Evan Cordell
2242c6773d
Add 'Automatic' ServiceKeyApprovalType
2016-04-29 14:10:33 -04:00
Joseph Schorr
4f63a50a17
Change account-less logs to use a user and not null
...
This allows us to skip the migration
2016-04-29 14:09:37 -04:00
Jimmy Zelinskie
370ac3ecd0
service keys: add rotation_duration field
2016-04-29 14:05:16 -04:00
Joseph Schorr
11ff3e9b59
keys ui WIP
2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
dff59b4a39
service key migration
2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
42b5196b21
add notification path and use for service keys
2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
f406942984
converging on proper rotation
2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
35ed73e195
rework superuser api
2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
4079dba167
service keys: do all the right stuff
2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
499bb16306
service key server wip
2016-04-29 13:38:25 -04:00
Joseph Schorr
c0374d71c9
Refactor the security worker and API calls and add a bunch of tests
2016-02-25 12:29:41 -05:00
Joseph Schorr
abd2e3c234
V1 Docker ID <-> V2 layer SHA mismatch fix
...
Fix handling of V1 Docker ID <-> V2 layer SHA mismatch by dynamically rewriting the manifest to use new synthesized IDs for all layers above the mismatch. Also adds a bunch of tests for this and other use cases, fixes a bug around manifest digest uniqueness and fixes the 5.5 migration for MySQL.
2016-02-12 17:39:27 +02:00
Jake Moshenko
fe2bdeb6cb
Require some data from all models in initdb
2016-01-19 15:30:27 -05:00
Jake Moshenko
8ab6c8a22d
Fix torrent hash generation to work in mixed stacks
2016-01-11 16:43:46 -05:00
Jake Moshenko
1ae101c917
Address torrent feature review comments.
2016-01-08 16:38:21 -05:00
Jake Moshenko
77aa58996a
Fix the db definition for torrentinfo and add migration
2016-01-06 14:04:03 -05:00
Jake Moshenko
ce8fcbeaae
Update the pieces to use base64 encoded binary
2016-01-04 16:17:51 -05:00
Jake Moshenko
fe87d3c796
Hash and track layer file chunks for torrenting
2016-01-04 16:17:51 -05:00
Joseph Schorr
10efa96009
Add support for custom billing invoice email address
...
Fixes #782
2015-12-28 13:59:50 -05:00
Joseph Schorr
94ece129d4
Remove remaining recursive queries on repo delete and add test
2015-12-18 16:04:03 -05:00
Joseph Schorr
2e7835c372
Fix user deletion under MySQL
...
Fixes #973
2015-12-17 15:05:15 -05:00
Joseph Schorr
9698d6f6a0
Add created column to blob upload
...
Fixes first half of #1054
2015-12-14 15:27:48 -05:00
Joseph Schorr
54095eb5cb
Handle the common case of one chunk when calculating the uncompressed size
...
Reference #992
2015-12-14 15:27:48 -05:00
Joseph Schorr
0f7c8105b0
Remove DerivedImageStorage table
2015-11-25 11:46:59 -05:00
Joseph Schorr
762cd56e64
Change derived storage to be based on image
...
Fixes #971
2015-11-24 12:44:07 -05:00
Jake Moshenko
18b14001b4
Add indices for the security worker fields on Image
...
Fixes #906
2015-11-18 13:29:51 -05:00
Jake Moshenko
206e18d160
Image parents do not have to be nulled transitively on repo delete
2015-11-17 16:48:26 -05:00
Jake Moshenko
e252397292
Switch parent back to a ForeignKeyField without a constraint
2015-11-17 16:09:33 -05:00
Jake Moshenko
a1ccd860e7
Merge pull request #823 from coreos-inc/phase3-11-07-2015
...
Phase3 11 07 2015
2015-11-11 14:22:19 -05:00
Joseph Schorr
2d2662f53f
Fix deleting repos and images under MySQL
...
