josephschorr
fd1237cff9
Merge pull request #2974 from coreos-inc/joseph.schorr/QS-118/manifest-write-query
...
Audit the number of SQL queries we make in writing manifests, and significantly reduce in the common case
2018-01-31 11:08:33 -05:00
Joseph Schorr
9e16a989f5
Audit the number of SQL queries we make in writing manifests, and significantly reduce in the common case
...
Instead of 41 queries now for the simple manifest, we are down to 14.
The biggest changes:
- Only synthesize the V1 image rows if we haven't already found them in the database
- Thread the repository object through to the other model method calls, and use it instead of loading again and again
2018-01-25 11:10:43 -05:00
Joseph Schorr
208dc38d25
Allow expired app specific tokens to be deleted
2018-01-23 11:40:51 -05:00
josephschorr
b17c05fbd5
Merge pull request #2968 from coreos-inc/joseph.schorr/QS-110/user-login-lock
...
Reduce lock contention on invalid user login calls
2018-01-09 12:41:00 -05:00
Joseph Schorr
81be47486c
Reduce lock contention on invalid user login calls
...
Fixes https://jira.coreos.com/browse/QS-110
2018-01-08 16:57:50 -05:00
josephschorr
13b738c43c
Merge pull request #2954 from coreos-inc/joseph.schorr/QS-102/user-api-filter
...
Add ability to filter users list to enabled users
2018-01-05 15:40:50 -05:00
josephschorr
d8fde005d8
Merge pull request #2961 from coreos-inc/joseph.schorr/QS-107/create-repo-opt
...
Small optimizations around create repository code
2018-01-05 15:40:30 -05:00
Joseph Schorr
888b564a9b
Add a banner to the Quay UI when an app specific token is about to expire
2018-01-04 15:27:42 -05:00
Joseph Schorr
524d77f527
Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password
2018-01-04 15:27:41 -05:00
Joseph Schorr
3f99e864e1
Reduce the number of DB queries for creating a repo
2018-01-04 14:32:39 -05:00
Joseph Schorr
1e1bec0afe
Remove extra update call on create repo
2018-01-04 13:42:05 -05:00
Joseph Schorr
8e473b9779
Add filter for disabled users to superuser user list API
...
Fixes https://jira.coreos.com/browse/QS-102
2017-12-22 16:45:49 -05:00
Joseph Schorr
60bc655695
Fix flakiness in a test when comparing date times
2017-12-14 14:00:20 -05:00
Joseph Schorr
51e67ab7f5
Fix get_blob_path to not make any database calls and add a test
...
This will be supported by caching, hopefully removing the need to hit the database when the blob object is cached
2017-12-13 16:27:46 -05:00
josephschorr
b2db266747
Merge pull request #2935 from coreos-inc/joseph.schorr/QS-80/password-reset-expire
...
Add maximum lifetime of 30m on password recovery tokens
2017-12-07 14:21:32 -05:00
Joseph Schorr
1d1c6f0606
Invalidate all session tokens when a user signs out
...
Fixes https://jira.coreos.com/browse/QS-85
2017-12-07 13:03:11 -05:00
Joseph Schorr
5dd95038cf
Add maximum lifetime of 30m on password recovery tokens
...
Fixes https://jira.coreos.com/browse/QS-80
2017-12-06 17:06:03 -05:00
Joseph Schorr
32255f122b
Simplify and further optimize handling of unfiltered search results
...
Using the DB-side limit is much faster
2017-11-30 16:56:01 -05:00
Joseph Schorr
eea026be52
Fix bug around search pagination with non-filtered searches
...
Also further optimizes the queries
2017-11-30 16:13:42 -05:00
Joseph Schorr
0440cca3ef
Fix typo in how we order search results
...
`.desc()` needs to be on the field
2017-11-30 14:53:23 -05:00
Joseph Schorr
c767c88b82
Optimize searching of repositories when there is no query
2017-11-30 14:10:22 -05:00
Joseph Schorr
2ced523313
Add Explore tab and query-less searching
...
Allows for exploration of all visible repositories, in paginated form.
