr
bbf4a1fac4 Remove the used_legacy_github column 2015-11-06 15:17:55 -05:00
Jake Moshenko
8edcdd94b3 Merge pull request #808 from jakedt/roadmap
Update our roadmap.
2015-11-06 14:00:27 -05:00
Jake Moshenko
d7720d4c67 Update our roadmap. 2015-11-06 13:59:29 -05:00
Matt Jibson
9df80d713e Merge pull request #803 from mjibson/aci-rootfs
Allow listing of ACI rootfs by non-root
2015-11-06 13:22:37 -05:00
Matt Jibson
86ca2d7f44 Allow listing of ACI rootfs by non-root
Also the image ID folder for docker squash.

This method is only called in 2 places: once for the ACI rootfs, and once
for squashing docker images. The previous (0644) permissions could
theoretically have been depended on by someone, but it is doubtful.

fixes #802
2015-11-06 13:22:04 -05:00
Matt Jibson
576fcf5325 Merge pull request #799 from mjibson/status-badge-cache
Set and use ETag headers on status badges
2015-11-06 12:15:35 -05:00
Matt Jibson
f4b57eff96 Set and use ETag headers
Also set no-cache exactly as github recommends. The removed @no_cache
decorater used "Cache-Control:no-cache, no-store, must-revalidate", but
just no-cache should be sufficient, and should certainly work correctly
with github.

See: https://github.com/github/markup/issues/224#issuecomment-48532178

fixes #712
2015-11-06 12:15:15 -05:00
Silas Sewell
4f6d81b1ec Merge pull request #794 from coreos-inc/build-sh-sha1
Update build.sh to work with GIT_HEAD
2015-11-04 18:31:55 -05:00
Silas Sewell
d2b0caa838 Update build.sh to work with GIT_HEAD 2015-11-04 16:55:34 -05:00
Quentin Machu
da1fe7d48b Merge pull request #790 from Quentin-M/set4O4
Define nginx v2 vhost & properly set 404 status code
2015-11-04 16:32:11 -05:00
josephschorr
11be448d75 Merge pull request #773 from coreos-inc/imageload
Never load the full repo image list
2015-11-04 16:29:20 -05:00
Matt Jibson
74d70ce3ea Merge pull request #792 from mjibson/error-notification-color
Make error notification text white
2015-11-04 16:26:21 -05:00
Matt Jibson
2f92b7f705 Make error notification text white
Otherwise it's a dark color on red; unreadable.
2015-11-04 16:13:41 -05:00
Joseph Schorr
4f41f79fa8 Never load the full repo image list
Always make smaller queries per tag to ensure we scale better

Fixes #754
2015-11-04 15:53:00 -05:00
Quentin Machu
c1fa22d9b0 Define nginx v2 vhost & properly set 404 status code
Fixes #777
2015-11-04 14:56:18 -05:00
Matt Jibson
5f49c4da7c Merge pull request #786 from mjibson/short-sha
Use 7 chars for git short SHAs
2015-11-04 14:21:20 -05:00
Matt Jibson
0e68918748 Use 7 chars for git short SHAs
fixes #713
2015-11-04 14:08:10 -05:00
Matt Jibson
249269ad50 Merge pull request #715 from mjibson/localhost
Use local IP instead of deprecated docker IP
2015-11-04 13:49:42 -05:00
josephschorr
c3a4c36df7 Merge pull request #761 from coreos-inc/fixtoomanylogin
Move decorator for TooManyLoginAttempts into general decorated module
2015-11-04 12:29:01 -05:00
Matt Jibson
57ffb39651 Merge pull request #714 from mjibson/queue-locking
Refactor queue locking to not use select for update
2015-11-04 12:05:53 -05:00
Silas Sewell
cf1b0eb2fb Merge pull request #783 from coreos-inc/fix-github-exception-ref
Fix missing GithubException ref
2015-11-04 11:47:02 -05:00
Silas Sewell
4f9a7b3482 Fix missing GithubException ref 2015-11-04 11:19:49 -05:00
josephschorr
1520d68c80 Merge pull request #780 from coreos-inc/disable404
Disable 404, as it is breaking V2 API checks
2015-11-04 02:50:27 -05:00
Joseph Schorr
d4646e459e Disable 404, as it is breaking V2 API checks 2015-11-04 02:47:33 -05:00
Silas Sewell
3aaa00e3b0 Merge pull request #775 from coreos-inc/disable-diff-worker
Disable diffsworker
2015-11-04 00:01:53 -05:00
Silas Sewell
49b395ba4e Disable diffsworker 2015-11-03 23:59:38 -05:00
josephschorr
43720b27e7 Merge pull request #765 from coreos-inc/fixverbs2
Fix layer ordering in verbs
2015-11-03 15:00:09 -05:00
Joseph Schorr
95c47fe250 Fix layer ordering in verbs 2015-11-03 14:43:47 -05:00
Jimmy Zelinskie
9039026ebe Merge pull request #763 from jzelinskie/changes
changelog: cut v1.13.2
2015-11-03 12:31:30 -05:00
Jimmy Zelinskie
f14b874a4e changelog: cut v1.13.2 2015-11-03 12:30:14 -05:00
josephschorr
d99cf1b6fc Merge pull request #762 from coreos-inc/api404
Do not redirect on API 404
2015-11-03 12:24:43 -05:00
Joseph Schorr
cf8497593d Do not redirect on API 404 2015-11-03 12:23:39 -05:00
Joseph Schorr
5e1cd2b2ad Move decorator for TooManyLoginAttempts into general decorated module
Currently, this is missing in gunicorn_registry which causes 500s when user logins become throttled
2015-11-03 12:16:01 -05:00
Jimmy Zelinskie
c7b25a704c Merge pull request #760 from jzelinskie/changes
changelog: cut 1.13.1
2015-11-03 12:06:28 -05:00
Jimmy Zelinskie
914f527c8a changelog: cut 1.13.1 2015-11-03 12:04:54 -05:00