MySQL doesn't handle constraints at the end of transactions, so deleting images currently fails. This removes the constraint and just leaves parent_id as an int
2015-11-09 14:42:05 -05:00
Jake Moshenko
ad93425ead
Stop writing to v1 checksum on ImageStorage
2015-11-06 16:40:04 -05:00
Joseph Schorr
0f3db709ea
Add a vulnerability_found event for notice when we detect a vuln
...
Fixes #637
Note: This PR does *not* actually raise the event; it merely adds support for it
2015-11-06 15:22:18 -05:00
Quentin Machu
f59e35cc81
Add support for Quay's vulnerability tool
2015-11-06 15:22:18 -05:00
Jake Moshenko
3d0bcbaaeb
Move v1 checksums to image and track v2 separately
2015-11-06 15:17:55 -05:00
Joseph Schorr
bbf4a1fac4
Remove the used_legacy_github column
2015-11-06 15:17:55 -05:00
Jake Moshenko
cb7ec2f239
Backport remaining v2 changes to phase4
2015-10-24 15:00:13 -04:00
Jake Moshenko
9da64f3aba
Stop writing to deprecated columns for image data.
2015-10-24 14:45:15 -04:00
josephschorr
217779273f
Merge pull request #503 from coreos-inc/ghmigrate
...
Migrate all GitHub build triggers to use deploy keys
2015-09-16 18:32:32 -04:00
Joseph Schorr
eff9ff7a66
Migrate all GitHub build triggers to use deploy keys
2015-09-16 17:55:51 -04:00
Silas Sewell
0a48f1cfb0
Merge pull request #495 from coreos-inc/quay-versions
...
Add quay releases
2015-09-16 17:29:58 -04:00
Silas Sewell
386c017d99
Add quay releases
2015-09-16 17:18:46 -04:00
Joseph Schorr
30379a2dd8
Fix interleaved repo delete with RAC via a transaction
...
The RepositoryActionCount table can have entries added while a repository deletion is in progress. We now perform the repository deletion under a transaction and explicitly test for RAC entries in the deletion unit test (which doesn't test interleaving, but it was missing this check).
Fixes #494
2015-09-16 15:34:32 -04:00
Jake Moshenko
b56de3355c
Migrate data back to Image in preparation for v2
2015-09-15 11:53:31 -04:00
Joseph Schorr
724b1607d7
Add automatic storage replication
...
Adds a worker to automatically replicate data between storages and update the database accordingly
2015-09-01 14:53:32 -04:00
Joseph Schorr
84276ee945
Better notifications UI
...
Fixes #369
2015-08-17 17:08:58 -04:00
Joseph Schorr
9f2d6282bd
Add missing index on retries_remaining
2015-08-04 18:01:28 -04:00
Joseph Schorr
3d6c92901c
Switch to using an aggregated logs query and infinite scrolling
...
This should allow users to work with large logs set.
Fixes #294
2015-07-31 16:38:02 -04:00
Joseph Schorr
ac1b46e7ec
Add missing migration
2015-07-22 16:19:10 -04:00
Jake Moshenko
3efaa255e8
Accidental refactor, split out legacy.py into separate sumodules and update all call sites.
2015-07-17 11:56:15 -04:00
Jake Moshenko
bea8b9ac53
More changes for registry-v2 in python.
...
Implement the minimal changes to the local filesystem storage driver and feed them through the distributed storage driver.
Create a digest package which contains digest_tools and checksums.
Fix the tests to use the new v1 endpoint locations.
Fix repository.delete_instance to properly filter the generated queries to avoid most subquery deletes, but still generate them when not explicitly filtered.
2015-07-17 11:50:41 -04:00
Jake Moshenko
acbcc2e206
Start of a v2 API.
2015-07-17 11:50:41 -04:00
Joseph Schorr
3ba321934f
Fix deletion of robot accounts when attached to builds
...
Fixes #204
2015-06-30 22:56:44 +03:00
Jimmy Zelinskie
756d6784ca
Merge pull request #192 from coreos-inc/sqlssl
...
