Commit graph

695 commits

Author SHA1 Message Date
Jimmy Zelinskie
3804c50338 Merge pull request #330 from coreos-inc/additionalprop
Add missing JSON schema for 'refs' and 'branch_name'
2015-08-07 13:05:46 -04:00
Joseph Schorr
7ea4c7d17e Add missing JSON schema for 'refs' and 'branch_name'
Fixes #325
2015-08-07 13:01:49 -04:00
Jake Moshenko
74d838697f Fix tarfile to support non-unicode pax fields 2015-08-07 11:56:38 -04:00
Jimmy Zelinskie
5c213df835 Merge pull request #318 from coreos-inc/reallyfixlogs
Fix logs view and API
2015-08-05 17:48:42 -04:00
Joseph Schorr
d34afde954 Fix logs view and API
- We needed to use an engine-agnostic way to extract the days
- Joining with the LogEntryKind table has *horrible* performance in MySQL, so do it ourselves
- Limit to 50 logs per page
2015-08-05 17:47:03 -04:00
Jake Moshenko
b2844fb8c7 Switch the base case for when a scope string contains an invalid scope. 2015-08-05 17:35:02 -04:00
Jimmy Zelinskie
411d4e7abb tag history requires READ instead of WRITE
Fixes #315.
2015-08-05 17:09:34 -04:00
Jake Moshenko
795a8097ff Merge pull request #283 from coreos-inc/fixoauthscopes
OAuth scopes are space separated, not comma
2015-08-04 10:24:17 -04:00
Jake Moshenko
18100be481 Refactor the util directory to use subpackages. 2015-08-03 16:04:19 -04:00
Joseph Schorr
d6ee14e219 Add one more parsing test for scopes 2015-08-03 14:13:38 -04:00
Joseph Schorr
354f4109d0 Switch to returning an empty set when there are invalid auth scopes 2015-07-31 12:49:42 -04:00
Jake Moshenko
dbd9a32c85 Merge pull request #155 from coreos-inc/asyncgc
Garbage Collection Optimizations And Async
2015-07-28 16:16:59 -04:00
Joseph Schorr
11c7994398 Fix 500 on logout 2015-07-28 15:47:04 -04:00
Joseph Schorr
70de107268 Make GC of repositories fully async for whitelisted namespaces
This change adds a worker to conduct GC on repositories with garbage every 10s.

Fixes #144
2015-07-28 15:30:04 -04:00
Joseph Schorr
687bab1c05 Support invite codes for verification of email
Also changes the system so we don't apply the invite until it is called explicitly from the frontend

Fixes #241
2015-07-22 13:41:27 -04:00
Jake Moshenko
5d86fa80e7 Merge pull request #197 from coreos-inc/keystone
Add Keystone Auth
2015-07-22 13:38:47 -04:00
Joseph Schorr
a0c4e72f13 Clean up the repository list API and loads stars with it
We load stars with the same list API now so that we get the extra metadata needed in the repo list (popularity and last modified)
2015-07-22 13:05:02 -04:00
Joseph Schorr
7e4b23916a Small SQL query fix
Fixes #248
2015-07-20 14:17:26 -04:00
Joseph Schorr
33b54218cc Refactor the users class into their own files, add a common base class for federated users and add a verify_credentials method which only does the verification, without the linking. We use this in the superuser verification pass 2015-07-20 11:39:59 -04:00
Jake Moshenko
bc29561f8f Fix and templatize the logic for external JWT AuthN and registry v2 Auth.
Make it explicit that the registry-v2 stuff is not ready for prime time.
2015-07-17 11:56:15 -04:00
Jake Moshenko
3efaa255e8 Accidental refactor, split out legacy.py into separate sumodules and update all call sites. 2015-07-17 11:56:15 -04:00
Jake Moshenko
bea8b9ac53 More changes for registry-v2 in python.
Implement the minimal changes to the local filesystem storage driver and feed them through the distributed storage driver.
Create a digest package which contains digest_tools and checksums.
Fix the tests to use the new v1 endpoint locations.
Fix repository.delete_instance to properly filter the generated queries to avoid most subquery deletes, but still generate them when not explicitly filtered.
2015-07-17 11:50:41 -04:00
Jake Moshenko
acbcc2e206 Start of a v2 API. 2015-07-17 11:50:41 -04:00
Joseph Schorr
5ae8c11638 Extra list repos test to mimic the conditions of a known issue with one customer 2015-07-16 01:25:19 +03:00
Jake Moshenko
cb95a800e3 Oops, added logging.basicConfig to a test. 2015-07-14 17:56:34 -04:00
Jake Moshenko
ebecb1dc89 Regenerate the test db and supporting files. 2015-07-14 16:57:04 -04:00
Jimmy Zelinskie
bde781c98b Merge pull request #205 from coreos-inc/delrobot
Fix deletion of robot accounts when attached to builds
2015-07-13 12:19:01 -04:00
Jimmy Zelinskie
cf4800c06c Merge pull request #213 from coreos-inc/orgmember
Add a secondary tab to Teams for managing org members
2015-07-06 11:48:40 -04:00
Joseph Schorr
4333bb9e14 Implement stream_read_file for the Swift storage engine
Note that Swift doesn't seem to have a file-like interface, so we need to wrap the generator we get back from it.

Fixes #210
2015-07-02 17:52:43 +03:00
Joseph Schorr
3a59c99b08 Add a secondary tab to Teams for managing org members
Also adds the ability to completely remove a user from an organization (repo permissions and teams), in a single click

Fixes #212
2015-07-02 17:06:36 +03:00
josephschorr
cb238f8764 Merge pull request #207 from coreos-inc/squashperm
Have the fetch tag dialog show a warning for robot accounts without access
2015-07-02 10:23:14 +03:00
Joseph Schorr
b535e222b8 Have the fetch tag dialog show a warning for robot accounts without access
Before this change, we'd show the squash pulling command with the proper credentials, but it then 403s on the end user.
