Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								8887f09ba8 
								
							 
						 
						
							
							
								
								Use the instance service key for registry JWT signing  
							
							
							
						 
						
							2016-06-07 11:58:10 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								53538f9001 
								
							 
						 
						
							
							
								
								Optimize get_tag_image query  
							
							... 
							
							
							
							No caller uses the image placements or locations, so no need to load them. 
							
						 
						
							2016-06-02 16:36:38 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								cad8746f9d 
								
							 
						 
						
							
							
								
								Merge pull request  #1502  from coreos-inc/image-replication  
							
							... 
							
							
							
							Enable storage replication for V2 and add backfill tool 
							
						 
						
							2016-06-02 15:02:53 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								12924784ce 
								
							 
						 
						
							
							
								
								Enable storage replication for V2 and add backfill tool  
							
							... 
							
							
							
							Fixes  #1501  
						
							2016-06-02 14:36:08 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								ec492bb683 
								
							 
						 
						
							
							
								
								Merge pull request  #1323  from coreos-inc/secworkerreturn  
							
							... 
							
							
							
							Move security notification work into its own method to allow for retu… 
							
						 
						
							2016-06-02 13:59:25 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								48213f9ff9 
								
							 
						 
						
							
							
								
								Reject manifest 2 earlier to make pushes faster  
							
							
							
						 
						
							2016-06-02 12:46:20 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								2317938bfa 
								
							 
						 
						
							
							
								
								Merge pull request  #1496  from jzelinskie/ripRMS  
							
							... 
							
							
							
							dockerfile: add check for GPL pip packages 
							
						 
						
							2016-06-02 12:28:18 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								e5241c6d88 
								
							 
						 
						
							
							
								
								tests: simple test for BuildRequest w/ archive URL  
							
							
							
						 
						
							2016-06-02 12:27:49 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								a18c4dd210 
								
							 
						 
						
							
							
								
								Make exponential back off test try multiple times  
							
							... 
							
							
							
							Slower runtime environments require multiple calls before we hit the 429 
							
						 
						
							2016-06-01 15:00:10 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								a85c3ebff7 
								
							 
						 
						
							
							
								
								Merge pull request  #1457  from coreos-inc/xauth  
							
							... 
							
							
							
							Add support for direct granting of OAuth tokens and add tests 
							
						 
						
							2016-06-01 12:07:12 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								6178371cf5 
								
							 
						 
						
							
							
								
								Merge pull request  #1493  from jzelinskie/noorder  
							
							... 
							
							
							
							queue: explicitly declare ordering requirement 
							
						 
						
							2016-05-31 15:46:39 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								44b56ae2cf 
								
							 
						 
						
							
							
								
								queue: explicitly declare ordering requirement  
							
							... 
							
							
							
							This change defaults the ordering requirement of queue items to be off
and only enables it for the build manager. This should make the queries
for getting queueitems significantly faster for every other use case. 
							
						 
						
							2016-05-27 14:44:30 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								47afbb65dc 
								
							 
						 
						
							
							
								
								Merge pull request  #1490  from coreos-inc/aci-reproduce  
							
							... 
							
							
							
							Make ACI generation consistent across calls 
							
						 
						
							2016-05-26 19:37:01 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								4ec3a6c231 
								
							 
						 
						
							
							
								
								Make ACI generation consistent across calls  
							
							... 
							
							
							
							This will ensure that no matter which signature we write for the generated ACI, it is correct for that image. 
							
						 
						
							2016-05-26 17:09:19 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jake Moshenko 
								
							 
						 
						
							
							
							
							
								
							
							
								8323c51e6e 
								
							 
						 
						
							
							
								
								Extend registry auth to support notary JWTs.  
							
							
							
						 
						
							2016-05-24 13:42:28 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								fa3b342901 
								
							 
						 
						
							
							
								
								Merge pull request  #1483  from coreos-inc/superuser-external-user  
							
							... 
							
							
							
							Fix setup tool when binding to external auth 
							
						 
						
							2016-05-23 17:17:45 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								7933aecf25 
								
							 
						 
						
							
							
								
								Add support for direct granting of OAuth tokens and add tests  
							
							... 
							
							
							
							This allows a client (when authorized in a whitelist) to send direct credentials via a Basic auth header and therefore bypass the OAuth approval UI for that user. 
							
						 
						
							2016-05-23 17:17:06 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								60bbca2185 
								
							 
						 
						
							
							
								
								Fix setup tool when binding to external auth  
							
							... 
							
							
							
							We now query the external auth provider for the external service's identifier before adding the linking row into the database. This fixes the case where the external service resolves a different identifier for the same username.
Fixes  #1477  
							
						 
						
							2016-05-23 17:11:36 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								f670c4c7a9 
								
							 
						 
						
							
							
								
								Change Signer to use the config provider and fix tests  
							
							... 
							
							
							
							Fixes the broken ACI tests 
							
						 
						
							2016-05-23 17:10:03 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								5568cc77b8 
								
							 
						 
						
							
							
								
								remove all default keys ( #1485 )  
							
							... 
							
							
							
							This change:
- Generates a new BitTorrent pepper by default
- Generates a new pagination key by default
- Changes the pagination key format to base64
- Removes selfsigned JWT certs
- Moves test keys to test/data 
							
						 
						
							2016-05-23 16:00:48 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								1365492b28 
								
							 
						 
						
							
							
								
								Fix ACI signing tests  
							
							
							
						 
						
							2016-05-16 13:31:43 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								64fe11a5f1 
								
							 
						 
						
							
							
								
								Add ACI signing tests  
							
							
							
						 
						
							2016-05-13 18:29:57 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								de6b7bc88d 
								
							 
						 
						
							
							
								
								Merge pull request  #1460  from coreos-inc/queuefilebinarydata  
							
							... 
							