Allow SSL cert for the database to be configured
2015-06-29 13:33:31 -04:00
Joseph Schorr
dc5af7496c
Allow superusers to disable user accounts
2015-06-29 18:40:52 +03:00
Joseph Schorr
bb07d0965f
Allow SSL cert for the database to be configured
...
This change adds a field for the SSL cert for the database in the setup tool. Fixes #89
2015-06-29 08:08:10 +03:00
Jake Moshenko
79f1181a63
Switch build-scheduled to an official build phase.
2015-06-10 16:19:51 -04:00
Joseph Schorr
a59100b231
Add the missing index on the peewee side. We already have the associated migration.
2015-04-30 15:56:40 -04:00
Jimmy Zelinskie
93cd459460
Merge branch 'master' into git
2015-04-20 10:58:49 -04:00
Joseph Schorr
2815ea2723
Merge branch 'master' of github.com:coreos-inc/quay
2015-04-19 15:16:39 -04:00
Jimmy Zelinskie
ba2cb08904
Merge branch 'master' into git
2015-04-16 17:38:35 -04:00
Joseph Schorr
f19d2f684e
Add ability to revert tags via time machine
2015-04-16 17:18:00 -04:00
Joseph Schorr
3f1e8f3c27
Add a RepositoryActionCount table so we can use it (instead of LogEntry) when scoring repo search results
2015-04-13 13:31:07 -04:00
Joseph Schorr
1df025b57e
Change search to use a set of queries for repo lookup rather than a single monolithic query, in the hopes that this will make things significantly faster and actually useable. The individual queries have been tested by hand on MySQL, but the real test will be staging
2015-04-10 15:27:37 -04:00
Jimmy Zelinskie
da15eda2bf
migration: make auth_token for builds nullable
2015-03-27 11:20:30 -04:00
Jake Moshenko
201943ed1c
Fix deadlocks with tags and garbage collection.
2015-03-24 18:00:04 -04:00
Jimmy Zelinskie
9c55aca011
migration: make resource_key nullable
2015-03-23 15:46:35 -04:00
Jimmy Zelinskie
93a9e9d01a
migration: add private key to build triggers
2015-03-19 14:30:25 -04:00
Joseph Schorr
afc8e95e19
Start on new tag view
2015-03-09 22:03:39 -07:00
Joseph Schorr
86447c0a99
Merge branch 'master' into pagesnew
2015-03-05 14:22:10 -05:00
Jimmy Zelinskie
fb0d3d69c2
changes to reflect PR comments (not finished)
2015-02-24 17:50:54 -05:00
Joseph Schorr
5f605b7cc8
Fix queue handling to remove the dependency from repobuild, and have a cancel method
2015-02-23 13:38:01 -05:00
Jimmy Zelinskie
917dd6b674
Merge branch 'master' into star
2015-02-18 17:36:58 -05:00
Jake Moshenko
41108a0856
Allow tags to be marked as hidden. Create a hidden tag on every image during a push to prevent them from getting GCed.
2015-02-18 17:05:16 -05:00
Jake Moshenko
2dd03f1bed
Merge remote-tracking branch 'origin/master' into rockyhorror
...
Conflicts:
test/data/test.db
2015-02-18 10:56:01 -05:00
Joseph Schorr
83e05d2342
Add tracking of the kind of temporary access tokens, so we can display if a pull/push by token is for a build worker
2015-02-17 12:35:16 -05:00
Joseph Schorr
81ce4c771e
Add ability to cancel builds that are in the waiting state
2015-02-13 15:54:01 -05:00
Jake Moshenko
4a921a49b9
Merge remote-tracking branch 'origin/master' into rockyhorror
2015-02-12 16:24:30 -05:00
Joseph Schorr
f84d1bad45
Handle internal errors in a better fashion: If a build would be marked as internal error, only do so if there are retries remaining. Otherwise, we mark it as failed (since it won't be rebuilt anyway)
2015-02-12 16:19:44 -05:00
Jake Moshenko
872539bdbf
Switch to a per-namespace configurable expiration policy for time machine, and switch the tag gc to respect it.
2015-02-12 14:11:56 -05:00
Jake Moshenko
90c0a9c1e0
First stab at time machine using fixed two week expiration policy.