This change also fixes the layout of the header on different viewport sizes to be consistently a single line in height.
Fixes https://jira.coreos.com/browse/QS-63
2017-11-28 16:50:23 +02:00
Joseph Schorr
2e28976d7c
Change exception to debug on expected RAC integrity error
...
Fixes https://jira.prod.coreos.systems/browse/QS-44
2017-10-30 12:55:24 -04:00
Joseph Schorr
9f804de23d
Fix bug in deletion of repos with OCI-style linked tags
...
MySQL does not allow rows in the same table referencing other rows to be deleted in a single statement. We now do a two-pass deletion, and add a test to make sure.
Fixes https://jira.prod.coreos.systems/browse/QS-18
2017-10-18 17:03:27 -04:00
Joseph Schorr
c1ce84822d
Fix tuple for health check
2017-10-12 16:25:31 -04:00
Joseph Schorr
c6aad5fef0
Add option to disable partial autocompletion of users
2017-09-12 15:55:37 -04:00
Charlton Austin
6c29ec873a
refactor(endpoints/api/superuser*): refactored code behind db model
...
this moves all the db model code behind an interface in prep for v2-2
Issue: https://coreosdev.atlassian.net/browse/QUAY-750
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-08-01 11:27:55 -04:00
Joseph Schorr
dfe371286a
Optimize purging of a repository by skipping the unreferenced check
2017-07-28 13:41:14 -04:00
Jake Moshenko
0011ddda16
Release database connections after updating build statuses.
2017-07-26 12:29:51 -04:00
Charlton Austin
be206a8b88
Merge pull request #2814 from charltonaustin/create_data_interface_for_subsystem_api/repository_633
...
refactor(endpoints/api/repository*): added in pre_oci_model abstraction
2017-07-25 13:59:52 -04:00
Charlton Austin
8f1200b00d
style(data, endpoints, test): ran yapf against changed files
...
### Description of Changes
Issue: https://coreosdev.atlassian.net/browse/QUAY-633
## Reviewer Checklist
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-24 11:05:15 -04:00
Joseph Schorr
aecec02b6c
Change common_login to take in a user uuid, instead of a user DB object
2017-07-20 16:01:39 -04:00
Joseph Schorr
7d4fed6892
Change error message when trying to pull a deleted or expired tag
...
Will let the users know they can recover the tag via time machine
Note: This was tested with the Docker protocol, but the new error code is *technically* out of spec; we should make sure its okay.
2017-07-19 17:13:48 -04:00
Joseph Schorr
99d7fde8ee
Add UI for viewing and changing the expiration of tags
2017-07-19 17:13:48 -04:00
Joseph Schorr
4663bf4194
Add additional test for tag expiration
2017-07-19 17:13:06 -04:00
Joseph Schorr
4ad3682b9c
Make health check failures report their reasons
...
Note that we add a new block with expanded service info, to avoid breaking compatibility with existing callers of the health endpoint
2017-07-19 16:17:02 +03:00
josephschorr
fdb21aa5dc
Merge pull request #2777 from coreos-inc/joseph.schorr/QUAY-618/notificationworker-data-interface
...
Change notificationworker to use data interface
2017-07-13 00:23:15 +03:00
josephschorr
d00c7d299c
Merge pull request #2778 from coreos-inc/gc-long-chain-test
...
Add a long-chain test for GC
2017-07-13 00:23:03 +03:00
Charlton Austin
82488c9102
Merge pull request #2753 from charltonaustin/api_tag_v22
...
refactor(endpoints/api/tag): refactor code for v22
2017-07-12 15:51:48 -04:00
Charlton Austin
131acde317
refactor(data+endpoints): code review changes
...
this puts the view logic on the object and adds a parameter for logging
[TESTING->locally with docker compose]
Issue: https://coreosdev.atlassian.net/browse/QUAY-632
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-12 14:10:21 -04:00
Joseph Schorr
2b51265b48
Add a long-chain test for GC
2017-07-12 18:03:27 +03:00
Joseph Schorr
b6f1782642
Change notificationworker to use a data interface
2017-07-12 17:40:45 +03:00
Joseph Schorr
bdab367285
Change blobuploadcleanupworker to use a data interface
2017-07-11 16:58:09 +03:00
Charlton Austin
897a091692
style(data+endpoints): ran yapf
...
