Commit graph

316 commits

Author SHA1 Message Date
Evan Cordell
2242c6773d Add 'Automatic' ServiceKeyApprovalType 2016-04-29 14:10:33 -04:00
Joseph Schorr
4f63a50a17 Change account-less logs to use a user and not null
This allows us to skip the migration
2016-04-29 14:09:37 -04:00
Jimmy Zelinskie
370ac3ecd0 service keys: add rotation_duration field 2016-04-29 14:05:16 -04:00
Joseph Schorr
11ff3e9b59 keys ui WIP 2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
dff59b4a39 service key migration 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
42b5196b21 add notification path and use for service keys 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
f406942984 converging on proper rotation 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
35ed73e195 rework superuser api 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
4079dba167 service keys: do all the right stuff 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
499bb16306 service key server wip 2016-04-29 13:38:25 -04:00
Joseph Schorr
c0374d71c9 Refactor the security worker and API calls and add a bunch of tests 2016-02-25 12:29:41 -05:00
Joseph Schorr
abd2e3c234 V1 Docker ID <-> V2 layer SHA mismatch fix
Fix handling of V1 Docker ID <-> V2 layer SHA mismatch by dynamically rewriting the manifest to use new synthesized IDs for all layers above the mismatch. Also adds a bunch of tests for this and other use cases, fixes a bug around manifest digest uniqueness and fixes the 5.5 migration for MySQL.
2016-02-12 17:39:27 +02:00
Jake Moshenko
fe2bdeb6cb Require some data from all models in initdb 2016-01-19 15:30:27 -05:00
Jake Moshenko
8ab6c8a22d Fix torrent hash generation to work in mixed stacks 2016-01-11 16:43:46 -05:00
Jake Moshenko
1ae101c917 Address torrent feature review comments. 2016-01-08 16:38:21 -05:00
Jake Moshenko
77aa58996a Fix the db definition for torrentinfo and add migration 2016-01-06 14:04:03 -05:00
Jake Moshenko
ce8fcbeaae Update the pieces to use base64 encoded binary 2016-01-04 16:17:51 -05:00
Jake Moshenko
fe87d3c796 Hash and track layer file chunks for torrenting 2016-01-04 16:17:51 -05:00
Joseph Schorr
10efa96009 Add support for custom billing invoice email address
Fixes #782
2015-12-28 13:59:50 -05:00
Joseph Schorr
94ece129d4 Remove remaining recursive queries on repo delete and add test 2015-12-18 16:04:03 -05:00
Joseph Schorr
2e7835c372 Fix user deletion under MySQL
Fixes #973
2015-12-17 15:05:15 -05:00
Joseph Schorr
9698d6f6a0 Add created column to blob upload
Fixes first half of #1054
2015-12-14 15:27:48 -05:00
Joseph Schorr
54095eb5cb Handle the common case of one chunk when calculating the uncompressed size
Reference #992
2015-12-14 15:27:48 -05:00
Joseph Schorr
0f7c8105b0 Remove DerivedImageStorage table 2015-11-25 11:46:59 -05:00
Joseph Schorr
762cd56e64 Change derived storage to be based on image
Fixes #971
2015-11-24 12:44:07 -05:00
Jake Moshenko
18b14001b4 Add indices for the security worker fields on Image
Fixes #906
2015-11-18 13:29:51 -05:00
Jake Moshenko
206e18d160 Image parents do not have to be nulled transitively on repo delete 2015-11-17 16:48:26 -05:00
Jake Moshenko
e252397292 Switch parent back to a ForeignKeyField without a constraint 2015-11-17 16:09:33 -05:00
Jake Moshenko
a1ccd860e7 Merge pull request #823 from coreos-inc/phase3-11-07-2015