2015-02-11 14:15:40 -05:00
Joseph Schorr
cf774e23df
Merge branch 'master' into v2
2015-02-05 15:37:14 -05:00
Joseph Schorr
bfb0784abc
Add signing to the ACI converter
2015-02-04 15:29:24 -05:00
Jake Moshenko
64750e31fc
Add the ability to select for update within transactions to fix some write after read hazards. Fix a bug in extend_processing.
2015-01-30 16:32:13 -05:00
Joseph Schorr
92d32bc636
Make the DB health check first attempt a simple DB connection. If the database is in the middle of a failover, this will fail after 3 seconds (the connection timeout specified), rather than hanging and causing the ELB health checks to timeout and fail.
2015-01-20 14:46:22 -05:00
Joseph Schorr
15a69ac872
Change robot deletions to set the performer to null, rather than attempting to delete the rows from the large log entries table
2015-01-14 12:56:06 -05:00
Jimmy Zelinskie
97b605ca8d
Fix starring after rebase.
2014-12-03 12:20:51 -08:00
Jimmy Zelinskie
eb956e5b7d
initial work on adding models for starring repos.
...
I'm sick of using `git stash`.
2014-12-02 17:31:21 -08:00
Jimmy Zelinskie
f3259c862b
Merge branch 'koh'
...
Conflicts:
auth/scopes.py
requirements-nover.txt
requirements.txt
static/css/quay.css
static/directives/namespace-selector.html
static/js/app.js
static/partials/manage-application.html
templates/oauthorize.html
2014-12-01 12:30:09 -08:00
Joseph Schorr
72d613614d
Merge branch 'bagger'
2014-12-01 12:48:59 -05:00
Joseph Schorr
e9cac407df
Add a configurable avatar system and add an internal avatar system for enterprise
2014-11-24 19:25:13 -05:00
Joseph Schorr
b8e873b00b
Add support to the build system for tracking if/when the build manager crashes and make sure builds are restarted within a few minutes
2014-11-21 14:27:06 -05:00
Jake Moshenko
e863b96166
Tweak the uuid backfill to leave the uuid column nullable.
2014-11-19 15:32:30 -05:00
Jimmy Zelinskie
606ad21bec
Apply reviewed changes.
...
Adds a length to the UUID field, renames QuayDeferredPermissionUser
parameter id->uuid, adds transactions to backfill script.
2014-11-19 13:28:16 -05:00
Jimmy Zelinskie
9d677b8eb3
Add UUID to User model and use in cookie.
2014-11-19 13:28:16 -05:00
Joseph Schorr
178c5a7ac0
Add an index to the docker_image_id for faster lookup
2014-11-13 12:51:50 -05:00
Joseph Schorr
eddcc02ea6
Make repository deletes much faster by adding custom deletion code and have additional tests to verify the deletion code paths
2014-11-10 23:05:20 -05:00
Joseph Schorr
e7cbda86f7
Merge branch 'perf'
2014-11-10 21:52:27 -05:00
Joseph Schorr
091f821a6a
- Rename get_repo_image to get_repo_image_extended and get_repo_image_directly to get_repo_image
...
- Remove the configure call from CloseForLongOperation
- Other small fixes
2014-11-10 13:44:36 -05:00
Joseph Schorr
72fedef097
Move the robot deletion code into a delete_instance method on the User object
2014-11-10 13:18:17 -05:00
Joseph Schorr
158acd4f41
- Turn on foreign key constraint checking in the tests
...
- Change all ForeignKeyField's that refer to users to use our custom class, and mark those that allow robots
- Change robot delete to only execute the subset of queries necessary to actually delete robots
2014-11-07 12:05:21 -05:00
Joseph Schorr
d5bbb57481
Change registry code to disconnect from the DB before long I/O operations
2014-11-06 18:00:52 -05:00
Joseph Schorr
23d9bd2b42
Change verbs to use short lived database connections
2014-11-06 17:50:48 -05:00
Jake Moshenko
328db8b660
Split the app into separate backends, which can use different worker types and different timeouts.
