josephschorr
a6db05e8b5
Merge pull request #2718 from coreos-inc/tag-expiration
...
Formal tag expiration support
2017-07-19 17:48:11 -04:00
josephschorr
b8e5a21736
Merge pull request #2663 from coreos-inc/multi-instance-su-panel
...
Disable debug logs in superuser panel when under multiple instances
2017-07-19 17:28:05 -04:00
Joseph Schorr
9679ec91ec
Fix for hard merge
2017-07-19 17:13:49 -04:00
Joseph Schorr
7d4fed6892
Change error message when trying to pull a deleted or expired tag
...
Will let the users know they can recover the tag via time machine
Note: This was tested with the Docker protocol, but the new error code is *technically* out of spec; we should make sure its okay.
2017-07-19 17:13:48 -04:00
Joseph Schorr
99d7fde8ee
Add UI for viewing and changing the expiration of tags
2017-07-19 17:13:48 -04:00
Joseph Schorr
c5d8b5f86b
Add support for tag expiration based on a quay.expires-after
label
2017-07-19 17:13:06 -04:00
Joseph Schorr
7b8ce1df4c
Change signing API to use a data model interface
2017-07-19 16:29:58 -04:00
Charlton Austin
ae30a40921
Merge pull request #2800 from charltonaustin/create_data_interface_for_subsystem_api/logs_628
...
refactor(endpoints/api/logs*): Refactor to new data model
2017-07-19 15:51:57 -04:00
Charlton Austin
a7c818543d
refactor(endpoints/api/logs*): Refactor to new data model
...
moving things away from peewee data model to data model interface
[TESTING->locally with docker compose]
Issue: https://coreosdev.atlassian.net/browse/QUAY-628
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-19 13:43:27 -04:00
josephschorr
38d3417ca7
Merge pull request #2636 from coreos-inc/auth-health-check
...
Add support to health checks for auth and make health checks more descriptive
2017-07-19 12:55:37 -04:00
Alec Merdler
a1ed482200
Merge pull request #2737 from alecmerdler/data-interface-refactor-api/subscribe
...
refactor(/endpoints/api/subscribe.py): data interfaces
2017-07-19 10:06:59 -04:00
alecmerdler
791bd5aefc
refactored endpoints.api.subscribe to use abstracted data interface
2017-07-19 09:47:13 -04:00
Joseph Schorr
b7d6bb12fa
Hide extended health check information behind superuser permission or a session property
...
Also adds an endpoint that (when specified with the proper secret), sets the session property
2017-07-19 16:17:02 +03:00
Evan Cordell
cb02610bfb
fix bad merge
2017-07-18 15:52:06 -04:00
Evan Cordell
b8fc20c191
add pre-oci models for endpoints/api/__init__.py
2017-07-18 15:37:44 -04:00
Evan Cordell
dd58008470
Add docs to data interface for repo notifications
2017-07-18 14:21:22 -04:00
Evan Cordell
3db8d54a31
delete weird incomplete refactor
2017-07-18 11:20:58 -04:00
Evan Cordell
94c28b624e
fix tests after rebase, use _get_namespace_name_from
2017-07-18 11:07:55 -04:00
Evan Cordell
57517adef3
Add tests for repository notification api
2017-07-17 17:56:32 -04:00
Evan Cordell
9dad44e93d
Don't use repository object anywhere in endpoints/api/repositorynotification
...
Also adds support for audit logging with repo name only
2017-07-17 17:55:00 -04:00
Evan Cordell
047722b295
add data interface and pre oci impelementation for repo notifications
2017-07-17 17:53:08 -04:00
Jimmy Zelinskie
42869cb00a
endpoints.keyserver: new fs org for data interface
2017-07-17 14:25:18 -04:00
Charlton Austin
69a0a10ab4
fix(endpoints/notificationmethod.py): deals with pre oci and the previous data model
...
Issue: NA
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-14 10:32:38 -04:00
josephschorr
2f750bfc87
Merge pull request #2788 from coreos-inc/fix-notifications
...
Fix notification system to use the new tuple correctly
2017-07-14 00:26:16 +03:00
Joseph Schorr
63a97b6d2f
Add a TODO
2017-07-14 00:21:55 +03:00
Charlton Austin
48ed4f2875
Merge pull request #2787 from charltonaustin/create_data_interface_for_subsystem_api/repoemail_626
...
refactor(endpoints/api/repoemail): added in pre_oci model
2017-07-13 16:54:09 -04:00
Joseph Schorr
bf3e941d7f
Fix notification system to use the new tuple correctly
2017-07-13 22:43:26 +03:00
Charlton Austin
bbe9b033d0
style(endpoints/api/repoemail): ran yapf
...
### Description of Changes
Issue: https://coreosdev.atlassian.net/browse/QUAY-626
## Reviewer Checklist
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-13 15:34:48 -04:00
Charlton Austin
d01b55f27d
refactor(endpoints/api/repoemail): added in pre_oci model
...
### Description of Changes
this is so we can abstract away the data interface
[TESTING->locally with docker compose]
Issue: https://coreosdev.atlassian.net/browse/QUAY-626
## Reviewer Checklist
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-13 15:30:07 -04:00
Jimmy Zelinskie
9f4ffca736
Merge pull request #2751 from jzelinskie/registry-tests
...
test: convert registry auth test to pytest
2017-07-13 15:09:57 -04:00
josephschorr
fdb21aa5dc
Merge pull request #2777 from coreos-inc/joseph.schorr/QUAY-618/notificationworker-data-interface
...