2015-07-01 19:37:52 +03:00
Joseph Schorr
b91b60e83d Add encrypted password output in the superuser API
When creating a user or changing their password, we now also return an encrypted form of the password, so API callers can pass it along
2015-07-01 19:29:42 +03:00
Joseph Schorr
3ba321934f Fix deletion of robot accounts when attached to builds
Fixes #204
2015-06-30 22:56:44 +03:00
Jake Moshenko
7b470237a1 The superuser capability does not require the idea of ordinality since it is a binary permission. 2015-06-30 11:02:13 -04:00
Joseph Schorr
d9ce8fdf52 Fix swagger test 2015-06-29 21:38:21 +03:00
Joseph Schorr
81bb76d3df Fix spelling mistakes 2015-06-29 21:38:01 +03:00
Joseph Schorr
2b1bbcb579 Add a table view to the repos list page
Fixes #104
2015-06-29 21:12:53 +03:00
Jimmy Zelinskie
756d6784ca Merge pull request #192 from coreos-inc/sqlssl
Allow SSL cert for the database to be configured
2015-06-29 13:33:31 -04:00
Joseph Schorr
dc5af7496c Allow superusers to disable user accounts 2015-06-29 18:40:52 +03:00
Joseph Schorr
b8c74bbb17 Remove container usage tab and replace with changlog view
Fixes #179
2015-06-29 11:07:46 +03:00
Joseph Schorr
bb07d0965f Allow SSL cert for the database to be configured
This change adds a field for the SSL cert for the database in the setup tool. Fixes #89
2015-06-29 08:08:10 +03:00
Joseph Schorr
75b36c0f33 Update test 2015-06-25 23:13:33 -04:00
Joseph Schorr
e7915baf8c Have LDAP return a better error message if it fails to connect
Currently, the error results in a 500 being raised when a user tries to login.
2015-06-23 17:41:53 -04:00
Joseph Schorr
07439328a4 Remove user_exists endpoint from all auth systems 2015-06-23 17:33:51 -04:00
Jake Moshenko
b21a033ef3 Merge pull request #131 from coreos-inc/moveapp
Refactor JWT auth to not import app locally
2015-06-23 17:24:01 -04:00
Joseph Schorr
b4c39e8ec0 Fix ephemeral build manager to ask for watches in index order with no gaps 2015-06-23 17:11:46 -04:00
Joseph Schorr
805af9338a Fix index test spec 2015-06-22 17:33:32 -04:00
Joseph Schorr
331c300893 Refactor JWT auth to not import app locally 2015-06-17 15:53:21 -04:00
Joseph Schorr
e7fa560787 Add support for custom fields in billing invoices
Customers (especially in Europe) need the ability to add Tax IDs, VAT IDs, and other custom fields to their invoices.

Fixes #106
2015-06-12 16:45:01 -04:00
Jake Moshenko
f767fc4d03 Track whether builders ever came online in etcd. Mark builds which never successfully heartbeated as incomplete. 2015-06-10 16:19:51 -04:00
Joseph Schorr
44f49a43dd Fix creation of repositories when having a creator permission
This fixes the grants on a user's session when creating a repository with only the creator permission

Fixes #117
2015-06-10 16:12:42 -04:00
Joseph Schorr
f980b892d8 Remove debug flag from JWT tests
This can break unit tests running
2015-06-05 15:39:27 -04:00
Jake Moshenko
2a2414d6af Merge pull request #60 from coreos-inc/jwtauthentication
Add support for an external JWT-based authentication system
2015-06-05 13:37:42 -04:00
Joseph Schorr
8aac3fd86e Add support for an external JWT-based authentication system
This authentication system hits two HTTP endpoints to check and verify the existence of users:

Existance endpoint:
GET http://endpoint/ with Authorization: Basic (username:) =>
    Returns 200 if the username/email exists, 4** otherwise

Verification endpoint:
GET http://endpoint/ with Authorization: Basic (username:password) =>
    Returns 200 and a signed JWT with the user's username and email address if the username+password validates, 4** otherwise with the body containing an optional error message

The JWT produced by the endpoint must be issued with an issuer matching that configured in the config.yaml, and the audience must be "quay.io/jwtauthn". The JWT is signed using a private key and then validated on the Quay.io side with the associated public key, found as "jwt-authn.cert" in the conf/stack directory.
2015-06-05 13:20:10 -04:00
josephschorr
63f289a8cb Merge pull request #59 from jzelinskie/custom-git-fix
triggers: metadata.commit_sha -> metadata.commit
2015-06-02 16:10:26 -04:00
Joseph Schorr
477a3fdcdc Add a test to verify that all important blueprints have all their methods decorated
This ensures that we don't accidentally add a blueprint method without either explicitly blacklisting or whitelisting anonymous access
2015-06-02 15:56:44 -04:00
Jimmy Zelinskie
e01bdd4ab0 triggers: metadata.commit_sha -> metadata.commit
This resolves an issue where the custom-git trigger's public facing
schema was not the same as the internal metadata schema. Instead of
breaking users, we rework the internal metadata schema to be the same as
the custom-git JSON schema. This commit also updates everything that
used `metadata.commit_sha` including the test database.
2015-06-02 15:32:28 -04:00
Joseph Schorr
075c75d031 Change to always granting a signed token if there is a valid user OR if there is valid permissions on a repository
This fixes the issue whereby attempting to pull a public repository as an authenticated user with anonymous access disabled caused an unexpected 401. This change also adds tests for a few other use cases to verify we haven't broken anything.
2015-06-02 15:16:22 -04:00
Joseph Schorr
3602b59465 Add registry tests for anonymous access 2015-06-02 14:27:57 -04:00
Joseph Schorr
c0e995c1d4 Merge branch 'master' into nolurk 2015-06-02 13:55:16 -04:00
Jake Moshenko
7bc5f7a1ca Merge pull request #53 from coreos-inc/v1test
Add tests for the registry that mimic Docker's calls
2015-06-02 12:24:42 -04:00
Joseph Schorr
9585e2a765 End-to-end registry tests 2015-06-01 16:35:30 -04:00
Joseph Schorr
1aff701bc7 Fix LDAP referral and multiple pair handling
Fixes two issues found with our LDAP handling code. First, we now follow referrals in both LDAP calls, as some LDAP systems will return a referral instead of the original record. Second, we now make sure to handle multiple search result pairs properly by further filtering based on the presence of the 'mail' attribute when we have multiple valid pairs. This CL also adds tests for all of the above cases.