### Description of Changes
ran yapf for the branch
[TESTING->locally using docker compose]
Issue: https://coreosdev.atlassian.net/browse/QUAY-632
## Reviewer Checklist
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-10 09:46:02 -04:00
Charlton Austin
fc4b3642d3
refactor(endpoints/api/tag): refactor code for v22
...
this decouples the database models from the api
[TESTING->locally with docker compose]
Issue: https://coreosdev.atlassian.net/browse/QUAY-632
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-10 09:40:33 -04:00
EvB
ccca0c9655
refactor(util/tufmetadata/test): move app test to gc suite
2017-07-07 15:14:14 -04:00
josephschorr
89ab94ffbb
Merge pull request #2720 from coreos-inc/gc-opt
...
GC optimizations
2017-06-29 20:55:14 +03:00
Joseph Schorr
8dcea30d58
Fix build by pre-calling the caches
...
They were being called in a test-dependent order, which caused any tests which relied on query count to fail
2017-06-27 18:11:46 +03:00
Joseph Schorr
cdd7cb9321
Remove directly referenced images from the candidate set before starting GC iteration
...
Makes the lookup query underneath the transaction smaller if there are a lot of images referenced directly by tag. We still must do the direct referenced check within the transaction, but this should reduce the scope of the search space a bit.
2017-06-27 17:33:58 +03:00
Joseph Schorr
45c7008078
Change Repo GC to be iterative
...
This prevents us from creating a massive join when there are a large number of tags in the repository, which can result in locking the entire DB for long periods of time. Instead of the join, we just iteratively lookup any images found to be directly referenced by a tag or found as a parent of another image, both of which should be indexed lookups. Once done, we only remove those images and then iterate until the working set stops changing.
2017-06-27 17:33:58 +03:00
Joseph Schorr
e9a95874ee
Move GC tests into pytest
2017-06-27 17:33:58 +03:00
Joseph Schorr
11659f73bf
Fix log for reenabling a notification
...
We forgot to log the event and method names
2017-06-27 15:26:40 +03:00
Charlton Austin
5e6aa6648b
fix(endpoints): added in proper error handling
...
before we would return a 400 without a message because the errors were not being caught
Issue: https://www.pivotaltracker.com/story/show/145459707
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-06-21 16:59:48 -04:00
josephschorr
b269cb84a3
Merge pull request #2688 from coreos-inc/build-badge-query
...
Remove expensive call in build badge
2017-06-12 15:06:13 -04:00
Joseph Schorr
a949a44cb2
Remove expensive call in build badge
...
We don't need to list all the tags to determine if any exist, and showing the repo is ready when it is empty is probably correct behavior anyway
2017-06-12 14:53:54 -04:00
Joseph Schorr
d68b65d90c
Optimize GC query join a bit by reducing the surface
...
We remove the directly referenced images from the join across ancestors, as they will be covered by the first part of the union clause. For some large repositories, this will result in a significantly reduced set of images that have to be joined NxM.
2017-06-12 12:55:32 -04:00
Charlton Austin
993f2a174c
feat(full-stack): disable notifications after 3 failures
...
This stops notifications from firing over and over again if they are repeatedly failing.
[TESTING -> locally with docker compose, DATABASE MIGRATION -> there is a single migration]
Issue: https://www.pivotaltracker.com/story/show/b144646649n
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-05-19 16:58:46 -04:00
Joseph Schorr
db767b3610
Optimize lookup of org membership on prototype and perms APIs
...
Fixes a major slowdown when working with permissions under organizations with a lot of members
Fixes https://www.pivotaltracker.com/story/show/144076113
2017-05-08 14:03:59 -04:00
Joseph Schorr
9d97e053b3
Make sure to re-sort the filtered repositories in search
...
The filtering breaks the ordered we expected, so we need to re-sort
2017-05-03 18:38:46 -04:00
Joseph Schorr
0164b48a24
Switch repository search to order matches in repo names higher
...