Change notificationworker to use data interface
2017-07-13 00:23:15 +03:00
Charlton Austin
82488c9102
Merge pull request #2753 from charltonaustin/api_tag_v22
...
refactor(endpoints/api/tag): refactor code for v22
2017-07-12 15:51:48 -04:00
Jimmy Zelinskie
7d1bbbfe19
test: convert registry auth test to pytest
...
This also moves them into the auth package.
2017-07-12 15:14:12 -04:00
Charlton Austin
131acde317
refactor(data+endpoints): code review changes
...
this puts the view logic on the object and adds a parameter for logging
[TESTING->locally with docker compose]
Issue: https://coreosdev.atlassian.net/browse/QUAY-632
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-12 14:10:21 -04:00
Joseph Schorr
b6f1782642
Change notificationworker to use a data interface
2017-07-12 17:40:45 +03:00
Evan Cordell
939ddfd1d7
Merge v2.4.0-release into cherrypick-2.4.0
2017-07-10 10:25:18 -04:00
Charlton Austin
897a091692
style(data+endpoints): ran yapf
...
### Description of Changes
ran yapf for the branch
[TESTING->locally using docker compose]
Issue: https://coreosdev.atlassian.net/browse/QUAY-632
## Reviewer Checklist
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-10 09:46:02 -04:00
Charlton Austin
fc4b3642d3
refactor(endpoints/api/tag): refactor code for v22
...
this decouples the database models from the api
[TESTING->locally with docker compose]
Issue: https://coreosdev.atlassian.net/browse/QUAY-632
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-10 09:40:33 -04:00
Evan Cordell
d4ef594c13
Mark fields as required on globalmessages API so that they are
...
properly checked when the request comes in
2017-07-05 18:16:55 -04:00
Antoine Legrand
cdb3722c17
Use $QUAYPATH and $QUAYDIR in conf and init files
2017-07-05 16:23:54 +02:00
josephschorr
89ab94ffbb
Merge pull request #2720 from coreos-inc/gc-opt
...
GC optimizations
2017-06-29 20:55:14 +03:00
Jimmy Zelinskie
92e978fa0f
endpoints.v2: yapf format
2017-06-29 13:24:00 -04:00
Jimmy Zelinskie
ecd5996386
endpoints.v2: new fs layout for data interface
...
Fixes QUAY-656
2017-06-29 13:19:53 -04:00
Charlton Austin
fdb63632b0
Merge branch 'master' into create_data_interface_for_subsystem_api/tag_632
2017-06-29 10:33:15 -04:00
josephschorr
0e702c72f2
Merge pull request #2739 from coreos-inc/joseph.schorr/QUAY-664/verbs-interface-refactor
...
Refactor Verbs model definitions to match new style
2017-06-29 10:07:36 +03:00
Joseph Schorr
d07cc91dc6
yapf
2017-06-29 09:57:39 +03:00
Charlton Austin
400b346953
test(endpoints/api): add in test for tag
...
this adds tests for the pro oci model
Issue: https://coreosdev.atlassian.net/browse/QUAY-632
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-06-28 15:14:03 -04:00
Jimmy Zelinskie
80c9b611a4
Merge pull request #2730 from jzelinskie/v2-interface
...
endpoints.v2: new fs layout for data interface
2017-06-28 13:51:43 -04:00
Joseph Schorr
8b4958dbcc
Move verbs model into new file structure
2017-06-28 13:05:02 +03:00
Joseph Schorr
8ac20edfb2
Move verbs security tests into pytest style
2017-06-28 12:48:02 +03:00
Joseph Schorr
2f018046ec
Move conduct_call into a common test lib for all endpoints
2017-06-28 11:38:36 +03:00
Charlton Austin
337b68abdc
style(endpoints/api/tag*): ran yapf
...
### Description of Changes
Issue: https://coreosdev.atlassian.net/browse/QUAY-632
## Reviewer Checklist
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-06-27 14:24:23 -04:00
Charlton Austin
941cb4b4ee
refactor(endpoints/api/tag*): adding in new support for tags api
...
this creates an interface for hidding details of the data model for pre oci and post oci code
Issue: https://coreosdev.atlassian.net/browse/QUAY-632
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-06-27 13:53:11 -04:00
Joseph Schorr
8dcea30d58
Fix build by pre-calling the caches
...
They were being called in a test-dependent order, which caused any tests which relied on query count to fail
2017-06-27 18:11:46 +03:00
Joseph Schorr
11659f73bf
Fix log for reenabling a notification
...
We forgot to log the event and method names
2017-06-27 15:26:40 +03:00
Jimmy Zelinskie
b1434b0380
endpoints.v2: yapf format
2017-06-26 18:22:17 -04:00
Jimmy Zelinskie
0e26a03f7e
endpoints.v2: new fs layout for data interface
...
Fixes QUAY-658
2017-06-26 18:21:35 -04:00
Charlton Austin
0841d2bfb9
Merge pull request #2715 from charltonaustin/fix_endpoint_error
...
fix(endpoints): added in proper error handling
2017-06-21 17:00:38 -04:00
Charlton Austin
5e6aa6648b
fix(endpoints): added in proper error handling
...
before we would return a 400 without a message because the errors were not being caught
Issue: https://www.pivotaltracker.com/story/show/145459707
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-06-21 16:59:48 -04:00
Joseph Schorr
159badf7ed
Only send internal cancelation emails if the user canceled themselves
...
In the other case (where payment failed), we already auto-email the customer
2017-06-16 14:27:55 -04:00
Evan Cordell
b6d423a50d
Merge pull request #2687 from ecordell/enable-builds-trust
...
