Commit graph

4190 commits

Author SHA1 Message Date
Joseph Schorr
8c144397e9 WIP: UI for QuaySec 2015-11-09 12:50:39 -05:00
Joseph Schorr
75dfec7875 Fix endpoint 2015-11-09 12:50:39 -05:00
Joseph Schorr
7fa4fe08e7 Fix worker 2015-11-09 12:50:39 -05:00
Joseph Schorr
407eaae137 WIP: Towards sec demo 2015-11-09 12:50:39 -05:00
Joseph Schorr
fb3d0fa27d Add a SecEndpoint class and move all the cert and config handling in there 2015-11-09 12:49:19 -05:00
Joseph Schorr
87c56d1caa Add vulnerabilities and packages API to Quay
Fixes #564
2015-11-09 12:49:19 -05:00
Joseph Schorr
d7ace69fe3 Add a vulnerability_found event for notice when we detect a vuln
Fixes #637

Note: This PR does *not* actually raise the event; it merely adds support for it
2015-11-09 12:49:19 -05:00
Quentin Machu
37118423a5 Add support for Quay's vulnerability tool 2015-11-09 12:49:19 -05:00
Jake Moshenko
c97bc0d8d0 Merge pull request #829 from jakedt/migratelogs
Add debug logs to migrations
2015-11-09 11:16:22 -05:00
Jake Moshenko
b9fce4f5d0 Add debug logs to migrations 2015-11-09 11:12:23 -05:00
Quentin Machu
56a147b695 Merge pull request #827 from Quentin-M/fixmighead
Fix migration 57dad559ff2d's header
2015-11-08 22:05:19 -05:00
Quentin Machu
ade664036c Fix migration 57dad559ff2d's header
Fixes #825
2015-11-08 15:22:15 -05:00
Jake Moshenko
b526e2a3cd Merge pull request #822 from coreos-inc/phase2-11-07-2015
Phase2 11 07 2015
2015-11-08 13:21:59 -05:00
Jake Moshenko
3a4200956d Merge pull request #820 from coreos-inc/phase1-11-07-2015
Phase1 11 07 2015
2015-11-08 13:14:23 -05:00
josephschorr
ed0160dd4d Merge pull request #821 from coreos-inc/phase1-11-07-2015-fixtest
Phase1 11 07 2015 fixtest
2015-11-08 13:12:23 -05:00
Joseph Schorr
8463514a09 Fix delete_user call to remove all user data 2015-11-08 13:10:01 -05:00
Joseph Schorr
8019994462 Merge branch 'phase1-11-07-2015' of github.com:coreos-inc/quay into phase1-11-07-2015 2015-11-07 21:16:34 -05:00
Jake Moshenko
90dd76806c Merge pull request #813 from jakedt/phase2-11-07-2015
Stop reading the v1 checksums from storage
2015-11-06 16:36:07 -05:00
Jake Moshenko
75f917f592 Stop reading the v1 checksums from storage 2015-11-06 16:17:12 -05:00
Jake Moshenko
fd3f88f489 Re-enable parent id backfill, use new backfill style 2015-11-06 16:17:12 -05:00
Jake Moshenko
9036ca2f2f Backfill the v1 checksums from imagestorage 2015-11-06 16:17:12 -05:00
Jimmy Zelinskie
0e4d749f89 Merge pull request #814 from jzelinskie/fixmigrations
resolve migration branches and run initdb
2015-11-06 16:15:57 -05:00
Jimmy Zelinskie
d5e7f6bea7 resolve migration branches and run initdb 2015-11-06 16:10:31 -05:00
Jake Moshenko
08f22a0aae Merge pull request #812 from jakedt/phase2-11-07-2015
Re-enable parent id backfill, use new backfill style
2015-11-06 15:58:57 -05:00
Jake Moshenko
79c89ba11d Re-enable parent id backfill, use new backfill style 2015-11-06 15:45:39 -05:00
Matt Jibson
d8c0d243f4 Merge pull request #811 from mjibson/mjibson-key
Update mjibson ssh key
2015-11-06 15:44:23 -05:00
Matt Jibson
2325328bbd Update mjibson ssh key 2015-11-06 15:34:52 -05:00
Jake Moshenko
88b9e80cbb Backfill the v1 checksums from imagestorage 2015-11-06 15:28:44 -05:00
Jimmy Zelinskie
f3c3e684a1 prepare branch to be merged into phase1-11-07-2015
This removes the checksum backfill, removes the migration that runs the
backfills, and defaults the security scan feature off.
2015-11-06 15:22:18 -05:00
Quentin Machu
af4511455f Remove .distinct() from these queries 2015-11-06 15:22:18 -05:00
Joseph Schorr
cfa03951e1 Add a SecScanEndpoint class and move all the cert and config handling in there 2015-11-06 15:22:18 -05:00
Joseph Schorr
e4508fc0d0 Add vulnerabilities and packages API to Quay
Fixes #564
2015-11-06 15:22:18 -05:00
Quentin Machu
a4c78ba99a Add support for Quay's vulnerability tool 2015-11-06 15:22:18 -05:00
Joseph Schorr
0f3db709ea Add a vulnerability_found event for notice when we detect a vuln
Fixes #637

