vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
5525 commits 2 branches 62 tags 205 MiB
Commit graph

1484 commits

Author SHA1 Message Date
Joseph Schorr
6091db983b Hide expired keys outside of their staleness window 2016-04-29 14:10:33 -04:00
Jimmy Zelinskie
726cb5fe6a key server: 403 on expired approved keys (#1410) 2016-04-29 14:09:37 -04:00
Joseph Schorr
4f63a50a17 Change account-less logs to use a user and not null 
This allows us to skip the migration
 2016-04-29 14:09:37 -04:00
Jimmy Zelinskie
ca5794ba18 key server: use total_seconds() for cache headers 2016-04-29 14:09:37 -04:00
Joseph Schorr
5d6e5a42e8 Add delete logging and tests for logging 2016-04-29 14:09:09 -04:00
Jimmy Zelinskie
6aa7040f39 keyserver: add cache-control headers 2016-04-29 14:05:16 -04:00
Joseph Schorr
bc08ac2749 Fix timeouts in the JWT endpoint tests 2016-04-29 14:05:16 -04:00
Joseph Schorr
522cf68c5d Lots of smaller fixes: 
- Add the rotation_duration to the keys API
- Have the key service UI use the new rotation_duration field
- Fix notification deletion lookup path
- Add proper support for the new notification in the UI
- Only delete expired keys after 7 days (configurable)
- Fix angular digest loop
- Fix unit tests
- Regenerate initdb
 2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
d0bd70fb36 endpoints.web: add missing import 2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
370ac3ecd0 service keys: add rotation_duration field 2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
fca258d8bf endpoints: remove /keys 
BitTorrent support should now be able to use the keyserver
infrastructure instead.
 2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
9f4a4092da keyserver: get signer kid from unverified headers 2016-04-29 14:05:16 -04:00
Joseph Schorr
08017c5111 Further UI updates 2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
cfc15746a6 keyserver: tests! 2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
d19eb16b45 keyserver: add generate key function 
The superuser API, initdb, and tests will all need this functionality.
 2016-04-29 14:05:16 -04:00
Joseph Schorr
fb1dca4e94 Add API usage tests 2016-04-29 14:05:16 -04:00
Joseph Schorr
11ff3e9b59 keys ui WIP 2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
136f92400f key_server: remove s at the end of endpoint 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
e456228434 keyserver: insert rotation policy into metadata 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
885a41e6f5 key server: misc fixes to make jwtproxy work 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
50ad1bb6b1 key server: misc cleanup to get it working 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
c0ab45d335 key server: derive audience from host and scheme 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
93720bd0f4 superuser: proper view for approvals/keys 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
d277fe6741 add final service key config 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
c6b8b3ce8c service_keys: s/get_keys/list_keys 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
0ec54fc70e clear notifications on delete/replace service_key 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
42b5196b21 add notification path and use for service keys 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
97ae800e6c canonicalize json 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
f406942984 converging on proper rotation 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
aaf9e83278 basically finish superuser key api 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
35ed73e195 rework superuser api 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
4079dba167 service keys: do all the right stuff 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
499bb16306 service key server wip 2016-04-29 13:38:25 -04:00
Joseph Schorr
c6f7dfa102 Add Enterprise Landing page 
Note: The design comes directparners.
 2016-04-28 13:47:54 -04:00
Joseph Schorr
03489c22ad Log the pushed tag and add IP address display 
Fixes #798
 2016-04-20 13:00:21 -04:00
Evan Cordell
9a1d97216b Switch error mimetype back to application/json 2016-04-18 17:42:08 -05:00
Evan Cordell
4d7843580f Fix superuser page 2016-04-15 16:50:01 -04:00
josephschorr
cf04fedd6a Merge pull request #1347 from coreos-inc/marketingtagman 
Add Google Tag Manager support to Quay
 2016-04-13 16:50:36 -04:00
Evan Cordell
09064853ac Merge pull request #1364 from ecordell/error-json-fixes 
Fix error-related issues
 2016-04-13 13:32:00 -04:00
Evan Cordell
eb3e7eba88 Merge pull request #1351 from ecordell/document-201-swagger 
Swagger: document 201 responses for POST requests
 2016-04-13 09:50:34 -04:00
Evan Cordell
e1b3312495 Add back error_message and error_type for backwards-compatibility 2016-04-13 09:11:40 -04:00
Evan Cordell
7b44beb1fd Fix WWW-Authenticate header on 401 2016-04-13 09:01:42 -04:00
Evan Cordell
d67c4ba46c Fix formatting in endpoints/api/error.py 2016-04-12 16:53:50 -04:00
Joseph Schorr
891f7d9213 Add Google Tag Manager support to Quay 2016-04-12 15:28:24 -04:00
Evan Cordell
1cdbd89120 Fix test (response validation in debug mode) 2016-04-12 07:56:58 -04:00
Evan Cordell
693a11c58e Add RFC citation 2016-04-11 20:08:45 -04:00
Evan Cordell
7c361c07f9 Use ApiService to get error message 2016-04-11 17:31:30 -04:00
Evan Cordell
b5db41920f Address review comments 2016-04-11 16:34:40 -04:00
Evan Cordell
eba75494d9 Use new error format for auth errors (factor exceptions into module) 2016-04-11 16:22:26 -04:00
Evan Cordell
9c08717173 Return application/problem+json format errors and provide error endpoint 
to dereference error codes.