Re-enable builds and tag modification when signing is enabled
2017-06-13 11:20:04 -04:00
Antoine Legrand
817d75d6dc
Merge pull request #2697 from coreos-inc/appr_blob_pull
...
Appr: fix pull blob (missing param)
2017-06-13 16:28:00 +02:00
josephschorr
b269cb84a3
Merge pull request #2688 from coreos-inc/build-badge-query
...
Remove expensive call in build badge
2017-06-12 15:06:13 -04:00
Joseph Schorr
a949a44cb2
Remove expensive call in build badge
...
We don't need to list all the tags to determine if any exist, and showing the repo is ready when it is empty is probably correct behavior anyway
2017-06-12 14:53:54 -04:00
josephschorr
51a952d50c
Merge pull request #2680 from coreos-inc/catalog-fixes
...
Various small catalog fixes
2017-06-09 13:43:11 -04:00
alecmerdler
9db3600463
append file hash to frontend Webpack bundle for cachebusting instead of random string
2017-06-08 13:08:38 -07:00
Antoine Legrand
f0dd2e348b
Merge pull request #2551 from coreos-inc/structured-logs
...
Add log formatter class
2017-06-07 08:22:18 -07:00
Evan Cordell
2e30c47045
Re-enable builds and tag modification when signing is enabled
2017-06-07 10:01:37 -04:00
Antoine Legrand
3c99928a27
Add log JSON formatter
2017-06-07 00:02:52 +02:00
Antoine Legrand
9c68cbd6e8
Fix no search result for apps
2017-06-05 23:03:47 +02:00
Joseph Schorr
555041876d
Make public catalog only enabled via a feature flag
2017-06-02 15:30:51 -07:00
Joseph Schorr
f44df49236
Add support for last
param in pagination to match catalog spec
2017-06-02 12:03:50 -07:00
Joseph Schorr
9518f1d045
Disable debug logs in superuser panel when under multiple instances
...
They don't work anyway (since logs will be loaded from random instances), so we just disable them
2017-05-24 14:34:29 -04:00
Evan Cordell
c55c233f1f
Merge pull request #2646 from ecordell/kubernetes-ca-fix
...
ConfigProviders abstract over path construction
2017-05-24 11:37:17 -04:00
josephschorr
8e8470890a
Merge pull request #2653 from coreos-inc/new-signing-ui
...
Implement updated UI for displaying the signing status of a tag, now …
2017-05-24 11:31:52 -04:00
Evan Cordell
897da1df67
Fix tuf api calls
2017-05-23 12:36:49 -04:00
Alec Merdler
bfe4a050c4
Merge pull request #2658 from alecmerdler/webpack-overhaul
...
Replace Grunt with Webpack as Front-End Build Tool
2017-05-22 14:31:37 -07:00
Alec Merdler
97256841bd
Refactor Manage Trigger to Single Workflow ( #2577 )
...
* Refactor Manage Trigger to Single Workflow
2017-05-22 13:59:12 -07:00
alecmerdler
2e133d2b9c
replaced Grunt with Webpack as front-end build tool
2017-05-22 12:00:51 -07:00
Charlton Austin
a71f60a9c1
Merge pull request #2652 from charltonaustin/failing_repository_notifications_to_be_disabled_after_n_failures_in_a_row_144646649
...
Failing repository notifications to be disabled after n failures in a row 144646649
2017-05-22 09:30:53 -04:00
Charlton Austin
993f2a174c
feat(full-stack): disable notifications after 3 failures
...
This stops notifications from firing over and over again if they are repeatedly failing.
[TESTING -> locally with docker compose, DATABASE MIGRATION -> there is a single migration]
Issue: https://www.pivotaltracker.com/story/show/b144646649n
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-05-19 16:58:46 -04:00
Charlton Austin
2282af2619
style(workers/notificationworker.py): formatted file
...
[TESTING -> locally]
Issue: https://www.pivotaltracker.com/story/show/b144646649n
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-05-19 16:58:22 -04:00
Joseph Schorr
065e327190
Make sure catalog always returns public repositories
2017-05-19 16:24:08 -04:00
Joseph Schorr
b7f88d2df2
Implement updated UI for displaying the signing status of a tag, now that we support multiple delegations
...
The icon now represents the status of the multiple delegations, and we show each delegation in the "Expanded" view.
2017-05-19 15:50:51 -04:00
Antoine Legrand
f558b1728d
App: allow blob pull
2017-05-19 12:48:02 +02:00
Jimmy Zelinskie
ad18e01bef
Merge pull request #2648 from jzelinskie/fix-appr-tests
...
endpoints: s/releasse/release/g
2017-05-17 21:03:00 -04:00
Jimmy Zelinskie
2c874df5ce
endpoints: s/releasse/release/g
2017-05-17 12:07:07 -04:00
Evan Cordell
01b59e8d66
ConfigProviders abstract over path construction
...
Fixes issue where certs can't be uploaded in UI in k8s
2017-05-17 08:12:09 -04:00
Jimmy Zelinskie
702cdf59ff
Merge pull request #2637 from jzelinskie/audit-apps
...