Helps push better results to the top of the results list
2017-05-03 17:02:24 -04:00
josephschorr
19f67bfa1b
Merge pull request #2607 from coreos-inc/faster-security-notify
...
Batch the tag lookups in the security notification worker in an attempt to significant reduce load
2017-05-03 13:49:13 -04:00
Joseph Schorr
68d473bff4
Clarify comment and make pairs code a little nicer
2017-05-03 11:41:39 -04:00
Joseph Schorr
977bbc20a2
Add filtering onto the images query in get_matching_tags_for_images
...
Should make the query even faster in the security notification case
2017-05-02 18:29:14 -04:00
Joseph Schorr
d77463cc8b
Add sharing to the images lookup in get_matching_tags_for_images
...
Should prevent an issue if we ever get a request with thousands and thousands of images where we would exceed the DB's max packet size
2017-05-02 15:50:31 -04:00
Joseph Schorr
74dd0ef8e8
Add a batch get_matching_tags_for_images
method
...
This will be used in the security notification worker to retrieving the tags needed in a set of batch calls, rather than multiple calls per image
2017-05-02 15:38:25 -04:00
Joseph Schorr
e583be3914
Remove inner query for ancestors lookup on get_matching_tags
2017-04-28 20:10:54 -04:00
Joseph Schorr
8b2e4d3bcf
Add a test for get_matching_tags
2017-04-28 19:57:24 -04:00
Joseph Schorr
e9ffe0e27b
Implement new search UI
...
We now have both autocomplete-based searching for quick results, as well as a full search page for a full listing of results
2017-04-28 13:57:28 -04:00
josephschorr
8b148bf1d4
Merge pull request #2576 from coreos-inc/full-db-tests-tox
...
Reenable full database testing locally and in concourse
2017-04-27 18:09:15 -04:00
Joseph Schorr
d7f3ef96ce
Small fixes found by running full db tests
2017-04-24 16:45:15 -04:00
Joseph Schorr
7debd44b54
Switch fixture imports to wildcard in prep for full db test fixes
2017-04-24 16:45:14 -04:00
Jake Moshenko
a159bd3e77
Resolve race condition between multiple log archivers
2017-04-24 13:41:08 -04:00
Joseph Schorr
e46e668cc5
Fix search in postgres
...
Stupid missing group_by again
2017-04-21 17:21:17 -04:00
Joseph Schorr
3dcbe3c631
If enabled, allow users and orgs to set their time machine expiration
...
Fixes https://www.pivotaltracker.com/story/show/142881203
2017-04-21 11:32:45 -04:00
Joseph Schorr
c5bb9abf11
Fix deleting repos when sec scan or signing is disabled
...
Make sure we don't invoke the APIs to non-existent endpoints
2017-04-19 16:57:36 -04:00
Charlton Austin
38d4af0d8b
Merge pull request #2479 from charltonaustin/phase_three_config
...
feat(data): remove writing of old config
2017-04-18 10:25:50 -04:00
Evan Cordell
2661db7485
Add flag to enable trust per repo ( #2541 )
...
* Add flag to enable trust per repo
* Add api for enabling/disabling trust
* Add new LogEntryKind for changing repo trust settings
Also add tests for repo trust api
* Add `set_trust` method to repository
* Expose new logkind to UI
* Fix registry tests
* Rebase migrations and regen test.db
* Raise downstreamissue if trust metadata can't be removed
* Refactor change_repo_trust
* Add show_if to change_repo_trust endpoint
2017-04-15 08:26:33 -04:00
Joseph Schorr
626f306283
Add tests for list_active_tags
2017-04-14 17:53:31 -04:00
Joseph Schorr
4a1fad7520
Make sure to filter hidden tags from the active tags query
2017-04-13 19:29:38 -04:00
Joseph Schorr
ab2f044331
Switch get repo API to use a single list tags query
...
Should make things faster since the join occurs on the database side
2017-04-13 18:06:58 -04:00
Charlton Austin
40906afdd8
feat(data): remove writing of old config
...
### Description of Changes
Phase three of config data model change.