2014-10-14 13:58:08 -04:00
Jake Moshenko
fe59ad4fb5
Rectify our prod database, previous migrations, and database definition files.
2014-10-07 16:03:57 -04:00
Joseph Schorr
f4daa5e97b
- Update the migrations tool to verify migrations work up and down for both MySQL and PostgresSQL.
...
- Add migrations for the squashed image tables and for backfilling the uncompressed sizes
- Make sure gzip stream uses a max length when determining the uncompressed size
2014-10-07 15:29:56 -04:00
Joseph Schorr
f38ce51943
Merge master into laffa
2014-10-07 14:03:17 -04:00
Jake Moshenko
4ad592e7ce
Add an index to the image storage uuid to improve performance.
2014-10-06 18:44:37 -04:00
Jake Moshenko
fbc7ee3bce
Phase 3 of the namespace migration, remove write references to the namespace string column.
2014-09-29 15:44:25 -04:00
Jake Moshenko
03190efde3
Phase 2 of migrating repo namespaces to referencing user objects, backfilling the rows without a value for namespace_user, and changing all accesses to go through the namespace_user object. All tests are passing, manual testing still required.
2014-09-24 18:01:35 -04:00
Joseph Schorr
86dfca2e3e
Add uncompressed size field to the image storage and add a backfill script (which is not yet automatically called)
2014-09-23 14:01:27 -04:00
Joseph Schorr
ba0963a81c
Update the worker code to better handle exceptions, fix the utcdate issue and make sure we send the proper retry. Also updates notification workers to send JobExceptions rather than returning true or false
2014-09-23 11:01:50 -04:00
Jake Moshenko
3259cda000
The new strategy is to do a three phase migration. This is the first phase: getting the namespace user in the db and written for all new repositories.
2014-09-22 17:27:02 -04:00
Jake Moshenko
8626d1cd70
Initial changes to move repositories from using a namespace string to referencing a user object. Also stores the user id in the cookie rather than the username, to allow users to be renamed. This commit must not be used unmodified because the database migration is too aggressive for live migration.
2014-09-19 10:17:23 -04:00
Jake Moshenko
11bb8e6448
Actually store the generated image storage in the database, and allow it to be garbage collected when the parent image storage is collected.
2014-09-18 17:26:40 -04:00
Joseph Schorr
e3c52fa0eb
Work in progress. This is currently broken!
2014-09-16 00:18:57 -04:00
Jake Moshenko
75d2ef377e
Merge remote-tracking branch 'origin/master' into comewithmeifyouwanttowork
...
Conflicts:
data/model/legacy.py
2014-09-15 17:52:17 -04:00
Jake Moshenko
efb66f7c1e
Select the random row function based on DB driver.
2014-09-15 15:58:56 -04:00
Jake Moshenko
c5ca46a14b
Merge remote-tracking branch 'origin/master' into comewithmeifyouwanttowork
...
Conflicts:
data/model/legacy.py
static/js/app.js
2014-09-12 11:03:30 -04:00
Joseph Schorr
8d3ce44682
Address comments on code review
2014-09-11 15:45:41 -04:00
Jake Moshenko
451e034ca1
Archived logs commit 1. Squash me.
2014-09-08 16:43:17 -04:00
Joseph Schorr
e028d4ae0a
Merge master into branch
2014-09-04 18:08:18 -04:00
Jake Moshenko
2dcdd7ba5b
Add exponential backoff of login attempts.
2014-09-02 15:27:05 -04:00
Joseph Schorr
3b72b26836
Merge branch 'master' into comewithmeifyouwanttowork
2014-08-28 20:50:13 -04:00
Joseph Schorr
d2880807b2
- Further fixes for license stuff
...