Audit Logs for Apps
2017-05-16 17:06:25 -04:00
Jimmy Zelinskie
4db789b656
add audit logging to app registry endpoints
2017-05-16 15:54:02 -04:00
Charlton Austin
6023e15274
Merge pull request #2638 from charltonaustin/fix_build
...
fix(endpoints): fix build
2017-05-12 15:32:19 -05:00
Charlton Austin
e8c4cc49bd
fix(endpoints): fix build
...
forgot to add this
Issue: https://www.pivotaltracker.com/story/show/144661631
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-05-12 15:27:56 -05:00
Charlton Austin
18e01369d4
Merge pull request #2632 from charltonaustin/quay_cant_find_a_dockerfile_in_a_branch_of_a_github_repo_144661631
...
fix(trigger.py): fixed robot view no dockerfile
2017-05-12 15:21:41 -05:00
Charlton Austin
4ec55665de
fix(endpoints): add tests
...
this adds tests to the analyze trigger api
[testing -> locally using pytest]
Issue: https://www.pivotaltracker.com/story/show/144661631
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-05-12 13:58:05 -05:00
Jake Moshenko
4189422340
Use MAIL_DEFAULT_SENDER as the sender in email notifications
2017-05-10 14:24:27 -04:00
Charlton Austin
3b728014ac
fix(trigger.py): fixed robot view no dockerfile
...
fixed how we create views where there is no dockerfile available
[TESTING -> local with dockerfile build]
Issue: https://www.pivotaltracker.com/story/show/144661631
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-05-08 17:18:03 -04:00
Joseph Schorr
db767b3610
Optimize lookup of org membership on prototype and perms APIs
...
Fixes a major slowdown when working with permissions under organizations with a lot of members
Fixes https://www.pivotaltracker.com/story/show/144076113
2017-05-08 14:03:59 -04:00
josephschorr
5d88bccef7
Merge pull request #2617 from coreos-inc/search-ordering
...
Search ordering and performance fixes
2017-05-04 13:16:30 -04:00
Joseph Schorr
227aa8ab8c
Ensure that search doesn't make extra SQL lookups
...
Before this change, we were accessing the `.kind` on the repository object, which caused peewee to make an extra lookup for each result
2017-05-04 13:08:09 -04:00
EvB
467c72a9ac
code-stye Yapf: 2 files updated
2017-05-04 11:33:36 -04:00
EvB
25b9d044de
test(api/tag): test restore_tag
2017-05-04 11:19:25 -04:00
EvB
6e894d5f24
refactor(api/tag): remove try/catch
2017-05-04 11:19:25 -04:00
EvB
eb9db0c53b
test(api/tag): unit test movetag
2017-05-04 11:19:25 -04:00
EvB
70508e3692
feat(api/tag): generate manifest on revert_tag action
2017-05-04 11:19:25 -04:00
EvB
f7bf6a223c
feat(api/tag): generate manifest on tag
2017-05-04 11:19:25 -04:00
Evan Cordell
2495091a53
Merge pull request #2602 from ecordell/sni
...
Add test for SNI support
2017-05-02 15:57:44 -04:00
josephschorr
5a9a231754
Merge pull request #2529 from coreos-inc/search-ui
...
Implement new search UI
2017-05-02 15:56:59 -04:00
Evan Cordell
7a96db0945
Add test for SNI support
2017-05-02 13:14:30 -04:00
Evan Cordell
738f53f61a
Merge pull request #2597 from ecordell/sni
...
TUF metadata api SNI support
2017-05-02 13:01:16 -04:00
Evan Cordell
b2569ffbb2
Support SNI in python requests, and only delete tuf metadata if it
...
exists
2017-05-02 09:32:12 -04:00
Joseph Schorr
ae0d1e831b
Add prometheus metric for queued builds
2017-05-01 15:16:55 -04:00
Joseph Schorr
3e8bc07b6c
Fix show_if ordering and add a check that fails if misordered
...
Before this change, these endpoints still existed even if the flag was off
2017-05-01 13:14:20 -04:00
Joseph Schorr
e9ffe0e27b
Implement new search UI
...
We now have both autocomplete-based searching for quick results, as well as a full search page for a full listing of results
2017-04-28 13:57:28 -04:00
josephschorr
8b148bf1d4
Merge pull request #2576 from coreos-inc/full-db-tests-tox
...
Reenable full database testing locally and in concourse
2017-04-27 18:09:15 -04:00
EvB
5e995fae20
refactor(archivedlogs): move archivelog handler to endpoints
2017-04-26 11:41:55 -04:00
Joseph Schorr
d895b4d5ff
Fix appr tests to use the shared test fixtures
2017-04-24 23:08:28 -04:00
Joseph Schorr
7debd44b54
Switch fixture imports to wildcard in prep for full db test fixes
2017-04-24 16:45:14 -04:00
Antoine Legrand
8499612c4c
Merge pull request #2538 from coreos-inc/enable-robot-cnr
...
Enable robot cnr
2017-04-24 17:32:46 +02:00
Joseph Schorr
3dcbe3c631
If enabled, allow users and orgs to set their time machine expiration
...
Fixes https://www.pivotaltracker.com/story/show/142881203
2017-04-21 11:32:45 -04:00
Joseph Schorr
eb5cebbcdf
Have tag operations dialog reflect time machine configuration
...
If a tag deletion is going to remove images, but those images are not going to be removed immediately, we need to message that
Fixes https://www.pivotaltracker.com/story/show/143063199
2017-04-21 11:32:25 -04:00
Joseph Schorr
8981fcab78
Make sure we don't internal error when signing is disabled
2017-04-19 12:27:01 -04:00
Antoine Legrand
599ce0de54
code-stye Yapf: 5 files updated
...
data/interfaces/appr.py endpoints/appr/cnr_backend.py endpoints/appr/registry.py endpoints/appr/test/test_api.py endpoints/appr/test/test_registry.py
2017-04-18 14:02:48 +02:00
Antoine Legrand
578f87f94c
Fix login with robot to quay-appr
2017-04-18 13:59:21 +02:00
Joseph Schorr
9601fd44f6
Small fixes to signing related APIs
2017-04-17 18:04:06 -04:00
josephschorr
e79555ef95
Merge pull request #2547 from coreos-inc/disable-for-trust
...
