Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								bb07d0965f 
								
							 
						 
						
							
							
								
								Allow SSL cert for the database to be configured  
							
							... 
							
							
							
							This change adds a field for the SSL cert for the database in the setup tool. Fixes  #89  
							
						 
						
							2015-06-29 08:08:10 +03:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								07439328a4 
								
							 
						 
						
							
							
								
								Remove user_exists endpoint from all auth systems  
							
							
							
						 
						
							2015-06-23 17:33:51 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								331c300893 
								
							 
						 
						
							
							
								
								Refactor JWT auth to not import app locally  
							
							
							
						 
						
							2015-06-17 15:53:21 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								e7fa560787 
								
							 
						 
						
							
							
								
								Add support for custom fields in billing invoices  
							
							... 
							
							
							
							Customers (especially in Europe) need the ability to add Tax IDs, VAT IDs, and other custom fields to their invoices.
Fixes  #106  
							
						 
						
							2015-06-12 16:45:01 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								90b4f0a2ed 
								
							 
						 
						
							
							
								
								Fix default log archive location for ER  
							
							... 
							
							
							
							Before this change, the ER was using the default of 'local_us' from the base config, which is incorrect, and caused no logs to be archived. 
							
						 
						
							2015-06-11 13:43:29 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								457ee7306e 
								
							 
						 
						
							
							
								
								Parenthesis fix on the JWT auth error message  
							
							
							
						 
						
							2015-06-10 16:00:25 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jake Moshenko 
								
							 
						 
						
							
							
							
							
								
							
							
								2a2414d6af 
								
							 
						 
						
							
							
								
								Merge pull request  #60  from coreos-inc/jwtauthentication  
							
							... 
							
							
							
							Add support for an external JWT-based authentication system 
							
						 
						
							2015-06-05 13:37:42 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								8aac3fd86e 
								
							 
						 
						
							
							
								
								Add support for an external JWT-based authentication system  
							
							... 
							
							
							
							This authentication system hits two HTTP endpoints to check and verify the existence of users:
Existance endpoint:
GET http://endpoint/  with Authorization: Basic (username:) =>
    Returns 200 if the username/email exists, 4** otherwise
Verification endpoint:
GET http://endpoint/  with Authorization: Basic (username:password) =>
    Returns 200 and a signed JWT with the user's username and email address if the username+password validates, 4** otherwise with the body containing an optional error message
The JWT produced by the endpoint must be issued with an issuer matching that configured in the config.yaml, and the audience must be "quay.io/jwtauthn". The JWT is signed using a private key and then validated on the Quay.io side with the associated public key, found as "jwt-authn.cert" in the conf/stack directory. 
							
						 
						
							2015-06-05 13:20:10 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								c0e995c1d4 
								
							 
						 
						
							
							
								
								Merge branch 'master' into nolurk  
							
							
							
						 
						
							2015-06-02 13:55:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								dd28a845db 
								
							 
						 
						
							
							
								
								Fix NPE in cache control decorator  
							
							
							
						 
						
							2015-05-28 13:22:42 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								ac239ec4ee 
								
							 
						 
						
							
							
								
								Make sure to only split into two parts max  
							
							
							
						 
						
							2015-05-20 14:54:41 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								54992c23b7 
								
							 
						 
						
							
							
								
								Add a feature flag for disabling unauthenticated access to the registry in its entirety.  
							
							
							
						 
						
							2015-05-19 17:52:44 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								2379af71f8 
								
							 
						 
						
							
							
								
								Parse the client secret properly  
							
							
							
						 
						
							2015-05-18 15:01:37 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								fb8e718c44 
								
							 
						 
						
							
							
								
								Fix OAuth 2 handler to support retrieving parameters from other places; various OAuth client (such as the Go library) send the values in the request body or even the Auth header  
							
							
							
						 
						
							2015-05-18 12:38:39 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								4f2a1b3734 
								
							 
						 
						
							
							
								
								Add setup UI for the new trigger types (bitbucket and gitlab) and add validation  
							
							
							
						 
						
							2015-05-03 11:50:26 -07:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								d07f9f04e9 
								
							 
						 
						
							
							
								
								UI and code improvements to make working with the multiple SCMs easier  
							
							
							
						 
						
							2015-05-03 10:38:11 -07:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								3ac884beb4 
								
							 
						 
						
							
							
								
								gitlab oauth  
							
							
							
						 
						
							2015-05-02 17:54:48 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								c480fb2105 
								
							 
						 
						
							
							
								
								Work in progress: bitbucket support  
							
							
							
						 
						
							2015-04-24 15:13:08 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								ba2cb08904 
								
							 
						 
						
							
							
								
								Merge branch 'master' into git  
							
							
							
						 
						
							2015-04-16 17:38:35 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								3cd11c8f45 
								
							 
						 
						
							
							
								
								GitHub login fixes:  
							
							... 
							
							
							
							- Allow for case insensitivity in the org name list
  - Remove the check for verified email addresses when under Enterprise; it isn't supported there. 
							
						 
						
							2015-04-16 12:17:39 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								036c8e56e0 
								
							 
						 
						
							
							
								
								Add proper error handling when the config volume is mounted in a read-only state.  
							