Phase3 11 07 2015
2015-11-11 14:22:19 -05:00
Joseph Schorr
2d2662f53f Fix deleting repos and images under MySQL
MySQL doesn't handle constraints at the end of transactions, so deleting images currently fails. This removes the constraint and just leaves parent_id as an int
2015-11-09 14:42:05 -05:00
Jake Moshenko
ad93425ead Stop writing to v1 checksum on ImageStorage 2015-11-06 16:40:04 -05:00
Joseph Schorr
0f3db709ea Add a vulnerability_found event for notice when we detect a vuln
Fixes #637

Note: This PR does *not* actually raise the event; it merely adds support for it
2015-11-06 15:22:18 -05:00
Quentin Machu
f59e35cc81 Add support for Quay's vulnerability tool 2015-11-06 15:22:18 -05:00
Jake Moshenko
3d0bcbaaeb Move v1 checksums to image and track v2 separately 2015-11-06 15:17:55 -05:00
Joseph Schorr
bbf4a1fac4 Remove the used_legacy_github column 2015-11-06 15:17:55 -05:00
Jake Moshenko
cb7ec2f239 Backport remaining v2 changes to phase4 2015-10-24 15:00:13 -04:00
Jake Moshenko
9da64f3aba Stop writing to deprecated columns for image data. 2015-10-24 14:45:15 -04:00
josephschorr
217779273f Merge pull request #503 from coreos-inc/ghmigrate
Migrate all GitHub build triggers to use deploy keys
2015-09-16 18:32:32 -04:00
Joseph Schorr
eff9ff7a66 Migrate all GitHub build triggers to use deploy keys 2015-09-16 17:55:51 -04:00
Silas Sewell
0a48f1cfb0 Merge pull request #495 from coreos-inc/quay-versions
Add quay releases
2015-09-16 17:29:58 -04:00
Silas Sewell
386c017d99 Add quay releases 2015-09-16 17:18:46 -04:00
Joseph Schorr
30379a2dd8 Fix interleaved repo delete with RAC via a transaction
The RepositoryActionCount table can have entries added while a repository deletion is in progress. We now perform the repository deletion under a transaction and explicitly test for RAC entries in the deletion unit test (which doesn't test interleaving, but it was missing this check).

Fixes #494
2015-09-16 15:34:32 -04:00
Jake Moshenko
b56de3355c Migrate data back to Image in preparation for v2 2015-09-15 11:53:31 -04:00
Joseph Schorr
724b1607d7 Add automatic storage replication
Adds a worker to automatically replicate data between storages and update the database accordingly
2015-09-01 14:53:32 -04:00
Joseph Schorr
84276ee945 Better notifications UI
Fixes #369
2015-08-17 17:08:58 -04:00
Joseph Schorr
9f2d6282bd Add missing index on retries_remaining 2015-08-04 18:01:28 -04:00
Joseph Schorr
3d6c92901c Switch to using an aggregated logs query and infinite scrolling
This should allow users to work with large logs set.

Fixes #294
2015-07-31 16:38:02 -04:00
Joseph Schorr
ac1b46e7ec Add missing migration 2015-07-22 16:19:10 -04:00
Jake Moshenko
3efaa255e8 Accidental refactor, split out legacy.py into separate sumodules and update all call sites. 2015-07-17 11:56:15 -04:00
Jake Moshenko
bea8b9ac53 More changes for registry-v2 in python.
Implement the minimal changes to the local filesystem storage driver and feed them through the distributed storage driver.
Create a digest package which contains digest_tools and checksums.
Fix the tests to use the new v1 endpoint locations.
Fix repository.delete_instance to properly filter the generated queries to avoid most subquery deletes, but still generate them when not explicitly filtered.