Disable certain APIs and build triggers when trust is enabled
2017-04-17 13:05:16 -04:00
Joseph Schorr
6f722e4585
Disable certain APIs and build triggers when trust is enabled
...
Since trust will break if Quay makes changes, disable all Quay tag-change APIs and build APIs+webhooks when trust is enabled on a repository. Once we get Quay signing things itself, we can revisit this.
2017-04-17 13:04:51 -04:00
Jake Moshenko
22f5934f34
Add error logging to Marketo calls
2017-04-17 10:19:52 -04:00
Evan Cordell
2661db7485
Add flag to enable trust per repo ( #2541 )
...
* Add flag to enable trust per repo
* Add api for enabling/disabling trust
* Add new LogEntryKind for changing repo trust settings
Also add tests for repo trust api
* Add `set_trust` method to repository
* Expose new logkind to UI
* Fix registry tests
* Rebase migrations and regen test.db
* Raise downstreamissue if trust metadata can't be removed
* Refactor change_repo_trust
* Add show_if to change_repo_trust endpoint
2017-04-15 08:26:33 -04:00
Jake Moshenko
8d279c8cc4
Unify app and api exception handling
...
Move some confi to an immutable section
Make ApiExceptions real werkzeug exceptions
2017-04-14 11:18:01 -04:00
Joseph Schorr
ab2f044331
Switch get repo API to use a single list tags query
...
Should make things faster since the join occurs on the database side
2017-04-13 18:06:58 -04:00
Jimmy Zelinskie
93d1439e04
endpoints.web: fix unknown identifier
2017-04-13 13:54:20 -04:00
Evan Cordell
ec63e495fc
Add repo purge callbacks and register TUF metadata deletion as one
2017-04-12 17:33:51 -04:00
Evan Cordell
abe6f40bc5
Add support for deleting TUF metadata when repo is deleted
2017-04-12 17:33:51 -04:00
Joseph Schorr
b465a34e8f
Temporary fix for additional exception classes handled in Flask
...
The recent change to Flask-restful broke the other registered exception handlers, so this temporarily handles the decorated cases as well, until we put in place a proper registration model for Flask and Flask-restful handled exceptions
2017-04-11 23:02:26 -04:00
josephschorr
2bc619137a
Merge pull request #2512 from ecordell/tufmetadata
...
Add tufmetadata endpoint
2017-04-07 17:16:11 -04:00
Evan Cordell
c2d7fc2288
Fix comment
2017-04-07 16:14:25 -04:00
Evan Cordell
217b4a5ab2
Return hashes and expiration when fetching signed tags
2017-04-07 16:12:28 -04:00
Jake Moshenko
e371ed69bb
Fix for flask-restful >0.3 error handling
2017-04-07 10:22:50 -04:00
Jake Moshenko
a8ec7865a7
Merge pull request #2511 from jakedt/fixwarnings
...
Fixwarnings
2017-04-06 16:12:19 -04:00
Jake Moshenko
a0817bfd59
Refresh dependencies and fix tests.
2017-04-06 13:15:48 -04:00
josephschorr
6352b3cac5
Merge pull request #2515 from coreos-inc/app-redirect
...
Properly redirect to app repository URLs
2017-04-05 14:34:37 -04:00
Joseph Schorr
45e1319067
Properly redirect to app repository URLs
2017-04-05 14:29:46 -04:00
Joseph Schorr
c6b45298ad
Make app repos private by default
2017-04-05 14:11:06 -04:00
Evan Cordell
1a78722521
Update tests
2017-04-05 13:57:16 -04:00
Joseph Schorr
f9e6110f73
Add basic user interface for application repos
...
Adds support for creating app repos, viewing app repos and seeing the list of app repos in the Quay UI.
2017-04-05 11:30:09 -04:00
Evan Cordell
9515f18fb6
Add tufmetadata endpoint
2017-04-05 10:03:27 -04:00
Joseph Schorr
8c10b0787d
Change appr error if you try to push to an image repository
...
501 was confusing to the users, so change to 405 and add an error explaining why the push failed
Fixes https://github.com/app-registry/helm-plugin/issues/8#issuecomment-291553739
2017-04-04 13:57:35 -04:00
josephschorr
1bfca871ec
Merge pull request #2387 from coreos-inc/team-sync
...
Team synchronization support in Quay Enterprise
2017-04-03 18:26:29 -04:00
Joseph Schorr
55b1ad49ed
Make team API decorators more descriptive for better readability
2017-04-03 15:35:44 -04:00
josephschorr
3f0f8159b7
Merge pull request #2499 from coreos-inc/docker-400
...
Better error messages for Docker errors
2017-04-03 11:39:07 -04:00
Joseph Schorr
47278cc559
Cleanup test fixtures
2017-04-03 11:31:30 -04:00
Joseph Schorr
04225f2d25
Add feature flag for team syncing
2017-04-03 11:31:29 -04:00
Joseph Schorr
b683088f87
Update tests for teams API
2017-04-03 11:31:29 -04:00
Joseph Schorr
eeadeb9383
Initial interfaces and support for team syncing worker
2017-04-03 11:31:29 -04:00
Joseph Schorr
8ea3977140
Add ability to enable, disable and view team syncing in UI and API
...
Also extracts out some common testing infrastructure to make testing APIs easier now using pytest
2017-04-03 11:31:29 -04:00
Joseph Schorr
f5a854c189
Add TeamSync database and API support
...
Teams can now have a TeamSync entry in the database, indicating how they are synced via an external group. If found, then the user membership of the team cannot be changed via the API.