 2016-04-11 14:57:24 -04:00
Evan Cordell
d69d79d302 swagger: document 201 responses for POST requests 2016-04-07 09:26:28 -04:00
Joseph Schorr
a06bda5910 Never include Stripe checking in LDN 
Instead, we always load it from Stripe when billing is enabled. Also fixes our Stripe icon.
 2016-04-01 14:10:11 -04:00
Joseph Schorr
a882055f62 Better error message for invalid recovery codes 2016-03-30 16:02:47 -04:00
Joseph Schorr
42e934d84f Make notification lookup faster and fix repo pagination on Postgres 2016-03-30 14:46:31 -04:00
josephschorr
4aa079e743 Merge pull request #1247 from coreos-inc/useradminscopes 
Remove internal_only from some APIs now that we expose a user admin scope
 2016-03-23 14:16:02 -04:00
Joseph Schorr
aa5587c93c Fixes and added tests for the security notification worker 
Fixes #1301

- Ensures that the worker uses pagination properly
- Ensures that the worker handles failure as expected
- Moves marking the notification as read to after the worker processes it
- Increases the number of layers requested to 100
 2016-03-18 20:28:06 -04:00
Joseph Schorr
6a4584b87a Add another test for security notification filtering 2016-03-17 12:59:27 -04:00
Joseph Schorr
57e5141fb5 Fix link-to-parent-with-different-blob issue and add a test 2016-03-14 15:35:18 -04:00
Jimmy Zelinskie
ea2e17cc11 v2: send proper scopes for authorization failures 
Fixes #1278.
 2016-03-11 13:41:38 -05:00
Jimmy Zelinskie
bb46cc933d use kwargs for parse_repository_name 2016-03-09 16:20:28 -05:00
Jake Moshenko
fe2cd240bc Revert "Remove old search API which is no longer in use" 2016-03-07 10:07:41 -05:00
josephschorr
57430a18b4 Merge pull request #1224 from coreos-inc/removeoldsearch 
Remove old search API which is no longer in use
 2016-03-04 12:05:07 -05:00
Joseph Schorr
85919cbc39 Fix error when constructing DownstreamIssue exception 2016-02-25 17:45:49 -05:00
Jimmy Zelinskie
c7904db30d v2: always send www-authn headers on unauthorized 
Fixes #1254.
 2016-02-25 17:09:29 -05:00
Joseph Schorr
f498e92d58 Implement against new Clair paginated notification system 2016-02-25 15:58:42 -05:00
Joseph Schorr
c0374d71c9 Refactor the security worker and API calls and add a bunch of tests 2016-02-25 12:29:41 -05:00
Quentin Machu
0183c519f7 Merge pull request #1253 from Quentin-M/clair2 
Adapt securityworker, secscan API and Quay UI for Clair 1.0
 2016-02-19 18:21:25 -05:00
Quentin Machu
4bd5996bbf Adapt secscan API for Clair v1.0 
Squash /vulnerabilities and /packages as it basically does the same
action on Clair and we don't need both for Quay
 2016-02-19 17:44:23 -05:00
josephschorr
11af123ba5 Merge pull request #1244 from coreos-inc/enableaci 
Add UI to the setup tool for enabling ACI conversion
 2016-02-17 12:29:48 -05:00
Joseph Schorr
1940fd9939 Add UI to the setup tool for enabling ACI conversion 
Fixes #1211
 2016-02-17 12:05:48 -05:00
Joseph Schorr
8d9f3309aa Remove internal_only from some APIs now that we expose a user admin scope 
Fixes #1246
 2016-02-16 16:50:33 -05:00
josephschorr
e8faa9f843 Merge pull request #939 from coreos-inc/user-admin 
Add user admin scope
 2016-02-16 16:42:29 -05:00
josephschorr
81a36ee3b8 Merge pull request #1217 from coreos-inc/v2pagination 
Fix V2 catalog and tag pagination
 2016-02-16 15:34:49 -05:00
josephschorr
ded0a27901 Merge pull request #1242 from coreos-inc/receiptemailsbug 
Fix schema for invoice email updating
 2016-02-16 13:26:26 -05:00
Joseph Schorr
ecaa051791 Fix schema for invoice email updating 
Fixes #1209
 2016-02-16 11:52:57 -05:00
Jake Moshenko
6e05920d6b Delete bad manifests from the DB 2016-02-16 11:42:19 -05:00
Joseph Schorr
4b24556cb3 Check for the parent's ID in the updated ID map. 