2015-05-27 15:04:34 -04:00
Joseph Schorr
b0d763b5ff Fix encrypted password generator to use the LDAP username, not the Quay username.
Currently, we use the Quay username via `verify_user` when we go to create the encrypted password. This is only correct if Quay has not generated its own different username for the LDAP user, and fails if it has. We therefore add a new method `confirm_existing_user`, which looks up the federated login for the LDAP user and then runs the auth flow using that username.
2015-05-20 16:37:09 -04:00
Joseph Schorr
eb773e40a2 Add some more debug logging around bitbucket triggers and add some tests to verify we properly handle trigger branch filters 2015-05-20 14:18:12 -04:00
Joseph Schorr
54992c23b7 Add a feature flag for disabling unauthenticated access to the registry in its entirety. 2015-05-19 17:52:44 -04:00
Joseph Schorr
efab02ae47 LDAP improvements:
- Better logging
  - Better error messages
  - Add unit tests
  - Clean up the setup tool for LDAP
2015-05-11 21:23:18 -04:00
Joseph Schorr
3e1abba284 Add ability for super users to rename and delete organizations 2015-05-11 18:03:25 -04:00
Joseph Schorr
f858caf6cd Only return the team and repo permissions when listing robots when we absolutely need them. 2015-05-08 16:43:07 -04:00
Joseph Schorr
469f25b64c Start measuring the number of queries on critical API calls 2015-05-07 22:25:23 -04:00
Joseph Schorr
3627de103c Minimize the queries used when retrieve builds. Previously, we'd call out to SQL extra times per build. 2015-05-07 21:11:15 -04:00
Joseph Schorr
7b35555776 Make sure to test for unicode usernames, since the collate on the username field is latin1 2015-05-07 18:13:45 -04:00
Joseph Schorr
d07f9f04e9 UI and code improvements to make working with the multiple SCMs easier 2015-05-03 10:38:11 -07:00
Joseph Schorr
e3aededcbc Merge branch 'master' into gitlab 2015-05-03 12:13:09 -04:00
Jimmy Zelinskie
3ac884beb4 gitlab oauth 2015-05-02 17:54:48 -04:00
Joseph Schorr
b96e35b28c Merge master into bitbucket 2015-04-30 15:52:08 -04:00
Joseph Schorr
b3675df667 Fix tests 2015-04-30 15:47:40 -04:00
Joseph Schorr
60036927c9 Really disallow usage of the same account for an org as the one being converted. Before, you could do so via email. 2015-04-29 20:30:37 -04:00
Joseph Schorr
5a8093bbea Fix API tests 2015-04-29 17:30:24 -04:00
Joseph Schorr
31260d50f5 Rename the new images method to a slightly better name 2015-04-24 16:37:37 -04:00
Joseph Schorr
e70343d849 Faster cache lookup by removing a join with the ImagePlacementTable, removing the extra loop to add the locations and filtering the images looked up by the base image 2015-04-24 16:22:19 -04:00
Jimmy Zelinskie
c238626c56 tests: update to reflect trigger API changes 2015-04-23 18:16:14 -04:00
Jimmy Zelinskie
02498d72ba almost all PR discussion fixes 2015-04-21 18:04:25 -04:00
Jimmy Zelinskie
93cd459460 Merge branch 'master' into git 2015-04-20 10:58:49 -04:00
Joseph Schorr
e56d5a9fe5 Rebuild test db 2015-04-19 15:48:34 -04:00
Joseph Schorr
d1e2d072ea Add unit tests and a stronger restriction on the revert API call 2015-04-19 15:43:16 -04:00
Joseph Schorr
e16657ed0e Add security tests for the new revert endpoint 2015-04-19 15:25:33 -04:00
Jimmy Zelinskie
ba2cb08904 Merge branch 'master' into git 2015-04-16 17:38:35 -04:00
Joseph Schorr
f8c80f7d11 Add a history view to the tags page. Next step will add the ability to revert back in time 2015-04-15 15:21:09 -04:00
Joseph Schorr
396cba64e6 Fix search to return better results by searching for robots and namespaces in different queries. 2015-04-09 12:57:20 -04:00
Joseph Schorr
3707feaf5d Disable MySQL in the full db test because the table setup fails 2015-04-09 11:47:58 -04:00
Joseph Schorr
40a6892a49 Add search tests 2015-04-07 14:05:12 -04:00
Joseph Schorr
5cd500257d Merge branch 'master' into orgview 2015-04-01 13:56:49 -04:00
Jimmy Zelinskie
f55c478a30 testdb: resync 2015-04-01 13:43:11 -04:00
Joseph Schorr
1f5e6df678 - Fix tests
- Add new endpoints for retrieving the repo permissions for a robot account
- Have the robots list return the number of repositories for which there are permissions
- Other UI fixes
2015-03-31 18:50:43 -04:00
Jimmy Zelinskie
c5272f3545 initdb: add custom trigger and refresh test.db 2015-03-27 11:23:49 -04:00
Joseph Schorr
e4b659f107 Add support for encrypted client tokens via basic auth (for the docker CLI) and a feature flag to disable normal passwords 2015-03-25 18:43:12 -04:00
Jake Moshenko
201943ed1c Fix deadlocks with tags and garbage collection. 2015-03-24 18:00:04 -04:00
Jimmy Zelinskie
9c55aca011 migration: make resource_key nullable 2015-03-23 15:46:35 -04:00
Jimmy Zelinskie
f6f93e9079 consolidate everything into one GitHub trigger 2015-03-19 17:12:27 -04:00
Jimmy Zelinskie
93a9e9d01a migration: add private key to build triggers 2015-03-19 14:30:25 -04:00
Jimmy Zelinskie
5a29218c5c Merge branch 'master' into git 2015-03-19 12:10:34 -04:00
Jimmy Zelinskie
2a02d08dc6 testdb: update with github-git trigger 2015-03-19 12:07:25 -04:00
Joseph Schorr
44ff85d044 Remove migration (temporarily), fix a broken test, and make the aggregate size calculation use the entire image ancestry (for now). 2015-03-17 12:13:01 -04:00
Joseph Schorr
7b5341c067 Update database 2015-03-16 17:35:57 -04:00