2017-04-03 11:31:28 -04:00
Joseph Schorr
cae9d69376
Better error messages for Docker errors
2017-03-31 17:15:14 -04:00
Charlton Austin
484ecd961e
Merge pull request #2497 from charltonaustin/add_in_dockerfile_path
...
feat(add dockerfile_path to build api): added param to specify path
2017-03-30 16:30:44 -04:00
Charlton Austin
63a2f0c14b
feat(add dockerfile_path to build api): added in a dockerfile to specify path
...
### Description of Changes
this allows people to specify a context and a dockerfile path
2017-03-30 16:30:00 -04:00
Joseph Schorr
147b812edb
Remove out dated Enterprise landing page
...
We now just redirect to the QE plans page
Fixes https://www.pivotaltracker.com/story/show/142166263
2017-03-30 15:25:56 -04:00
Charlton Austin
d4177e6e33
fix(endpoints): appending dockerfile to api call
...
### Description of Changes
this was not passing back the correct path for the dockerfile
2017-03-30 13:35:04 -04:00
Joseph Schorr
e142ad8e3d
$CURRENT_YEAR
2017-03-29 17:03:57 -04:00
josephschorr
b4e79206a0
Merge pull request #2490 from coreos-inc/upload-cert-blocker
...
Make custom cert upload not hang and handle errors properly
2017-03-29 16:11:13 -04:00
Joseph Schorr
835acfc58e
Make custom cert upload not hang and handle errors properly
2017-03-29 16:06:15 -04:00
Charlton Austin
df5a6aabe2
fix(buildman, endpoint): added in fix upload gzip and dockerfile
2017-03-29 15:12:33 -04:00
Charlton Austin
ca99535774
Merge pull request #2449 from charltonaustin/phase_two_config
...
feat(build runner): added in context, dockerfile_location
2017-03-28 14:14:36 -04:00
Charlton Austin
e6d201e0b0
feat(build runner): added in context, dockerfile_location
...
this is a new feature meant to allow people to use any file as
a dockerfile and any folder as a context directory
2017-03-28 13:55:31 -04:00
Jimmy Zelinskie
65a17dc155
Merge pull request #2473 from coreos-inc/certs-fixes
...
Fixes and improvements around custom certificate handling
2017-03-27 15:08:36 -04:00
Jimmy Zelinskie
8931609775
Merge pull request #2469 from coreos-inc/appr_403_vs_401
...
Use 401 for bad or missing credentials, 403 for forbidden access
2017-03-27 11:39:23 -04:00
Jimmy Zelinskie
024f73ecd4
Merge pull request #2476 from coreos-inc/fix_bug_force_push
...
Fix force push causing duplicated entries
2017-03-27 11:39:12 -04:00
Evan Cordell
abd78bce56
Use constants for TUF roots
2017-03-27 11:37:17 -04:00
Evan Cordell
6ad107709c
Change build_context_and_subject to take kwargs
2017-03-27 11:37:17 -04:00
Evan Cordell
21d969d309
Refactor tests, no g required
2017-03-27 11:37:17 -04:00
Evan Cordell
43dd974dca
Determine which TUF root to show based on actual access, not requested
...
access
2017-03-27 11:37:17 -04:00
Antoine Legrand
d2ed37e158
Fix force push causing duplicated entries
2017-03-27 15:39:57 +02:00
Joseph Schorr
e509eb4cba
Better custom cert handling in the superuser tool
...
We now only allow certificates ending in .crt to be uploaded and we automatically install the certificate once it has been validated
2017-03-24 17:15:26 -04:00
Antoine Legrand
35bebf9e99
Use 401 for bad or missing credentials, 403 for forbidden access
2017-03-24 18:46:13 +01:00
Joseph Schorr
94c5eca286
Add CNR API auth tests for public repos
2017-03-23 21:19:56 -04:00
Jimmy Zelinskie
0ce68706ee
Merge pull request #2465 from coreos-inc/force_push
...
Allow force push for app
2017-03-23 21:05:08 -04:00
Antoine Legrand
16f2479a96
test: push twice same blob from different package
2017-03-24 00:39:04 +01:00
Antoine Legrand
bbd74eabd1
Allow force push for app
2017-03-23 22:50:07 +01:00
Joseph Schorr
ac4a79ae01
Update PR for rebase
2017-03-23 15:57:49 -04:00
Joseph Schorr
95e1cf6673
Make V2 login errors more descriptive
...
If login fails, we now call validate again to get the reason for the failure, and then surface it to the user of the CLI. This allows for more actionable responses, such as:
$ docker login 10.0.2.2:5000
Username (devtable): devtable
Password:
Error response from daemon: Get http://10.0.2.2:5000/v2/ : unauthorized: Client login with unencrypted passwords is disabled. Please generate an encrypted password in the user admin panel for use here.
2017-03-23 15:42:45 -04:00
Joseph Schorr
651666b60b
Refactor our auth handling code to be cleaner
...
Breaks out the validation code from the auth context modification calls, makes decorators easier to define and adds testing for each individual piece. Will be the basis of better error messaging in the following change.
2017-03-23 15:42:45 -04:00
Joseph Schorr
1bd4422da9
Move auth decorators into a decorators module
...
The non-decorators will be broken out in the followup change
2017-03-23 15:42:45 -04:00
Joseph Schorr
abf179eb09
Move fixtures under test, since they are shared globally
2017-03-23 15:42:45 -04:00
Joseph Schorr
c9a5ce6701
Start validating login in CNR
...