Fixes #1240
 2016-02-15 11:02:52 -05:00
Joseph Schorr
69262282fe Make sure to encode all V1 metadata strings 
Fixes #1239
 2016-02-15 10:57:20 -05:00
Jimmy Zelinskie
70aa7cc731 Merge pull request #1230 from jzelinskie/aci-head 
allow HEAD on ACI images
 2016-02-12 16:29:12 -05:00
Jimmy Zelinskie
2b07b6d8a9 allow HEAD on ACI images 
Fixes #911.
 2016-02-12 16:28:44 -05:00
Jake Moshenko
6454b5aeb7 Update the layer rename PR to preserve the original manifest 2016-02-12 16:25:47 -05:00
Joseph Schorr
abd2e3c234 V1 Docker ID <-> V2 layer SHA mismatch fix 
Fix handling of V1 Docker ID <-> V2 layer SHA mismatch by dynamically rewriting the manifest to use new synthesized IDs for all layers above the mismatch. Also adds a bunch of tests for this and other use cases, fixes a bug around manifest digest uniqueness and fixes the 5.5 migration for MySQL.
 2016-02-12 17:39:27 +02:00
Quentin Machu
5c7f2a5c16 Remove abort(500) on checksum mismatch 2016-02-11 18:32:21 -05:00
josephschorr
a9c64545fa Merge pull request #1228 from coreos-inc/v2storagevalidation 
Add a check that will fail if we try to mislink V1 layers
 2016-02-11 22:49:33 +02:00
josephschorr
904b2d53d2 Merge pull request #1197 from coreos-inc/webpytest 
Tests for endpoints/web and some small fixes
 2016-02-11 22:42:43 +02:00
Joseph Schorr
27f1cc0a13 Add a check that will fail if we try to mislink V1 layers 
Also logs some useful information
 2016-02-11 22:40:00 +02:00
Joseph Schorr
1887dc879c Remove old search API which is no longer in use 2016-02-10 15:02:27 +02:00
Joseph Schorr
db0eab0461 Fix V2 catalog and tag pagination 2016-02-10 00:25:33 +02:00
Jimmy Zelinskie
deadd5eee3 Merge pull request #1210 from jzelinskie/torrent-life 
extend torrent webseed lifetime to an hour
 2016-02-09 14:51:26 -05:00
Jimmy Zelinskie
463dc98a42 return an error when writing manifest v2 schema2 2016-02-09 14:42:58 -05:00
Jimmy Zelinskie
e18dacd26b extend torrent webseed lifetime to an hour 2016-02-08 17:57:28 -05:00
Joseph Schorr
6a8331d305 Tests for endpoints/web and some small fixes 2016-02-05 09:45:25 +02:00
Joseph Schorr
534ec9cb2b Add pagination to the repository list API to make it better for public 
Fixes #1166
 2016-02-01 22:42:44 +02:00
Jake Moshenko
9310fe1832 Convert some flask-login user methods to properties 2016-01-29 10:36:28 -05:00
Joseph Schorr
accc576a98 Fix V1 push URL to match Docker and fix registry tests 2016-01-29 16:42:15 +02:00
Jake Moshenko
018bf8c5ad Refactor how parsed_args are passed to methods 2016-01-26 16:27:36 -05:00
Joseph Schorr
335c8eb3a9 Add 2 day TTL to page tokens 2016-01-26 14:04:03 -05:00
Joseph Schorr
b4bddacedb Switch to Fernet crypto as per gtank's recommendation 2016-01-26 12:50:48 -05:00
Joseph Schorr
bd0a098282 Add ID-based pagination to logs using new decorators and an encrypted token 
Fixes #599
 2016-01-26 12:50:48 -05:00
Joseph Schorr
a03f0f1970 Fix manifest content type 
Fixes #1168
 2016-01-25 16:39:59 -05:00