							
							
						 
						
							2015-04-02 18:54:09 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								5cd500257d 
								
							 
						 
						
							
							
								
								Merge branch 'master' into orgview  
							
							
							
						 
						
							2015-04-01 13:56:49 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								27a9b84587 
								
							 
						 
						
							
							
								
								Switch avatars to be built out of CSS and only overlayed with the gravatar when a non-default exists  
							
							
							
						 
						
							2015-03-30 17:55:04 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								aaf1b23e98 
								
							 
						 
						
							
							
								
								Address CL concerns and switch to a real encryption system  
							
							
							
						 
						
							2015-03-26 15:10:58 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								85d6500daa 
								
							 
						 
						
							
							
								
								Merge resistanceisfutile into master  
							
							
							
						 
						
							2015-03-23 15:39:08 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								f6f93e9079 
								
							 
						 
						
							
							
								
								consolidate everything into one GitHub trigger  
							
							
							
						 
						
							2015-03-19 17:12:27 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								5a29218c5c 
								
							 
						 
						
							
							
								
								Merge branch 'master' into git  
							
							
							
						 
						
							2015-03-19 12:10:34 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								288f847e9a 
								
							 
						 
						
							
							
								
								util.ssh: reorder return args  
							
							
							
						 
						
							2015-03-18 17:32:59 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								b8d88c0f4e 
								
							 
						 
						
							
							
								
								Add aggregate size column and a migration to backfill it  
							
							
							
						 
						
							2015-03-16 18:03:17 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								360aa69d92 
								
							 
						 
						
							
							
								
								Fix LDAP error and url handling to be more clear for the end user  
							
							
							
						 
						
							2015-03-16 14:33:53 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								c9d955e432 
								
							 
						 
						
							
							
								
								util.ssh: generate ssh key method  
							
							
							
						 
						
							2015-03-16 13:37:27 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								47675b88f5 
								
							 
						 
						
							
							
								
								analytics: fix misspelled class name  
							
							
							
						 
						
							2015-03-06 12:02:13 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								2e840654d3 
								
							 
						 
						
							
							
								
								PR changes  
							
							
							
						 
						
							2015-03-05 12:07:39 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								4f04ad2acd 
								
							 
						 
						
							
							
								
								Change ImageTree to only use a single loop over the images when building. This should be slightly faster on large image sets  
							
							
							
						 
						
							2015-03-04 16:53:22 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								4ca5d9b04b 
								
							 
						 
						
							
							
								
								Add support for filtering github login by org  
							
							
							
						 
						
							2015-03-03 19:58:42 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								2c662b7861 
								
							 
						 
						
							
							
								
								Make sure to specify a default mail sender when validating emails. Unfortunately for us, flask-mail by default uses the sender from the *global* app instance, rather than the one specified in the Mail(...) call. This was breaking validation.  
							
							
							
						 
						
							2015-03-03 13:56:32 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jake Moshenko 
								
							 
						 
						
							
							
							
							
								
							
							
								24ab0ae53a 
								
							 
						 
						
							
							
								
								Fix some problems with off by one in the id condition when deleteing temporary access tokens.  
							
							
							
						 
						
							2015-02-20 16:23:36 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jake Moshenko 
								
							 
						 
						
							
							
							
							
								
							
							
								f7b5221391 
								
							 
						 
						
							
							
								
								Merge branch 'master' of github.com:coreos-inc/quay  
							
							
							
						 
						
							2015-02-20 16:07:34 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jake Moshenko 
								
							 
						 
						
							
							
							
							
								
							
							
								3bbe064291 
								
							 
						 
						
							
							
								
								Add a script for deleting the old temporary access tokens in small batches.  
							
							
							
						 
						
							2015-02-20 16:07:31 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								9c6b029f87 
								
							 
						 
						
							
							
								
								cloudwatch: update docs  
							
							
							
						 
						
							2015-02-20 16:07:02 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								47f8cb77c4 
								
							 
						 
						
							
							
								
								Merge pull request  #11  from coreos-inc/nimbus  
							
							... 
							
							
							
							CloudWatch for build job status 
							
						 
						
							2015-02-18 17:17:28 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								9ab3554226 
								
							 
						 
						
							
							
								
								buildreporter: does not execute in a coroutine!  
							
							
							
						 
						
							2015-02-18 17:11:45 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								0d38e0b00b 
								
							 
						 
						
							
							
								
								metrics: use config['name'] to get metric conf  
							
							
							
						 
						
							2015-02-18 16:05:36 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								f53dea46b7 
								
							 
						 
						
							
							
								
								buildman: address PR  #11  comments  
							
							
							
						 
						
							2015-02-18 14:13:36 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								c69aea1262 
								
							 
						 
						
							
							
								
								Fix invoice address  
							
							
							
						 
						
							2015-02-18 11:57:13 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								ef8d320c95 
								
							 
						 
						
							
							
								
								cloudwatch: global before reading queue  
							
							... 
							
							
							
							Technically, it isn't necessary to use the global keyword before reading
a global value, only modifying it. However, in this case it leaves a
pretty annoying log line. 
							
						 
						
							2015-02-17 13:13:12 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								6a1dd376c2 
								
							 
						 
						
							
							
								
								util: add cloudwatch package  
							
							... 
							
							
							
							This isolates the CloudWatch sending thread to it's own package where it
can be shared among any other packages that want to asynchronously send
metrics to CloudWatch. 
							
						 
						
							2015-02-14 16:30:10 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jake Moshenko 
								
							 
						 
						
							
							
							
							
								
							
							
								2ce6e76d9d 
								
							 
						 
						
							
							
								
								Add the required migration for time machine tag lifetimes.  
							
							
							
						 
						
							2015-02-13 14:41:08 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								7a199f63eb 
								
							 
						 
						
							
							
								
								Various small fixes and add support for subjectAltName to the SSL cert check  
							
							
							
						 
						
							2015-02-12 14:00:26 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								f107b50a46 
								
							 
						 
						
							
							
								
								Merge branch 'master' into ackbar  
							
							
							
						 
						
							2015-02-12 12:04:45 -05:00