2017-04-13 13:25:36 -04:00
josephschorr
c78ec89305
Merge pull request #2531 from coreos-inc/repo-score
...
Switch to using RepositorySearchScore table for search ranking
2017-04-13 11:51:59 -04:00
Evan Cordell
ec63e495fc
Add repo purge callbacks and register TUF metadata deletion as one
2017-04-12 17:33:51 -04:00
Joseph Schorr
80693d6b8c
Fix NPE bug in RAC worker
...
We need to return `None`, not `0` if there are no additional repositories to measure
2017-04-11 15:42:11 -04:00
Joseph Schorr
e5a009a777
Switch to using RepositorySearchScore table for search ranking
...
Should make search queries much, much faster as it contains the denormalized RAC data
2017-04-11 14:55:20 -04:00
josephschorr
928b9915ed
Merge pull request #2441 from coreos-inc/repo-score-denormalization
...
Add a RepositorySearchScore table and calculation to the RAC worker
2017-04-10 16:31:09 -04:00
Joseph Schorr
df3f47c79a
Add a RepositorySearchScore table and calculation to the RAC worker
...
This will be used in a followup PR to order search results instead of the RAC join. Currently, the join with the RAC table in search results in a lookup of ~600K rows, which causes searching to take ~6s. This PR denormalizes the data we need, as well as allowing us to score based on a wider band (6 months vs the current 1 week).
2017-04-10 14:29:02 -04:00
Erica
3f79422a52
Merge pull request #2306 from coreos-inc/QUAY-2842-audit-log-strict-config-option
...
feat(config.py): add setting for audit log strictness
2017-04-07 13:43:11 -04:00
EvB
20c4d971c4
refactor(model/log): pull allowed action types into constant
2017-04-07 11:39:54 -04:00
Jake Moshenko
a8ec7865a7
Merge pull request #2511 from jakedt/fixwarnings
...
Fixwarnings
2017-04-06 16:12:19 -04:00
Jake Moshenko
c7241911a5
Fix old-style flask imports to silence deprecation warnings.
2017-04-06 13:15:48 -04:00
Joseph Schorr
f9e6110f73
Add basic user interface for application repos
...
Adds support for creating app repos, viewing app repos and seeing the list of app repos in the Quay UI.
2017-04-05 11:30:09 -04:00
EvB
d0aaaaa1ef
test(data/model/log): add more log_action tests
...
temp
2017-04-05 11:26:10 -04:00
EvB
ea740d15ba
fix(model/log): log exception on swallowed db errors
2017-04-05 11:26:10 -04:00
EvB
625bd66b42
test(data/model): test action logging
2017-04-05 11:26:10 -04:00
EvB
6916d82e0d
feat(endpoints/trackhelper): wrap log op for silent fails
2017-04-05 11:26:10 -04:00
Joseph Schorr
103186f5e8
Small renames to make team syncing code more clear
2017-04-03 11:36:41 -04:00
Joseph Schorr
d7825c6720
Add group iteration and syncing support to Keystone auth
2017-04-03 11:31:30 -04:00
Joseph Schorr
4055158fc4
Fix indentation
2017-04-03 11:31:29 -04:00
Joseph Schorr
938730c076
Move sync team into its own module and add tests
2017-04-03 11:31:29 -04:00
Joseph Schorr
eeadeb9383
Initial interfaces and support for team syncing worker
2017-04-03 11:31:29 -04:00
Joseph Schorr
8ea3977140
Add ability to enable, disable and view team syncing in UI and API
...
Also extracts out some common testing infrastructure to make testing APIs easier now using pytest
2017-04-03 11:31:29 -04:00
Joseph Schorr
f5a854c189
Add TeamSync database and API support
...
Teams can now have a TeamSync entry in the database, indicating how they are synced via an external group. If found, then the user membership of the team cannot be changed via the API.
2017-04-03 11:31:28 -04:00
Charlton Austin
e6d201e0b0
feat(build runner): added in context, dockerfile_location
...
this is a new feature meant to allow people to use any file as
a dockerfile and any folder as a context directory
2017-03-28 13:55:31 -04:00
Joseph Schorr
ac4a79ae01
Update PR for rebase
2017-03-23 15:57:49 -04:00
Joseph Schorr
651666b60b
Refactor our auth handling code to be cleaner
...