Note: This PR does *not* actually raise the event; it merely adds support for it
2015-11-06 15:22:18 -05:00
Quentin Machu
3677947521 Add support for Quay's vulnerability tool 2015-11-06 15:22:18 -05:00
Joseph Schorr
2d1df267dd Add security config 2015-11-06 15:22:18 -05:00
Quentin Machu
1b41200e49 Fix PostgresSQL compatibility and parent omittance securityworker 2015-11-06 15:22:18 -05:00
Quentin Machu
a99b8fcfe4 Fix migration 2015-11-06 15:22:18 -05:00
Quentin Machu
f59e35cc81 Add support for Quay's vulnerability tool 2015-11-06 15:22:18 -05:00
Jake Moshenko
3d0bcbaaeb Move v1 checksums to image and track v2 separately 2015-11-06 15:17:55 -05:00
Joseph Schorr
2b3633b107 Remove the used_legacy_github column 2015-11-06 15:17:55 -05:00
Joseph Schorr
bbf4a1fac4 Remove the used_legacy_github column 2015-11-06 15:17:55 -05:00
Jake Moshenko
8edcdd94b3 Merge pull request #808 from jakedt/roadmap
Update our roadmap.
2015-11-06 14:00:27 -05:00
Jake Moshenko
d7720d4c67 Update our roadmap. 2015-11-06 13:59:29 -05:00
Matt Jibson
9df80d713e Merge pull request #803 from mjibson/aci-rootfs
Allow listing of ACI rootfs by non-root
2015-11-06 13:22:37 -05:00
Matt Jibson
86ca2d7f44 Allow listing of ACI rootfs by non-root
Also the image ID folder for docker squash.

This method is only called in 2 places: once for the ACI rootfs, and once
for squashing docker images. The previous (0644) permissions could
theoretically have been depended on by someone, but it is doubtful.

fixes #802
2015-11-06 13:22:04 -05:00
Matt Jibson
576fcf5325 Merge pull request #799 from mjibson/status-badge-cache
Set and use ETag headers on status badges
2015-11-06 12:15:35 -05:00
Matt Jibson
f4b57eff96 Set and use ETag headers
Also set no-cache exactly as github recommends. The removed @no_cache
decorater used "Cache-Control:no-cache, no-store, must-revalidate", but
just no-cache should be sufficient, and should certainly work correctly
with github.

See: https://github.com/github/markup/issues/224#issuecomment-48532178

fixes #712
2015-11-06 12:15:15 -05:00
Silas Sewell
4f6d81b1ec Merge pull request #794 from coreos-inc/build-sh-sha1
Update build.sh to work with GIT_HEAD
2015-11-04 18:31:55 -05:00
Silas Sewell
d2b0caa838 Update build.sh to work with GIT_HEAD 2015-11-04 16:55:34 -05:00