Fixes https://www.pivotaltracker.com/story/show/142342305
2017-03-23 15:07:46 -04:00
Joseph Schorr
ef4569f2c5
Add very basic security tests for CNR APIs
2017-03-23 13:14:12 -04:00
Joseph Schorr
b765836cfd
Make sure blobs in CNR are auth checked
2017-03-23 12:41:56 -04:00
Jimmy Zelinskie
77d2b9b290
endpoints.appr.test: mark failing db restore test
...
This test should fail as long as the CNR tests use 'v1' in the
mediatype.
2017-03-23 11:24:15 -04:00
Joseph Schorr
35b500aa2a
Fix test override
2017-03-23 11:17:05 -04:00
Joseph Schorr
e7d7849937
Make sure channels and releases match the tag regex
2017-03-23 00:55:36 -04:00
Joseph Schorr
3277fe9b4e
Make sure repository names in APPR match regex
2017-03-23 00:51:54 -04:00
Joseph Schorr
1145651b7a
Work towards fixing tests
2017-03-23 00:37:39 -04:00
Joseph Schorr
069208f2f1
Break out repo kind checking into its own decorator
...
We then use that decorator both in the API and in the permissions check decorator
2017-03-23 00:01:37 -04:00
Joseph Schorr
4c34b00b38
Prevent CNR methods from auth-ing on non-app repos
2017-03-22 23:56:34 -04:00
Jimmy Zelinskie
3d0e63d8e5
endpoints.appr.decorators: isolate appr decorators
2017-03-22 23:53:03 -04:00
Jimmy Zelinskie
6dfd1ef660
endpoints.appr.test: include CNR fixtures
2017-03-22 23:42:19 -04:00
Jimmy Zelinskie
82bcd45727
endpoints: clarify repo access decorators
2017-03-22 23:41:38 -04:00
Jimmy Zelinskie
cafde81322
endpoints.appr.test: init
2017-03-22 22:57:22 -04:00
Jimmy Zelinskie
102c671587
endpoints.appr: init
2017-03-22 22:57:21 -04:00
Jimmy Zelinskie
3ccf3c5f33
Merge pull request #2447 from jzelinskie/cnr-step2
...
CNR Step 2
2017-03-22 18:45:51 -04:00
Joseph Schorr
df1e7f90e0
Add verb security tests and fix small issues
2017-03-22 18:29:53 -04:00
Jimmy Zelinskie
d5fa2ad0c0
endpoints.verbs: abort 405 for non-container repos
2017-03-22 17:50:58 -04:00
Joseph Schorr
dcb970b783
Add registry app repository failure test
2017-03-22 17:26:59 -04:00
Jimmy Zelinskie
ca7a0f14d8
endpoints.v1: return 405 for non-docker repos
2017-03-22 17:26:59 -04:00
Jimmy Zelinskie
48ba59d615
endpoints.v2: only work on docker repositories
2017-03-22 17:26:59 -04:00
Joseph Schorr
178373293d
Disable web endpoints for app repos
2017-03-22 15:51:19 -04:00
Joseph Schorr
54efed62ee
Make sure start_build
cannot be called for app repos
2017-03-22 15:51:19 -04:00
Joseph Schorr
30b532254c
Disallow non-apps-supported APIs for application repositories
2017-03-22 15:51:19 -04:00
Jimmy Zelinskie
a2bac7dabd
endpoints.v1: only work on docker repositories
2017-03-22 14:31:22 -04:00
Joseph Schorr
ff7f78e990
Have blob uploads be checked against configurable max layer size
2017-03-21 13:16:55 -04:00
Joseph Schorr
239b6d7cf8
Make LayerTooLarge error more informative
2017-03-21 13:14:11 -04:00
Joseph Schorr
dd7f254f96
Have blob uploads be checked against configurable max layer size
2017-03-21 13:14:11 -04:00
josephschorr
4bee4dbfff
Merge pull request #2443 from coreos-inc/build-webhook-tests
...
Add tests for build web hooks endpoint
2017-03-20 16:26:57 -04:00
Joseph Schorr
8bbe0e5e9b
Always allow robot accounts to be selected by admins in trigger setup
...
Currently during trigger setup, if we don't know for sure that a robot account is necessary, we don't show the option to select one. This fails if the user has a Dockerfile in a branch or tag with a private base image *or* they *intend* to add a private base image once the trigger is setup. Following this change, we always show the option to select a robot account, even if it isn't determined to be strictly necessary.
2017-03-20 13:24:55 -04:00
Joseph Schorr
6f567e0850
Add tests for build web hooks endpoint
2017-03-20 13:22:59 -04:00
Joseph Schorr
cfb81c977f
Add UI for editing labels on a manifest
2017-03-14 11:34:43 -04:00
Joseph Schorr
69e476b1f4
Fix param regex for path params with complex filters
2017-03-14 11:34:43 -04:00
Joseph Schorr
e90cab4d77
Change revert tag into restore tag and add manifest support
2017-03-14 11:34:42 -04:00
Joseph Schorr
af743b156b
Show manifest digests in place of V1 ids in the tag view when possible
2017-03-14 11:34:41 -04:00
josephschorr
432b2d3fe8
Merge pull request #2392 from coreos-inc/search-optimization
...
Optimize repository search by changing our lookup strategy
2017-03-10 15:44:26 -05:00
Joseph Schorr
d42ec4e585
Abstract out constant scores into constants
2017-03-10 14:06:39 -05:00
Joseph Schorr
3813d0d23d
Add tests for all notification event calls
2017-03-10 11:26:12 -05:00
Joseph Schorr
48db77b521
Fix bug in QSS notifications
2017-03-10 11:25:55 -05:00
Joseph Schorr
b5bb76cdea
Optimize repository search by changing our lookup strategy
...