Joseph Schorr
afc8e95e19 Start on new tag view 2015-03-09 22:03:39 -07:00
Joseph Schorr
8423b5874f Typo fixes 2015-03-06 14:29:56 -05:00
Joseph Schorr
6a625ba9e6 Fix build logs date/time 2015-03-06 14:22:19 -05:00
Joseph Schorr
12b458780b Handle loading status better for each namespace displayed in the repo list and update the database we use for testing 2015-03-05 16:25:16 -05:00
Joseph Schorr
43ab838998 Merge branch 'newbuildview' 2015-03-05 16:17:29 -05:00
Joseph Schorr
86447c0a99 Merge branch 'master' into pagesnew 2015-03-05 14:22:10 -05:00
Joseph Schorr
ed46d37ea7 - Add copy button to the build logs
- Add support for timestamps in the build logs
- Other small UI improvements to the build view
2015-02-27 16:00:32 -05:00
Jimmy Zelinskie
fb0d3d69c2 changes to reflect PR comments (not finished) 2015-02-24 17:50:54 -05:00
Joseph Schorr
a7ddf46c2a Fix default test DB 2015-02-24 15:00:40 -05:00
Jimmy Zelinskie
35a2414d85 tests: star security tests 2015-02-23 14:23:32 -05:00
Joseph Schorr
10e2eabb1c Fix test 2015-02-23 13:47:21 -05:00
Joseph Schorr
5f605b7cc8 Fix queue handling to remove the dependency from repobuild, and have a cancel method 2015-02-23 13:38:01 -05:00
Jimmy Zelinskie
2914a5da96 tests: add test for star/unstar repo 2015-02-20 15:11:41 -05:00
Jimmy Zelinskie
46832676f7 testdb: re-run initdb 2015-02-19 17:46:44 -05:00
Jake Moshenko
41108a0856 Allow tags to be marked as hidden. Create a hidden tag on every image during a push to prevent them from getting GCed. 2015-02-18 17:05:16 -05:00
Joseph Schorr
7c81d90cda Start recording the commit sha and other metadata about github triggered builds. We'll eventually show this information in the UI 2015-02-18 14:12:59 -05:00
Jake Moshenko
2dd03f1bed Merge remote-tracking branch 'origin/master' into rockyhorror
Conflicts:
	test/data/test.db
2015-02-18 10:56:01 -05:00
Jake Moshenko
2cd5bdb563 Address concerns from pull request. 2015-02-18 10:43:08 -05:00
Joseph Schorr
83e05d2342 Add tracking of the kind of temporary access tokens, so we can display if a pull/push by token is for a build worker 2015-02-17 12:35:16 -05:00
Joseph Schorr
81ce4c771e Add ability to cancel builds that are in the waiting state 2015-02-13 15:54:01 -05:00
Jake Moshenko
2ce6e76d9d Add the required migration for time machine tag lifetimes. 2015-02-13 14:41:08 -05:00
Jake Moshenko
5aedd1fabc Merge remote-tracking branch 'origin/master' into rockyhorror
Conflicts:
	test/data/test.db
2015-02-13 13:17:10 -05:00
Joseph Schorr
cae460b11b Fix test db 2015-02-12 16:27:26 -05:00
Jake Moshenko
d306e37e9d Add some simple tests to sanity check the time machine gc. 2015-02-12 16:05:45 -05:00
Jake Moshenko
b154e7acef Merge remote-tracking branch 'origin/master' into rockyhorror 2015-02-12 15:27:28 -05:00
Jake Moshenko
740bc31058 Fix the gc test. 2015-02-12 14:44:01 -05:00
Jake Moshenko
872539bdbf Switch to a per-namespace configurable expiration policy for time machine, and switch the tag gc to respect it. 2015-02-12 14:11:56 -05:00
Joseph Schorr
f107b50a46 Merge branch 'master' into ackbar 2015-02-12 12:04:45 -05:00
Jake Moshenko
f32bd748e4 Use a consistent concept of tag liveness everywhere. Fix the tests. 2015-02-11 15:02:50 -05:00
Jake Moshenko
90c0a9c1e0 First stab at time machine using fixed two week expiration policy. 2015-02-11 14:15:40 -05:00
Joseph Schorr
f8a917ec26 Fix test 2015-02-10 22:02:39 -05:00
Joseph Schorr
893ae46dec Add an ImageTree class and change to searching *all applicable* branches when looking for the best cache tag. 2015-02-10 21:46:58 -05:00
Joseph Schorr
045614c6c8 Merge branch 'master' into ackbar 2015-02-09 17:16:42 -05:00
Joseph Schorr
c081b1fa86 Fix DB test and upgrade to peewee 2.4.7, which has the delete instance fix 2015-02-09 11:10:26 -05:00
Joseph Schorr
cf774e23df Merge branch 'master' into v2 2015-02-05 15:37:14 -05:00
Joseph Schorr
9dfe523615 Merge master changes 2015-02-05 13:11:16 -05:00
Joseph Schorr
84e5c0644e Address comments 2015-02-02 14:07:32 -05:00
Jake Moshenko
adce277d49 Fix the tests to use the default realm and building config. 2015-02-02 12:05:36 -05:00
Jake Moshenko
35ba2a6c1f Use a file for sqlite in tests, in-memory seems to be seg-faulting 2015-01-30 16:32:37 -05:00
Joseph Schorr
3872d29de9 Add a transaction around the extend_processing call 2015-01-29 18:40:41 -05:00
Joseph Schorr
15397d270a Add tests for path prefixing and super long filenames 2015-01-29 14:57:42 -05:00
Joseph Schorr
30b895b795 Merge branch 'grunt-js-folder' of https://github.com/coreos-inc/quay into ackbar 2015-01-23 17:26:14 -05:00
Joseph Schorr
c8229b9c8a Implement new step-by-step setup 2015-01-23 17:19:15 -05:00
Jake Moshenko
44f7ab53a2 Merge remote-tracking branch 'origin/master' into ephemeral 2015-01-21 13:39:27 -05:00
Joseph Schorr
15a69ac872 Change robot deletions to set the performer to null, rather than attempting to delete the rows from the large log entries table 2015-01-14 12:56:06 -05:00
Joseph Schorr
0d2c42ad03 Fix tests 2015-01-09 17:11:51 -05:00
Joseph Schorr
6d604a656a Move config handling into a provider class to make testing much easier 2015-01-09 16:23:31 -05:00
Joseph Schorr
7933bd44fd Add tests for the new super user config API and make sure both super user API endpoint sets are all guarded against being used in production 2015-01-08 12:53:36 -05:00