Breaks out the validation code from the auth context modification calls, makes decorators easier to define and adds testing for each individual piece. Will be the basis of better error messaging in the following change.
2017-03-23 15:42:45 -04:00
Joseph Schorr
7d66f30d52
Fix filtering of repositories in search
2017-03-23 11:35:17 -04:00
Joseph Schorr
917d5e2550
Fix typos in data model
2017-03-23 11:14:08 -04:00
Jimmy Zelinskie
d20ff785e6
data.model.repository: add back search fields
2017-03-23 10:46:04 -04:00
Joseph Schorr
bdda74d6df
Make sure GC checks new Blob table as well before deleting CAS storage
2017-03-22 23:53:21 -04:00
Jimmy Zelinskie
ddad957a56
data.model.repository: add app methods
2017-03-22 21:51:55 -04:00
Jimmy Zelinskie
3ccf3c5f33
Merge pull request #2447 from jzelinskie/cnr-step2
...
CNR Step 2
2017-03-22 18:45:51 -04:00
Jimmy Zelinskie
48ba59d615
endpoints.v2: only work on docker repositories
2017-03-22 17:26:59 -04:00
Jimmy Zelinskie
45f14f220d
data.model.repository: optimize by using kind_id
2017-03-22 15:51:19 -04:00
Joseph Schorr
30b532254c
Disallow non-apps-supported APIs for application repositories
2017-03-22 15:51:19 -04:00
Joseph Schorr
c3402fff5a
Add test to ensure we cannot create repos with the same name but different kinds
2017-03-22 14:34:32 -04:00
Jimmy Zelinskie
a2bac7dabd
endpoints.v1: only work on docker repositories
2017-03-22 14:31:22 -04:00
Jimmy Zelinskie
d2a4c9d05a
data.model.repository: audited for repo_kind usage
2017-03-22 13:58:50 -04:00
Jimmy Zelinskie
074c1bc4a8
data.model._basequery: audited for repo_kind usage
2017-03-22 13:58:49 -04:00
Charlton Austin
3502d9f61c
Merge pull request #2438 from charltonaustin/phase_one_config
...
refactor(data): add in new config for builder
2017-03-21 10:16:51 -04:00
Charlton Austin
f701677a8e
refactor(data): add in new config for builder
...
we are doing phase one of the four phase migration on the builder config
2017-03-20 13:03:41 -04:00
Antoine Legrand
718aeeead8
Fix search group_by clause for PG
2017-03-17 16:30:24 +01:00
Joseph Schorr
e25c989fef
Add a cleanup worker for blob uploads
2017-03-16 13:36:59 -04:00
Joseph Schorr
e90cab4d77
Change revert tag into restore tag and add manifest support
2017-03-14 11:34:42 -04:00
Joseph Schorr
af743b156b
Show manifest digests in place of V1 ids in the tag view when possible
2017-03-14 11:34:41 -04:00
Jimmy Zelinskie
123d003d4e
Merge pull request #2424 from jzelinskie/qss-image
...
workers.securityworker: revert to image querying
2017-03-10 17:38:02 -05:00
Jimmy Zelinskie
a780136337
workers.securityworker: revert to image querying
2017-03-10 17:37:40 -05:00
josephschorr
cbac673d58
Merge pull request #2404 from coreos-inc/cas-gc-fix
...
Fix GC handling around CAS paths
2017-03-10 17:34:21 -05:00
josephschorr
432b2d3fe8
Merge pull request #2392 from coreos-inc/search-optimization
...
Optimize repository search by changing our lookup strategy
2017-03-10 15:44:26 -05:00
Jimmy Zelinskie
53eb579459
data.model.tag: find min *alive* tag
2017-03-10 13:15:35 -05:00
Joseph Schorr
b5bb76cdea
Optimize repository search by changing our lookup strategy
...