Previous to this change, repositories were looked up unfiltered in six different queries, and then filtered using the permissions model, which issued a query per repository found, making search incredibly slow. Instead, we now lookup a chunk of repositories unfiltered and then filter them via a single query to the database. By layering the filtering on top of the lookup, each as queries, we can minimize the number of queries necessary, without (at the same time) using a super expensive join.
Other changes:
- Remove the 5 page pre-lookup on V1 search and simply return that there is one more page available, until there isn't. While technically not correct, it is much more efficient, and no one should be using pagination with V1 search anyway.
- Remove the lookup for repos without entries in the RAC table. Instead, we now add a new RAC entry when the repository is created for *the day before*, with count 0, so that it is immediately searchable
- Remove lookup of results with a matching namespace; these aren't very relevant anyway, and it overly complicates sorting
2017-03-09 19:47:55 -05:00
Jimmy Zelinskie
850c32ebfb
Merge pull request #2298 from jzelinskie/maintainers
...
MAINTAINERS: init owners to subpkgs
2017-03-09 17:30:38 -05:00
Joseph Schorr
0ab6388e30
Add support for null ref, as that can be the value if a default branch is not chosen
2017-03-07 20:39:42 -05:00
josephschorr
aa2f88d321
Merge pull request #2337 from coreos-inc/new-trigger-ux
...
Implement new create and manager trigger UI
2017-03-02 18:15:32 -05:00
Joseph Schorr
9e6c368f7a
Make QSS multiple notification messaging nicer
2017-03-01 16:11:11 -05:00
Joseph Schorr
eff1827d9d
Batch QSS notifications after initial scan
2017-03-01 15:42:49 -05:00
Joseph Schorr
8e863b8cf5
Implement new create and manager trigger UI
...
Implements the new trigger setup user interface, which is now a linear workflow found on its own page, rather than a tiny modal dialog
Fixes #1187
2017-02-28 16:51:42 -05:00
Charlton Austin
59d6cf8a86
Merge pull request #2376 from charltonaustin/quay_jwts_indicate_which_root_a_user_should_see_137968801
...
Adding in what metadata_root_name to JWT
2017-02-23 17:10:21 -05:00
Charlton Austin
e87404c327
Adding in what metadata_root_name to JWT
2017-02-22 16:59:19 -05:00
Joseph Schorr
3f1d394e14
Catch IOErrors when starting builds
...
Fixes https://sentry.io/coreos/backend-production/issues/207144068/
2017-02-22 13:20:04 -05:00
Joseph Schorr
9db20ff961
Catch SSL errors due to timeouts in Github calls
...
Fixes https://sentry.io/coreos/backend-production/issues/219378902/
2017-02-22 13:20:04 -05:00
Joseph Schorr
89b7c13da5
Catch team member invite missing exception
...
Fixes https://sentry.io/coreos/backend-production/issues/195926082/
2017-02-22 13:18:22 -05:00
Joseph Schorr
a319c55616
Don't make permissions request in search for public callers
...
They are unnecessary, so we can skip them
2017-02-17 12:22:21 -05:00
Joseph Schorr
198bdf88bc
Move OAuth login into its own endpoints module
2017-02-16 16:27:54 -05:00
Joseph Schorr
0167e1e7bf
Style fixes
2017-02-16 16:27:54 -05:00
Joseph Schorr
d47696b69c
Add support for sub
binding field
2017-02-16 16:27:53 -05:00
Joseph Schorr
7b386e9d63
Move endpoint test fixtures to a non-conftest file
2017-02-16 16:27:53 -05:00
Joseph Schorr
2c35383724
Allow OAuth and OIDC login engines to bind to fields in internal auth
...
This feature is subtle but very important: Currently, when a user logs in via an "external" auth system (such as Github), they are either logged into an existing bound account or a new account is created for them in the database. While this normally works jut fine, it hits a roadblock when the *internal* auth system configured is not the database, but instead something like LDAP. In that case, *most* Enterprise customers will prefer that logging in via external auth (like OIDC) will also *automatically* bind the newly created account to the backing *internal* auth account. For example, login via PingFederate OIDC (backed by LDAP) should also bind the new QE account to the associated LDAP account, via either username or email. This change allows for this binding field to be specified, and thereafter will perform the proper lookups and bindings.
2017-02-16 16:27:53 -05:00
Joseph Schorr
c6b0376d61
Remove unnecessary email generation in OAuth login
...
Handled by the `emaIl_required` flag already
2017-02-16 16:27:53 -05:00
Joseph Schorr
92c0b5ac3e
Fix handling of None queries
2017-02-16 15:26:45 -05:00
josephschorr
38e079ced2
Merge pull request #2344 from coreos-inc/v1-search-fix
...
Implement the full spec for the old Docker V1 registry search API
2017-02-16 15:08:33 -05:00
Joseph Schorr
a0bc0e9488
Implement the full spec for the old Docker V1 registry search API
...
This API is still (apparently) being used by the Docker CLI for `docker search` (why?!) and we therefore have customers expecting this to work the same way as the DockerHub.
2017-02-16 14:45:33 -05:00
Joseph Schorr
11c931f781
Log more information to the action logs and display the namespaces for superusers
...
This helps superusers understand better what, exactly, is going on in the registry
2017-02-14 14:55:24 -05:00
Joseph Schorr
8d96d8b682
Add tests for missing logs APIs
2017-02-08 16:52:17 -08:00
Charlton Austin
5a06530b43
Merge pull request #2314 from charltonaustin/move_tests_over_to_pytest_no_story
...
update(security_test.py): moving tests to new framework
2017-02-03 16:21:03 -05:00