Joseph Schorr
508bc10a58 Fix broken test due to the permissions change 2015-01-07 16:31:16 -05:00
Joseph Schorr
40d2b1748f Fix handling of secret key: We now generate it on app startup if it doesn't exist in the config (which it doesn't anymore in the base config.py). 2015-01-05 12:31:02 -05:00
Jake Moshenko
b33ee1a474 Register existing builders to watch their expirations. 2015-01-05 11:21:36 -05:00
Joseph Schorr
1bf25f25c1 WIP 2015-01-04 14:38:41 -05:00
Jake Moshenko
a9839021af When the etcd key tracking realms is first created the action is create, not set. 2014-12-31 11:46:02 -05:00
Jake Moshenko
cc70225043 Generalize the ephemeral build managers so that any manager may manage a builder spawned by any other manager. 2014-12-31 11:33:56 -05:00
Jake Moshenko
4a2295373f Fix tests for no timeout watches. 2014-12-23 15:35:34 -05:00
Jake Moshenko
4e22e22ba1 We have to serialize our build data before sending it to etc. 2014-12-23 14:09:04 -05:00
Jake Moshenko
709e571b78 Handle read timeouts from etcd when watching a key. 2014-12-23 12:13:49 -05:00
Jake Moshenko
055a6b0c37 Add a total maximum time that a machine is allowed to stick around before we terminate it more forcefully. 2014-12-23 11:18:10 -05:00
Jake Moshenko
34bf92673b Add support for adjusting etcd ttl on job_heartbeat. Switch the heartbeat method to a coroutine. 2014-12-22 17:24:44 -05:00
Jake Moshenko
2b6c2a2a50 Improve tests for the ephemeral build manager. 2014-12-22 16:22:07 -05:00
Jake Moshenko
12ee8e0fc0 Switch a few of the buildman methods to coroutines in order to support network calls in methods. Add a test for the ephemeral build manager. 2014-12-22 12:14:16 -05:00
Jimmy Zelinskie
f3259c862b Merge branch 'koh'
Conflicts:
	auth/scopes.py
	requirements-nover.txt
	requirements.txt
	static/css/quay.css
	static/directives/namespace-selector.html
	static/js/app.js
	static/partials/manage-application.html
	templates/oauthorize.html
2014-12-01 12:30:09 -08:00
Joseph Schorr
2155bbee6c Add some basic tests for the changes lib 2014-11-29 19:08:59 -05:00
Joseph Schorr
e9cac407df Add a configurable avatar system and add an internal avatar system for enterprise 2014-11-24 19:25:13 -05:00
Jimmy Zelinskie
716d7a737b Strip whitespace from ALL the things. 2014-11-24 16:07:38 -05:00
Jimmy Zelinskie
dee4c389a8 Base sessions on UUIDs.
Now that a backfill has been applied, sessions can now be based on UUIDs
because all users will have one.
2014-11-20 18:44:36 -05:00
Jimmy Zelinskie
12ff4b107c Undo sessions being driven by UUID.
Basing sessions on UUIDs must be done in phases. First all users
must obtain an UUID. Once a backfill has given all previous users
UUIDs and new users are being generated with UUIDs, then we can
actually change the session to be based on that value.
2014-11-20 12:57:17 -05:00
Joseph Schorr
9b31b9805a Fix performance problem with looking up org members and add some tests 2014-11-20 11:33:42 -05:00
Jake Moshenko
aa62395777 Fix a test to use the new calling convention for get_build_trigger. 2014-11-19 15:43:28 -05:00
Jimmy Zelinskie
faeb3b9a10 Update tests to use uuid in session 2014-11-19 13:28:16 -05:00
Jimmy Zelinskie
9d677b8eb3 Add UUID to User model and use in cookie. 2014-11-19 13:28:16 -05:00
Jake Moshenko
f4681f2c18 Merge branch 'master' into nomenclature
Conflicts:
	test/data/test.db
2014-11-17 17:59:59 -05:00
Joseph Schorr
6e47ec2ef1 Add additional locations to the gc tests 2014-11-13 13:20:21 -05:00
Joseph Schorr
d73747ce1d - Fix some other group_by clauses
- Fix garbage_collect for an empty list (fixes a test)
- Add a script which runs the full test suite against mysql and postgres (note: QueueTest's are broken for MySQL, but they obviously work in production, so they need to be fixed)
2014-11-13 12:51:37 -05:00
Joseph Schorr
eddcc02ea6 Make repository deletes much faster by adding custom deletion code and have additional tests to verify the deletion code paths 2014-11-10 23:05:20 -05:00
Joseph Schorr
611bc895e1 Handle invalid tar layers and add tests 2014-11-10 18:26:37 -05:00
Joseph Schorr
cc9d5798b3 Add an extra root dir test 2014-11-10 18:18:28 -05:00
Joseph Schorr
158acd4f41 - Turn on foreign key constraint checking in the tests
- Change all ForeignKeyField's that refer to users to use our custom class, and mark those that allow robots
- Change robot delete to only execute the subset of queries necessary to actually delete robots
2014-11-07 12:05:21 -05:00
Joseph Schorr
4eedd54b66 - Make usage language more accurate by stating "repositories"
- Have usage counter be based on a 4 weeks TTL
- Add a simple usage counter breakage test
2014-10-30 13:26:02 -04:00
Joseph Schorr
79e4864eb2 Move the the track_and_log code into its own module. This breaks a dependency chain between index -> common -> api -> subscribe -> common again. 2014-10-30 12:49:51 -04:00
Joseph Schorr
c1398c6d2b - Add a log entry for repo verb handling and make the container usage calculation take it into account
- Move all the repo push/pull/verb logging into a central track_and_log method
- Readd images accidentally deleted in the last CL
- Make the uncompressed size migration script better handle exceptions
2014-10-29 15:42:44 -04:00
Joseph Schorr