2015-07-17 11:50:41 -04:00
Jake Moshenko
acbcc2e206 Start of a v2 API. 2015-07-17 11:50:41 -04:00
Joseph Schorr
3ba321934f Fix deletion of robot accounts when attached to builds
Fixes #204
2015-06-30 22:56:44 +03:00
Jimmy Zelinskie
756d6784ca Merge pull request #192 from coreos-inc/sqlssl
Allow SSL cert for the database to be configured
2015-06-29 13:33:31 -04:00
Joseph Schorr
dc5af7496c Allow superusers to disable user accounts 2015-06-29 18:40:52 +03:00
Joseph Schorr
bb07d0965f Allow SSL cert for the database to be configured
This change adds a field for the SSL cert for the database in the setup tool. Fixes #89
2015-06-29 08:08:10 +03:00
Jake Moshenko
79f1181a63 Switch build-scheduled to an official build phase. 2015-06-10 16:19:51 -04:00
Joseph Schorr
a59100b231 Add the missing index on the peewee side. We already have the associated migration. 2015-04-30 15:56:40 -04:00
Jimmy Zelinskie
93cd459460 Merge branch 'master' into git 2015-04-20 10:58:49 -04:00
Joseph Schorr
2815ea2723 Merge branch 'master' of github.com:coreos-inc/quay 2015-04-19 15:16:39 -04:00
Jimmy Zelinskie
ba2cb08904 Merge branch 'master' into git 2015-04-16 17:38:35 -04:00
Joseph Schorr
f19d2f684e Add ability to revert tags via time machine 2015-04-16 17:18:00 -04:00
Joseph Schorr
3f1e8f3c27 Add a RepositoryActionCount table so we can use it (instead of LogEntry) when scoring repo search results 2015-04-13 13:31:07 -04:00
Joseph Schorr
1df025b57e Change search to use a set of queries for repo lookup rather than a single monolithic query, in the hopes that this will make things significantly faster and actually useable. The individual queries have been tested by hand on MySQL, but the real test will be staging 2015-04-10 15:27:37 -04:00
Jimmy Zelinskie
da15eda2bf migration: make auth_token for builds nullable 2015-03-27 11:20:30 -04:00
Jake Moshenko
201943ed1c Fix deadlocks with tags and garbage collection. 2015-03-24 18:00:04 -04:00
Jimmy Zelinskie
9c55aca011 migration: make resource_key nullable 2015-03-23 15:46:35 -04:00
Jimmy Zelinskie
93a9e9d01a migration: add private key to build triggers 2015-03-19 14:30:25 -04:00
Joseph Schorr
afc8e95e19 Start on new tag view 2015-03-09 22:03:39 -07:00
Joseph Schorr
86447c0a99 Merge branch 'master' into pagesnew 2015-03-05 14:22:10 -05:00
Jimmy Zelinskie
fb0d3d69c2 changes to reflect PR comments (not finished) 2015-02-24 17:50:54 -05:00
Joseph Schorr
5f605b7cc8 Fix queue handling to remove the dependency from repobuild, and have a cancel method 2015-02-23 13:38:01 -05:00
Jimmy Zelinskie
917dd6b674 Merge branch 'master' into star 2015-02-18 17:36:58 -05:00
Jake Moshenko
41108a0856 Allow tags to be marked as hidden. Create a hidden tag on every image during a push to prevent them from getting GCed. 2015-02-18 17:05:16 -05:00
Jake Moshenko
2dd03f1bed Merge remote-tracking branch 'origin/master' into rockyhorror
Conflicts:
	test/data/test.db
2015-02-18 10:56:01 -05:00
Joseph Schorr
83e05d2342 Add tracking of the kind of temporary access tokens, so we can display if a pull/push by token is for a build worker 2015-02-17 12:35:16 -05:00
Joseph Schorr
81ce4c771e Add ability to cancel builds that are in the waiting state 2015-02-13 15:54:01 -05:00
Jake Moshenko
4a921a49b9 Merge remote-tracking branch 'origin/master' into rockyhorror 2015-02-12 16:24:30 -05:00
Joseph Schorr
f84d1bad45 Handle internal errors in a better fashion: If a build would be marked as internal error, only do so if there are retries remaining. Otherwise, we mark it as failed (since it won't be rebuilt anyway) 2015-02-12 16:19:44 -05:00
Jake Moshenko
872539bdbf Switch to a per-namespace configurable expiration policy for time machine, and switch the tag gc to respect it. 2015-02-12 14:11:56 -05:00
Jake Moshenko
90c0a9c1e0 First stab at time machine using fixed two week expiration policy. 2015-02-11 14:15:40 -05:00
Joseph Schorr
cf774e23df Merge branch 'master' into v2 2015-02-05 15:37:14 -05:00
Joseph Schorr
bfb0784abc Add signing to the ACI converter 2015-02-04 15:29:24 -05:00
Jake Moshenko
64750e31fc Add the ability to select for update within transactions to fix some write after read hazards. Fix a bug in extend_processing. 2015-01-30 16:32:13 -05:00
Joseph Schorr
92d32bc636 Make the DB health check first attempt a simple DB connection. If the database is in the middle of a failover, this will fail after 3 seconds (the connection timeout specified), rather than hanging and causing the ELB health checks to timeout and fail. 2015-01-20 14:46:22 -05:00
Joseph Schorr
15a69ac872 Change robot deletions to set the performer to null, rather than attempting to delete the rows from the large log entries table 2015-01-14 12:56:06 -05:00
Jimmy Zelinskie
97b605ca8d Fix starring after rebase. 2014-12-03 12:20:51 -08:00
Jimmy Zelinskie
eb956e5b7d initial work on adding models for starring repos.