- Small fixes to ensure Quay works for Postgres
2014-08-21 19:21:20 -04:00
Joseph Schorr
43b6695f9c
Get team invite confirmation working and fully tested
2014-08-18 17:24:00 -04:00
Joseph Schorr
56d7a3524d
Work in progress: Require invite acceptance to join an org
2014-08-15 17:47:43 -04:00
Joseph Schorr
389c88a7c4
Update federated login to store metadata and have the UI pull the information from the metadata
2014-08-11 18:25:01 -04:00
Joseph Schorr
32b2ecdfa6
Add ability to dismiss notifications
2014-07-28 18:23:46 -04:00
Joseph Schorr
34fc279092
Add e-mail authorization to the repository notification flow. Also validates the creation of the other notification methods.
2014-07-28 14:58:12 -04:00
Joseph Schorr
8d7493cb86
Convert over to notifications system. Note this is incomplete
2014-07-17 22:51:58 -04:00
Joseph Schorr
a84fe0681a
Start on data model changes and API changes for the new repository notification system
2014-07-16 16:30:47 -04:00
Jake Moshenko
5645b6da32
Add support for read slave databases.
2014-07-02 19:10:24 -04:00
Jake Moshenko
bf98575feb
Add the basics of geographic data distribution and get the tests to work.
2014-06-17 16:03:43 -04:00
Jake Moshenko
78c5aec5b9
Switch the checksums to use the registry computed value, remove all assumptions of namespaced paths for legacy storage, fix an upload race condition in the registry code.
2014-06-11 15:37:45 -04:00
Jake Moshenko
0ba4201020
Add a module which will create notifications for all users when the license is at its expiration period, and terminate the process when the license expires.
2014-05-29 11:24:10 -04:00
Jake Moshenko
f6726bd0a4
Merge branch 'ldapper'
...
Conflicts:
Dockerfile
app.py
data/database.py
endpoints/index.py
test/data/test.db
2014-05-22 12:13:41 -04:00
Jake Moshenko
e1a5a3e543
Temporarily remove the db pool until we can figure out why they are running out of connections.
2014-05-19 17:14:23 -04:00
Jake Moshenko
5fdccfe3e6
Add an alembic migration for the full initial database with the data. Switch LDAP to using bind and creating a federated login entry. Add LDAP support to the registry and index endpoints. Add a username transliteration and suggestion mechanism. Switch the database and model to require a manual initialization call.
2014-05-13 12:17:26 -04:00
Jake Moshenko
feb7ad8dd1
Use the pooled mysql database.
2014-05-07 12:37:45 -04:00
Jake Moshenko
ef9fe871fc
Move the upload flag to the database, and use the database stored image size rather than going to s3.
2014-05-02 16:59:46 -04:00
jakedt
61a6db236f
Finish the implementation of local userfiles. Strip charsets from mimetypes in the build worker. Add canonical name ordering to the build queue. Port all queues to the canonical naming version.
2014-04-11 18:34:47 -04:00
jakedt
8fac0474b5
Get staging to run under docker on an EC2 host.
2014-04-10 18:30:09 -04:00
jakedt
4f3fa34206
Remove test field from the database definition.
2014-04-09 19:13:46 -04:00
jakedt
fc7756a3c2
Add alembic plumbing for database schema migrations.
2014-04-09 19:11:33 -04:00
jakedt
265fa5070a
Fix support for multiple stack configurations and move most secrets into the quay-config project.
2014-04-07 16:59:22 -04:00
Joseph Schorr
9a79d1562a
Change to store the pull robot on the repository build and only add the credentials to the queue item. This prevents the credentials from being exposed to the end user. Also fixes the restart build option
2014-04-01 21:49:06 -04:00
Joseph Schorr
2006917e03
Add support for pull credentials on builds and build triggers
2014-03-27 18:33:13 -04:00
jakedt
afb3a67b7b
Switch the data to a textfield for authorization codes.
2014-03-25 16:06:34 -04:00
jakedt
b81e48cb41
Merge branch 'swaggerlikeus' of ssh://bitbucket.org/yackob03/quay into swaggerlikeus
...
Conflicts:
test/data/test.db
2014-03-25 12:43:09 -04:00
jakedt
cbc40588cb
Finally figure out what the data field is supposed to be for and use it to implement and fix 3LO.
2014-03-25 12:42:40 -04:00