e9c2e54dbc Change delete to once again not perform everything under a transaction. A recent revision accidentally moved everything back under it. 2014-10-29 11:59:02 -04:00
Jake Moshenko
1461310ab8 Merge remote-tracking branch 'origin/master' into nomenclature
Conflicts:
	endpoints/common.py
	endpoints/notificationhelper.py
	test/data/test.db
	workers/dockerfilebuild.py
2014-10-23 13:25:37 -04:00
Joseph Schorr
2ef9a68b08 Add another empty GC test 2014-10-17 17:49:58 -04:00
Joseph Schorr
0c0cd693dd Add a GC test for a noop 2014-10-17 17:48:31 -04:00
Joseph Schorr
baca3f79ed Add tests for image garbage collection 2014-10-17 14:35:17 -04:00
Joseph Schorr
daa194aef7 Re-add removed testdb 2014-10-15 15:52:12 -04:00
Joseph Schorr
d43109d7cb - Merge branch 'master' into sha-lom
- Extract out the tar handling from streamlayerformat into tarlayerformat
- Add a new tarfileappender class to make it easy to append data to gzipped tars
- Fix the gzipwrap to properly close
- Have the .git injection use the new appender
2014-10-15 15:51:34 -04:00
Joseph Schorr
dba75a08af Make sure to handle deleted prefixes properly 2014-10-15 11:57:54 -04:00
Joseph Schorr
da28bc4ce9 - Handle missing images properly
- Add support for deleting directories
- Add a slew of tests for deletion of directories and other kinds of deletion and layering
2014-10-14 21:40:02 -04:00
Joseph Schorr
eef7edab49 Fix file deletion skipping 2014-10-14 18:48:26 -04:00
Joseph Schorr
b234019a02 Fix tests 2014-10-14 16:23:01 -04:00
Jake Moshenko
328db8b660 Split the app into separate backends, which can use different worker types and different timeouts. 2014-10-14 13:58:08 -04:00
Jake Moshenko
8a37d63e35 Update the test db to use unique uuds for images storages. 2014-10-07 16:40:44 -04:00
Jake Moshenko
a0d94f9d59 Merge remote-tracking branch 'origin/laffa' into nomenclature
Conflicts:
	test/data/test.db
2014-10-07 15:56:28 -04:00
Joseph Schorr
f4daa5e97b - Update the migrations tool to verify migrations work up and down for both MySQL and PostgresSQL.
- Add migrations for the squashed image tables and for backfilling the uncompressed sizes
- Make sure gzip stream uses a max length when determining the uncompressed size
2014-10-07 15:29:56 -04:00
Joseph Schorr
f38ce51943 Merge master into laffa 2014-10-07 14:03:17 -04:00
Jake Moshenko
ed8bcff39e Merge remote-tracking branch 'origin/master' into nomenclature
Conflicts:
	test/data/test.db
	workers/dockerfilebuild.py
2014-10-06 10:29:39 -04:00
Joseph Schorr
e0993b26af Make query params only read from query params, not JSON as well 2014-10-03 15:05:34 -04:00
Jake Moshenko
5c18ffe67d Allow the namespace column to be null, and also non-unique. Fix the uncompressed size clobbering the size on the wire field. Add metadata constraints so that foreign key constraints get predictable names. Fix all downgrade migrations. 2014-10-02 10:46:20 -04:00
Jake Moshenko
e8b3d1cc4a Phase 4 of the namespace to user migration: actually remove the column from the db and remove the dependence on serialized namespaces in the workers and queues 2014-10-01 14:23:46 -04:00
Joseph Schorr
2c5cc7990f Allow for additional REDIS config such as password and port 2014-10-01 14:16:42 -04:00
Joseph Schorr
d9c7e92637 Add superuser abilities: create user, show logs. Also fix the super users UI to show the user drop down and make all superuser API calls require fresh login 2014-10-01 13:55:09 -04:00
Joseph Schorr
039d53ea6c - Fix initdb
- Add ability to specific custom fields for manual running of build triggers and add a "branch name" selector for running github builds
2014-09-30 16:29:32 -04:00
Jake Moshenko
03190efde3 Phase 2 of migrating repo namespaces to referencing user objects, backfilling the rows without a value for namespace_user, and changing all accesses to go through the namespace_user object. All tests are passing, manual testing still required. 2014-09-24 18:01:35 -04:00
Joseph Schorr
86dfca2e3e Add uncompressed size field to the image storage and add a backfill script (which is not yet automatically called) 2014-09-23 14:01:27 -04:00
Joseph Schorr
f6d3238611 Fix API tests for the recent change 2014-09-23 11:33:52 -04:00
Joseph Schorr
87bc37f6c8 Merge branch 'sunday' 2014-09-23 11:29:03 -04:00
Jake Moshenko
79b6a9f4e0 Apparently the version of python in the baseimage requires the encoding comment. 2014-09-23 11:19:31 -04:00
Joseph Schorr
8dd2330ce7 Switch to using straight docker IDs instead of a hashing scheme 2014-09-23 11:01:50 -04:00
Joseph Schorr
9621566d31 Instead of sending DB IDs, send "internal IDs" which are DB IDs hashed. This way, we can still calculate the ancestors without hitting the DB further, but without leaking the size of the images table 2014-09-23 11:01:50 -04:00
Joseph Schorr
f3b03ebc34 Add a feature flag for disabling all emails 2014-09-22 19:11:48 -04:00
Jake Moshenko
74c1662f54 Unicode strings have to be declared as such for python to be happy. 2014-09-22 18:49:52 -04:00
Jake Moshenko
3259cda000 The new strategy is to do a three phase migration. This is the first phase: getting the namespace user in the db and written for all new repositories. 2014-09-22 17:27:02 -04:00
Joseph Schorr
dc685b2387 Merge branch 'huggies' 2014-09-22 13:41:29 -04:00
Jake Moshenko
8c00eabedd Merge remote-tracking branch 'origin/better-emails' 2014-09-19 10:04:02 -04:00