Previous to this change, repositories were looked up unfiltered in six different queries, and then filtered using the permissions model, which issued a query per repository found, making search incredibly slow. Instead, we now lookup a chunk of repositories unfiltered and then filter them via a single query to the database. By layering the filtering on top of the lookup, each as queries, we can minimize the number of queries necessary, without (at the same time) using a super expensive join.
Other changes:
- Remove the 5 page pre-lookup on V1 search and simply return that there is one more page available, until there isn't. While technically not correct, it is much more efficient, and no one should be using pagination with V1 search anyway.
- Remove the lookup for repos without entries in the RAC table. Instead, we now add a new RAC entry when the repository is created for *the day before*, with count 0, so that it is immediately searchable
- Remove lookup of results with a matching namespace; these aren't very relevant anyway, and it overly complicates sorting
2017-03-09 19:47:55 -05:00
Joseph Schorr
62312e6461
Add warning when CAS paths are skipped and ensure we are under a transaction
2017-03-08 17:01:07 -05:00
Joseph Schorr
69e550d125
Fix GC handling around CAS paths
...
Adds code to ensure we never GC CAS paths that are shared amongst multiple ImageStorage rows, as well as an associated pair of tests to catch the positive and negative cases.
2017-03-07 13:48:07 -05:00
Jimmy Zelinskie
40636d4103
find work based on tag IDs rather than image IDs
2017-03-06 17:09:57 -05:00
Jimmy Zelinskie
2cead05f53
data.model.tag: filter hidden for scan eligibility
2017-03-06 15:44:01 -05:00
Jimmy Zelinskie
904b902295
workers.securityworker: find eligible tag images
2017-03-06 14:37:34 -05:00
Jimmy Zelinskie
b9ac2b7b3b
workers.securityworker: simplify min id
2017-03-03 14:51:18 -05:00
Jimmy Zelinskie
4ed0cdda14
securityscanner: add a min image id option
...
This will enable us to force some instances of the securityworker to
scan only new images.
2017-03-03 13:55:25 -05:00
Joseph Schorr
8e863b8cf5
Implement new create and manager trigger UI
...
Implements the new trigger setup user interface, which is now a linear workflow found on its own page, rather than a tiny modal dialog
Fixes #1187
2017-02-28 16:51:42 -05:00
Joseph Schorr
8ec6221ca2
Fix health check
2017-02-24 12:23:18 -05:00
josephschorr
f7a7d30ec2
Merge pull request #2366 from coreos-inc/alert-spam-fixes
...
Small fixes for alert spam
2017-02-22 14:18:18 -05:00
Joseph Schorr
d29d2da1ca
Handle IntegrityError in tag update code
...
Fixes https://sentry.io/coreos/backend-production/issues/173470565/events/4938537230/
2017-02-22 13:20:04 -05:00
Joseph Schorr
ef9cb3757d
Check for missing repository on GC call
...
Fixes https://sentry.io/coreos/backend-production/issues/192273882/
2017-02-22 13:18:23 -05:00
Joseph Schorr
89b7c13da5
Catch team member invite missing exception
...
Fixes https://sentry.io/coreos/backend-production/issues/195926082/
2017-02-22 13:18:22 -05:00
Jake Moshenko
27f5f14f90
Linter fixes
2017-02-22 11:45:38 -05:00
Jake Moshenko
add6b654ae
Move the total image count stat back to the prom stat worker
2017-02-22 11:45:38 -05:00
Jimmy Zelinskie
3d21af59fd
data.model.image: fake QSS progress metric
2017-02-21 17:48:40 -05:00
Joseph Schorr
eece782038
Prevent peewee from loading the visibility every time
...
By calling `visibility` instead of `visibility_id`, peewee was issuing a SQL Select statement for the repository, which removes the benefit of the optimization
2017-02-17 12:09:48 -05:00
Joseph Schorr
421c5d6012
Fix bug where the login service ID doesn't exist
2017-02-16 16:27:53 -05:00
Joseph Schorr
11c931f781
Log more information to the action logs and display the namespaces for superusers
...
This helps superusers understand better what, exactly, is going on in the registry
2017-02-14 14:55:24 -05:00