vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
6422 commits 2 branches 62 tags 205 MiB
Commit graph

1654 commits

Author SHA1 Message Date
Joseph Schorr
9413e25123 Change georeplication queuing to use new batch system 2016-12-21 17:44:30 -05:00
josephschorr
732ab67b57 Merge pull request #2252 from coreos-inc/parallel-tests 
Fix pytests and enable parallel registry tests
 2016-12-20 16:56:52 -05:00
Joseph Schorr
481cebe46b Fix pytests and enable parallel registry tests 2016-12-20 15:42:04 -05:00
Joseph Schorr
f4f5a065df Add check for None repository in start build API 
Fixes #2244
 2016-12-19 11:40:24 -05:00
Brad Ison
2730c26b2e Merge pull request #2237 from coreos-inc/metrics-labels 
Don't record size in chunk upload metrics
 2016-12-15 14:20:34 -05:00
Brad Ison
df7366eace Add chunk size metric 2016-12-15 13:20:16 -05:00
EvB
43aed7c6f4 fix(endpoints/api): return empty 204 resp 
Return an empty body on API requests with status code 204, which
means "No content". Incorrect 'Deleted' responses were being
returned after successful DELETE operations despite the "No Content"
definition of 204.
 2016-12-14 16:22:39 -05:00
Brad Ison
8f59ac1251 Don't record size in chunk upload metrics 2016-12-14 12:16:02 -05:00
Joseph Schorr
fd364ccca3 Remove unneeded exception var 2016-12-09 14:52:49 -05:00
Joseph Schorr
1302fd2fbd Switch csrf token check to use compare_digest to prevent timing attacks 
Also adds some additional tests for CSRF tokens
 2016-12-08 23:46:31 -05:00
Joseph Schorr
dbdcb802b1 Add end-to-end OAuth login and attach tests 2016-12-08 18:35:42 -05:00
Joseph Schorr
36324708db Fix small pylint issues 2016-12-08 16:21:44 -05:00
Joseph Schorr
ff52fde8a5 Have Quay always use an OAuth-specific CSRF token 
This change ensures that we always store and then check the contents of the OAuth `state` argument against a session-stored CSRF token.

Fixes https://www.pivotaltracker.com/story/show/135803615
 2016-12-08 16:11:57 -05:00
josephschorr
543d86ae10 Merge pull request #2221 from coreos-inc/fix-error-pages 
Have all error pages be rendered by Angular
 2016-12-07 17:53:14 -05:00
josephschorr
111b7b0788 Merge pull request #2206 from coreos-inc/ldap-user-search-fix 
Fix external auth returns for query_user calls
 2016-12-07 17:53:04 -05:00
Joseph Schorr
c06bba38de Have all error pages be rendered by Angular 
Fixes #2198