Jake Moshenko
b769926565 Tweak the team invite email. Update the test database to reflect the latest structure. 2014-09-19 10:03:35 -04:00
Joseph Schorr
6b05b55225 Add unicode password support 2014-09-18 17:36:26 -04:00
Joseph Schorr
a90aab4665 Switch to using straight docker IDs instead of a hashing scheme 2014-09-18 17:16:10 -04:00
Joseph Schorr
62f1f5f583 Add basic layer merging tests 2014-09-17 11:50:52 -04:00
Jake Moshenko
75d2ef377e Merge remote-tracking branch 'origin/master' into comewithmeifyouwanttowork
Conflicts:
	data/model/legacy.py
2014-09-15 17:52:17 -04:00
Jake Moshenko
2b59a0cbe1 Merge branch 'master' of bitbucket.org:yackob03/quay 2014-09-15 15:59:18 -04:00
Jake Moshenko
efb66f7c1e Select the random row function based on DB driver. 2014-09-15 15:58:56 -04:00
Joseph Schorr
913b3e472f Add ability to detach external login services 2014-09-15 12:01:02 -04:00
Joseph Schorr
10faa7de84 Only allow users matching the team invite to accept, if the invite was specified for a user (rather than an email) 2014-09-12 14:29:01 -04:00
Jake Moshenko
c01de4a916 Set redis logs entries to expire rather than to immediately delete them to make the logs archiver idempotent. 2014-09-12 13:13:14 -04:00
Jake Moshenko
c5ca46a14b Merge remote-tracking branch 'origin/master' into comewithmeifyouwanttowork
Conflicts:
	data/model/legacy.py
	static/js/app.js
2014-09-12 11:03:30 -04:00
Joseph Schorr
8d3ce44682 Address comments on code review 2014-09-11 15:45:41 -04:00
Jake Moshenko
8b3a3178b0 Finish the build logs archiver, add handlers for cloud and local that handle gzip encoded archived content. 2014-09-11 15:33:10 -04:00
Jake Moshenko
29d40db5ea Add a new RadosGW storage engine. Allow engines to distinguish not only between those that can support direct uploads and downloads, but those that support doing it through the browser. Rename resumeable->resumable. 2014-09-09 15:54:03 -04:00
Joseph Schorr
7c45aca405 Code review changes 2014-09-08 17:20:01 -04:00
Joseph Schorr
63628678b8 Instead of sending DB IDs, send "internal IDs" which are DB IDs hashed. This way, we can still calculate the ancestors without hitting the DB further, but without leaking the size of the images table 2014-09-08 15:02:26 -04:00
Jake Moshenko
64480fd4ed Merge remote-tracking branch 'origin/master' into yellowalert
Conflicts:
	data/migrations/versions/82297d834ad_add_us_west_location.py
	test/data/test.db
2014-09-05 11:30:30 -04:00
Jake Moshenko
19a589ba54 Update the test db to have the google login service. 2014-09-04 20:11:42 -04:00
Joseph Schorr
e783df31e0 Add the concept of require_fresh_login to both the backend and frontend. Sensitive methods will now be marked with the annotation, which requires that the user has performed a login within 10 minutes or they are asked to do so in the UI before running the operation again. 2014-09-04 14:24:20 -04:00
Joseph Schorr
1e7e012b92 Add a requirement for the current password to change the user's password or email address 2014-09-03 15:41:25 -04:00
Jake Moshenko
2dcdd7ba5b Add exponential backoff of login attempts. 2014-09-02 15:27:05 -04:00
Jake Moshenko
2c20fca37e Fix sharing tests and add a test to ensure that uploading images are not shared. 2014-08-29 14:30:49 -04:00
Joseph Schorr
3b72b26836 Merge branch 'master' into comewithmeifyouwanttowork 2014-08-28 20:50:13 -04:00
Joseph Schorr
6ec89bb179 Add Slack notification support 2014-08-26 22:09:56 -04:00
Joseph Schorr
a129aac94b Add ability to regenerate robot account credentials 2014-08-25 17:19:23 -04:00
Joseph Schorr
09a1c4d2b5 Add test fix and make sure Quay ups the connection count in its container 2014-08-25 14:23:21 -04:00
Joseph Schorr
d2880807b2 - Further fixes for license stuff
- Small fixes to ensure Quay works for Postgres
2014-08-21 19:21:20 -04:00
Joseph Schorr
35bd28a77e Add support for the Flowdock Team chat API: https://www.flowdock.com/api/push 2014-08-19 14:33:33 -04:00
Joseph Schorr
43b6695f9c Get team invite confirmation working and fully tested 2014-08-18 17:24:00 -04:00
Joseph Schorr
56d7a3524d Work in progress: Require invite acceptance to join an org 2014-08-15 17:47:43 -04:00
Joseph Schorr
1c3eca6fc9 Fix broken test config 2014-08-07 20:26:53 -04:00
Jake Moshenko
0372013f70 Merge remote-tracking branch 'origin/redalert'
Conflicts:
	app.py
2014-08-04 16:56:34 -04:00
Jake Moshenko
09917ff062 Switch unidecode over to the new anunidecode library and write some tests to validate results. 2014-08-01 15:50:25 -04:00
Jake Moshenko
6b38ddb9b6 Remove the gpled loremipsum module. 2014-07-31 16:46:02 -04:00
Joseph Schorr
7de1dd7dc0 Merge branch 'master' into redalert 2014-07-28 18:35:39 -04:00
Joseph Schorr
32b2ecdfa6 Add ability to dismiss notifications 2014-07-28 18:23:46 -04:00
Joseph Schorr
34fc279092 Add e-mail authorization to the repository notification flow. Also validates the creation of the other notification methods. 2014-07-28 14:58:12 -04:00
Jake Moshenko
d4c41f2b11 Remove the insane repository. 2014-07-22 16:46:19 -04:00
Joseph Schorr
56fec63fcd Add test for API change to entity search 2014-07-22 13:47:35 -04:00
Joseph Schorr
752efb9e0f Fix the spawn_notification to work in all cases and clean up some of the remaining code 2014-07-18 16:34:52 -04:00
Joseph Schorr