I'm sick of using `git stash`.
2014-12-02 17:31:21 -08:00
Jimmy Zelinskie
f3259c862b Merge branch 'koh'
Conflicts:
	auth/scopes.py
	requirements-nover.txt
	requirements.txt
	static/css/quay.css
	static/directives/namespace-selector.html
	static/js/app.js
	static/partials/manage-application.html
	templates/oauthorize.html
2014-12-01 12:30:09 -08:00
Joseph Schorr
72d613614d Merge branch 'bagger' 2014-12-01 12:48:59 -05:00
Joseph Schorr
e9cac407df Add a configurable avatar system and add an internal avatar system for enterprise 2014-11-24 19:25:13 -05:00
Joseph Schorr
b8e873b00b Add support to the build system for tracking if/when the build manager crashes and make sure builds are restarted within a few minutes 2014-11-21 14:27:06 -05:00
Jake Moshenko
e863b96166 Tweak the uuid backfill to leave the uuid column nullable. 2014-11-19 15:32:30 -05:00
Jimmy Zelinskie
606ad21bec Apply reviewed changes.
Adds a length to the UUID field, renames QuayDeferredPermissionUser
parameter id->uuid, adds transactions to backfill script.
2014-11-19 13:28:16 -05:00
Jimmy Zelinskie
9d677b8eb3 Add UUID to User model and use in cookie. 2014-11-19 13:28:16 -05:00
Joseph Schorr
178c5a7ac0 Add an index to the docker_image_id for faster lookup 2014-11-13 12:51:50 -05:00
Joseph Schorr
eddcc02ea6 Make repository deletes much faster by adding custom deletion code and have additional tests to verify the deletion code paths 2014-11-10 23:05:20 -05:00
Joseph Schorr
e7cbda86f7 Merge branch 'perf' 2014-11-10 21:52:27 -05:00
Joseph Schorr
091f821a6a - Rename get_repo_image to get_repo_image_extended and get_repo_image_directly to get_repo_image
- Remove the configure call from CloseForLongOperation
- Other small fixes
2014-11-10 13:44:36 -05:00
Joseph Schorr
72fedef097 Move the robot deletion code into a delete_instance method on the User object 2014-11-10 13:18:17 -05:00
Joseph Schorr
158acd4f41 - Turn on foreign key constraint checking in the tests
- Change all ForeignKeyField's that refer to users to use our custom class, and mark those that allow robots
- Change robot delete to only execute the subset of queries necessary to actually delete robots
2014-11-07 12:05:21 -05:00
Joseph Schorr
d5bbb57481 Change registry code to disconnect from the DB before long I/O operations 2014-11-06 18:00:52 -05:00
Joseph Schorr
23d9bd2b42 Change verbs to use short lived database connections 2014-11-06 17:50:48 -05:00
Jake Moshenko
328db8b660 Split the app into separate backends, which can use different worker types and different timeouts. 2014-10-14 13:58:08 -04:00
Jake Moshenko
fe59ad4fb5 Rectify our prod database, previous migrations, and database definition files. 2014-10-07 16:03:57 -04:00
Joseph Schorr
f4daa5e97b - Update the migrations tool to verify migrations work up and down for both MySQL and PostgresSQL.