							
							
							Add a binary data test for queue file 
							
						 
						
							2016-05-13 16:43:18 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								d74198ee66 
								
							 
						 
						
							
							
								
								Add a binary data test for queue file  
							
							
							
						 
						
							2016-05-13 15:56:06 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								72fd2b76e2 
								
							 
						 
						
							
							
								
								Add basic ACI conversion tests  
							
							
							
						 
						
							2016-05-13 15:50:57 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								a736407611 
								
							 
						 
						
							
							
								
								Fix user:admin scope handling and add test  
							
							
							
						 
						
							2016-05-09 11:16:01 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								343a080833 
								
							 
						 
						
							
							
								
								Make security scan testing much faster  
							
							
							
						 
						
							2016-05-05 13:55:24 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								232fa42897 
								
							 
						 
						
							
							
								
								Add testing of the new secscan-for-local endpoint and fix a bug  
							
							
							
						 
						
							2016-05-04 21:47:03 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jake Moshenko 
								
							 
						 
						
							
							
							
							
								
							
							
								9221a515de 
								
							 
						 
						
							
							
								
								Use the registry API for security scanning  
							
							... 
							
							
							
							when the storage engine doesn't support direct download url 
							
						 
						
							2016-05-04 18:04:06 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								550b9cb2b3 
								
							 
						 
						
							
							
								
								Merge pull request  #1428  from coreos-inc/clair-setup-new  
							
							... 
							
							
							
							Implement setup tool support for Clair 
							
						 
						
							2016-05-04 13:52:54 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								2cbdecb043 
								
							 
						 
						
							
							
								
								Implement setup tool support for Clair  
							
							... 
							
							
							
							Fixes  #1387  
						
							2016-05-04 13:40:50 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								6e2df3b339 
								
							 
						 
						
							
							
								
								Fix key server to not list expired keys  
							
							... 
							
							
							
							Fixes the key server to not list expire keys and by default not return expired or unapproved keys unless explicitly requested.
Fixes  #1430  
							
						 
						
							2016-05-03 17:58:47 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								e502f50c88 
								
							 
						 
						
							
							
								
								tests: add test RSA key for torrent test ( #1427 )  
							
							
							
						 
						
							2016-05-03 13:11:02 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								b89d81d748 
								
							 
						 
						
							
							
								
								test: add missing helpers.py file  
							
							
							
						 
						
							2016-04-29 14:44:52 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								6091db983b 
								
							 
						 
						
							
							
								
								Hide expired keys outside of their staleness window  
							
							
							
						 
						
							2016-04-29 14:10:33 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								4f63a50a17 
								
							 
						 
						
							
							
								
								Change account-less logs to use a user and not null  
							
							... 
							
							
							
							This allows us to skip the migration 
							
						 
						
							2016-04-29 14:09:37 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								28a80ef6a9 
								
							 
						 
						
							
							
								
								Make sure to verify service names on key creation  
							
							
							
						 
						
							2016-04-29 14:09:37 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								5d6e5a42e8 
								
							 
						 
						
							
							
								
								Add delete logging and tests for logging  
							
							
							
						 
						
							2016-04-29 14:09:09 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								bc08ac2749 
								
							 
						 
						
							
							
								
								Fix timeouts in the JWT endpoint tests  
							
							
							
						 
						
							2016-04-29 14:05:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								522cf68c5d 
								
							 
						 
						
							
							
								
								Lots of smaller fixes:  
							
							... 
							
							
							
							- Add the rotation_duration to the keys API
- Have the key service UI use the new rotation_duration field
- Fix notification deletion lookup path
- Add proper support for the new notification in the UI
- Only delete expired keys after 7 days (configurable)
- Fix angular digest loop
- Fix unit tests
- Regenerate initdb 
							
						 
						
							2016-04-29 14:05:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								2805dad64f 
								
							 
						 
						
							
							
								
								test_endpoints: update to use JWT headers  
							
							
							
						 
						
							2016-04-29 14:05:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								cfc15746a6 
								
							 
						 
						
							
							
								
								keyserver: tests!  
							
							
							
						 
						
							2016-04-29 14:05:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								d19eb16b45 
								
							 
						 
						
							
							
								
								keyserver: add generate key function  
							
							... 
							
							
							
							The superuser API, initdb, and tests will all need this functionality. 
							
						 
						
							2016-04-29 14:05:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								23a8a29654 
								
							 
						 
						
							
							
								
								More tests  
							
							
							
						 
						
							2016-04-29 14:05:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								b0dac1d27e 
								
							 
						 
						
							
							
								
								initdb: add unapproved service key  
							
							
							
						 
						
							2016-04-29 14:05:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								fb1dca4e94 
								
							 
						 
						
							
							
								
								Add API usage tests  
							
							
							
						 
						
							2016-04-29 14:05:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								11ff3e9b59 
								
							 
						 
						
							
							
								
								keys ui WIP  
							
							
							
						 
						
							2016-04-29 14:05:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								dc593c0197 
								
							 
						 
						
							
							
								
								tests: shell of key server tests  
							
							
							
						 
						
							2016-04-29 13:38:25 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								bbaeaffbdb 
								
							 
						 
						
							
							
								
								run initdb for service keys  
							
							
							
						 
						
							2016-04-29 13:38:25 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								9e88b1413d 
								
							 
						 
						
							
							
								
								Merge pull request  #1325  from coreos-inc/blobuncompressedsize  
							
							... 
							
							
							
							Fix uncompressed size for blob store and add test 
							
						 
						
							2016-04-28 13:15:33 -04:00