8d7493cb86 Convert over to notifications system. Note this is incomplete 2014-07-17 22:51:58 -04:00
Joseph Schorr
de8e898ad0 Add UI for managing repo notifications 2014-07-17 13:32:39 -04:00
Joseph Schorr
a84fe0681a Start on data model changes and API changes for the new repository notification system 2014-07-16 16:30:47 -04:00
Joseph Schorr
5841c1237e Add an "insane" test repo 2014-07-15 15:13:58 -04:00
Joseph Schorr
8ada6f0d50 Make test logs also not hit redis for the actual log data unless the flag is specified 2014-07-11 12:05:33 -04:00
Joseph Schorr
b0c4f5b2f5 - Fix tests to not hit remote Redis endpoint
- Fix convert organization to allow admin email address, in addition to username
- Add test for the above
2014-07-08 18:19:13 -04:00
Jake Moshenko
c338b7d621 Merge remote-tracking branch 'origin/touchdown'
Conflicts:
	static/css/quay.css
	static/js/controllers.js
	test/data/test.db
2014-07-07 15:33:51 -04:00
Jake Moshenko
8530e819d6 Fix the test config to really use an in-memory database. 2014-07-02 19:10:40 -04:00
Jake Moshenko
4e5e8a08de Add a maintenance notification kind and make it of the level warning. 2014-06-27 19:18:27 -04:00
Jake Moshenko
bf98575feb Add the basics of geographic data distribution and get the tests to work. 2014-06-17 16:03:43 -04:00
Jake Moshenko
78c5aec5b9 Switch the checksums to use the registry computed value, remove all assumptions of namespaced paths for legacy storage, fix an upload race condition in the registry code. 2014-06-11 15:37:45 -04:00
Joseph Schorr
c630d7e948 Merge branch 'master' into touchdown
Conflicts:
	static/js/app.js
	static/partials/organizations.html
	test/data/test.db
2014-06-03 13:22:26 -04:00
Jake Moshenko
0057ced98c Move GitHub build trigger behind a feature flag. 2014-05-30 18:28:18 -04:00
Jake Moshenko
2112333875 Update the test config to enable FEATURE_BILLING. 2014-05-30 15:48:20 -04:00
Jake Moshenko
4c1538ca90 Fix the tests with the new license data. 2014-05-29 13:57:57 -04:00
Jake Moshenko
0ba4201020 Add a module which will create notifications for all users when the license is at its expiration period, and terminate the process when the license expires. 2014-05-29 11:24:10 -04:00
Jake Moshenko
a1baba9fac Add the LICENSE_USER_LIMIT to the test config. 2014-05-28 14:06:21 -04:00
Jake Moshenko
0b6552d6cc Fix the metrics so they are usable for scaling the workers down and up. Switch all datetimes which touch the database from now to utcnow. Fix the worker Dockerfile. 2014-05-23 14:16:26 -04:00
Jake Moshenko
f6726bd0a4 Merge branch 'ldapper'
Conflicts:
	Dockerfile
	app.py
	data/database.py
	endpoints/index.py
	test/data/test.db
2014-05-22 12:13:41 -04:00
Jake Moshenko
d14798de1d Add a queue capacity reporter plugin to the queue. Move the queue definitions to app. Add a cloudwatch reporter to the dockerfile build queue. 2014-05-21 19:50:37 -04:00
Jake Moshenko
8c3448080c Merge remote-tracking branch 'origin/master' into touchdown
Conflicts:
	test/data/test.db
2014-05-21 14:43:57 -04:00
Jake Moshenko
c953447ae0 Fix the tests to use a fake build that is not a moving target. 2014-05-20 18:53:00 -04:00
Jake Moshenko
ccc720fd39 Allow diffs to get very large for test cases. 2014-05-20 18:26:29 -04:00
Joseph Schorr
c0f3054781 Fix screenshot generation 2014-05-19 14:14:18 -04:00
Joseph Schorr
73b111f84c Revert changes to the testdb accidentally checked in 2014-05-19 12:54:32 -04:00
Joseph Schorr
abfb86ccce Change button on the tour page to "Start free trial" and have it start the plan signup process 2014-05-19 12:53:30 -04:00
Jake Moshenko
11c6c5fa52 Merge remote-tracking branch 'origin/master' into ldapper
Conflicts:
	app.py
2014-05-13 16:55:02 -04:00
Jake Moshenko
d31c7e1ecf Merge branch 'ldapper' of ssh://bitbucket.org/yackob03/quay into ldapper 2014-05-13 15:22:46 -04:00
Jake Moshenko
5fdccfe3e6 Add an alembic migration for the full initial database with the data. Switch LDAP to using bind and creating a federated login entry. Add LDAP support to the registry and index endpoints. Add a username transliteration and suggestion mechanism. Switch the database and model to require a manual initialization call. 2014-05-13 12:17:26 -04:00
Joseph Schorr
0fd114df84 Add API usage tests for the superuser API 2014-05-12 15:22:58 -04:00
Joseph Schorr
f12970469b Add security tests for the superuser API 2014-05-12 14:45:19 -04:00
Jake Moshenko
bcb993a914 Set up the build logs to use our fake build logs on test and local. 2014-05-09 18:45:11 -04:00
Jake Moshenko
ef9fe871fc Move the upload flag to the database, and use the database stored image size rather than going to s3. 2014-05-02 16:59:46 -04:00
Jake Moshenko
77b9bc05ac Fix tests. 2014-04-30 18:54:59 -04:00
Jake Moshenko
450928674b Use a new caching algorithm which can limit the size for the build nodes. Stop treating public images as special. Add a new phase to the builder for pulling. 2014-04-30 18:48:36 -04:00
Joseph Schorr
d8efb399b0 Merge branch 'tagyourit' 2014-04-17 14:20:28 -04:00
Joseph Schorr
2ae48f7c15 Fix test multiple import issue 2014-04-15 18:51:12 -04:00
jakedt
3f42d15335 Merge remote-tracking branch 'origin/master' into tagyourit
Conflicts:
	static/css/quay.css
	static/js/graphing.js
	static/partials/view-repo.html
	test/data/test.db
2014-04-15 15:58:30 -04:00