Fixes https://www.pivotaltracker.com/story/show/135724483
 2016-12-07 17:49:02 -05:00
Jimmy Zelinskie
00eafff747 Merge pull request #2204 from jzelinskie/429builds 
add rate limiting to build queues
 2016-12-07 15:03:31 -05:00
Joseph Schorr
3203fd6de1 Fix external auth returns for query_user calls 
Adds the missing field on the query_user calls, updates the external auth tests to ensure it is returned properly, and adds new end-to-end tests which call the external auth engines via the *API*, to ensure this doesn't break again
 2016-12-07 14:28:42 -05:00
Jimmy Zelinskie
ebbe58d311 replace prefix w/ canonical name list 2016-12-07 12:56:56 -05:00
Joseph Schorr
d349e1639a Fix doc comment on security scan API endpoint 
Fixes #2216
 2016-12-07 11:50:22 -05:00
Jimmy Zelinskie
c41de8ded6 build queue rate limiting: address PR comments 2016-12-06 20:40:54 -05:00
Jimmy Zelinskie
eb69abff8b build rate limiting: tests 2016-12-06 16:30:12 -05:00
Jimmy Zelinskie
57770493fa build rate limiting: use a rate 2016-12-06 16:30:12 -05:00
Jimmy Zelinskie
7877c6ab94 add rate limiting to build queues 2016-12-06 16:30:12 -05:00
Jake Moshenko
d656e54d99 Fix unsafe mutable default params. 2016-12-06 14:00:16 -05:00
Jake Moshenko
21e3001446 Add a bulk insert for queue and notifications. 
Use it for Clair spawned notifications.
 2016-12-06 14:00:16 -05:00
Joseph Schorr
97d150e281 Have QSS only add security scanner notifications once 2016-12-05 19:08:20 -05:00
Joseph Schorr
cf61c29671 Move SETUP_COMPLETE check up to allow users to add license 
Somehow this change got lost.
 2016-12-05 13:22:14 -05:00
Charlton Austin
4103a0b75f Adding in cancel notifications 2016-11-30 14:38:34 -05:00
josephschorr
b7aac159ae Merge pull request #2170 from coreos-inc/password-reset 
Fix small bugs around account recovery and user settings redirection
 2016-11-28 19:51:23 -05:00
Joseph Schorr
dcd8157207 Fix JWT exception in Dex code 2016-11-28 18:55:51 -05:00
Joseph Schorr
0e24f6b40a Fix user redirects to go to the correct URL 
`/user` no longer works and returns a 404; we now need to redirect to the specific user page
 2016-11-28 18:55:41 -05:00
Joseph Schorr
402ad25690 Change team invitation acceptance to join all invited teams under the org 
Fixes #1989
 2016-11-28 18:39:28 -05:00
Evan Cordell
9e96e6870f Add support for * (admin) permission to registry auth v2 endpoint 2016-11-28 14:02:08 -05:00
josephschorr
1529ed2086 Merge pull request #2154 from coreos-inc/receipt-filename 
Make receipt filenames include date information
 2016-11-23 12:25:53 -05:00
Joseph Schorr
964b1013d9 Make receipt filenames include date information 
Fixes #1997
 2016-11-21 15:35:56 -05:00
Joseph Schorr
080802ed2d Add tracking of pulled tag/digest to logs 
Fixes #2148
 2016-11-21 12:29:59 -05:00
Charlton Austin
2fe74e4057 Adding in UI for cancel anytime. 2016-11-21 10:58:32 -05:00
josephschorr
ff14601669 Merge pull request #2139 from coreos-inc/oauth-reauth 
Fix error displayed for OAuth if an existing token already matches scopes
 2016-11-17 16:42:56 -05:00
Joseph Schorr
0e602efbf9 Fix error displayed for OAuth if an existing token already matches scopes 
Before this change, the OAuth system would automatically redirect to display the code if the scopes requested were a subset of those already granted by the user. However, the missing process auth resulted in `get_authenticated_user` returning None, which broke the OAuth flow.

Fixes #2131
 2016-11-17 16:21:26 -05:00
Joseph Schorr
0b549125d9 Fix 500 on get label endpoint and add a test 
Fixes #2133
 2016-11-17 14:55:14 -05:00
Joseph Schorr
1a61ef4e04 Report the user's name and company to Marketo 
Also fixes the API to report the other changes (username and email) as well
 2016-11-14 17:34:50 -05:00
Joseph Schorr
aa2704acc7 Add a test for operation name collisions and fix the one additional collision found 2016-11-10 15:38:27 -05:00
Joseph Schorr
932fa56227 Fix name collision between the two organization delete calls 
Fixes #2104

The collision was causing the frontend to try to call the *superuser* method (in local, where superuser is enabled), but on prod (where it isn't), it was calling the normal method, which takes a different parameter name
 2016-11-10 15:28:20 -05:00
josephschorr
45b1148118 Merge pull request #2086 from coreos-inc/user-info 
Add collection of user metadata: name and company
 2016-11-09 13:15:07 -05:00
josephschorr
6200a2a49a Merge pull request #2088 from coreos-inc/license-about-notification 
Add a warning bar when the license will become invalid in a week
 2016-11-09 11:45:48 -05:00
Joseph Schorr
7e78406112 Add a defined timeout on all HTTP calls in notification methods 2016-11-08 18:28:06 -05:00
Joseph Schorr
0f2eb61f4a Add collection of user metadata: name and company 2016-11-08 16:15:02 -05:00
Joseph Schorr
74c3346562 Add a warning bar when the license will become invalid in a week 2016-11-08 14:24:55 -05:00
josephschorr
9aac68fbeb Merge pull request #2031 from coreos-inc/license-notification 
Add banner bar message when license has expired or is invalid
 2016-11-07 13:52:53 -05:00