- Add migrations for the squashed image tables and for backfilling the uncompressed sizes
- Make sure gzip stream uses a max length when determining the uncompressed size
2014-10-07 15:29:56 -04:00
Joseph Schorr
f38ce51943 Merge master into laffa 2014-10-07 14:03:17 -04:00
Jake Moshenko
4ad592e7ce Add an index to the image storage uuid to improve performance. 2014-10-06 18:44:37 -04:00
Jake Moshenko
fbc7ee3bce Phase 3 of the namespace migration, remove write references to the namespace string column. 2014-09-29 15:44:25 -04:00
Jake Moshenko
03190efde3 Phase 2 of migrating repo namespaces to referencing user objects, backfilling the rows without a value for namespace_user, and changing all accesses to go through the namespace_user object. All tests are passing, manual testing still required. 2014-09-24 18:01:35 -04:00
Joseph Schorr
86dfca2e3e Add uncompressed size field to the image storage and add a backfill script (which is not yet automatically called) 2014-09-23 14:01:27 -04:00
Joseph Schorr
ba0963a81c Update the worker code to better handle exceptions, fix the utcdate issue and make sure we send the proper retry. Also updates notification workers to send JobExceptions rather than returning true or false 2014-09-23 11:01:50 -04:00
Jake Moshenko
3259cda000 The new strategy is to do a three phase migration. This is the first phase: getting the namespace user in the db and written for all new repositories. 2014-09-22 17:27:02 -04:00
Jake Moshenko
8626d1cd70 Initial changes to move repositories from using a namespace string to referencing a user object. Also stores the user id in the cookie rather than the username, to allow users to be renamed. This commit must not be used unmodified because the database migration is too aggressive for live migration. 2014-09-19 10:17:23 -04:00
Jake Moshenko
11bb8e6448 Actually store the generated image storage in the database, and allow it to be garbage collected when the parent image storage is collected. 2014-09-18 17:26:40 -04:00
Joseph Schorr
e3c52fa0eb Work in progress. This is currently broken! 2014-09-16 00:18:57 -04:00
Jake Moshenko
75d2ef377e Merge remote-tracking branch 'origin/master' into comewithmeifyouwanttowork
Conflicts:
	data/model/legacy.py
2014-09-15 17:52:17 -04:00
Jake Moshenko
efb66f7c1e Select the random row function based on DB driver. 2014-09-15 15:58:56 -04:00
Jake Moshenko
c5ca46a14b Merge remote-tracking branch 'origin/master' into comewithmeifyouwanttowork
Conflicts:
	data/model/legacy.py
	static/js/app.js
2014-09-12 11:03:30 -04:00
Joseph Schorr
8d3ce44682 Address comments on code review 2014-09-11 15:45:41 -04:00
Jake Moshenko
451e034ca1 Archived logs commit 1. Squash me. 2014-09-08 16:43:17 -04:00
Joseph Schorr
e028d4ae0a Merge master into branch 2014-09-04 18:08:18 -04:00
Jake Moshenko
2dcdd7ba5b Add exponential backoff of login attempts. 2014-09-02 15:27:05 -04:00
Joseph Schorr
3b72b26836 Merge branch 'master' into comewithmeifyouwanttowork 2014-08-28 20:50:13 -04:00
Joseph Schorr
d2880807b2 - Further fixes for license stuff
- Small fixes to ensure Quay works for Postgres
2014-08-21 19:21:20 -04:00
Joseph Schorr
43b6695f9c Get team invite confirmation working and fully tested 2014-08-18 17:24:00 -04:00
Joseph Schorr
56d7a3524d Work in progress: Require invite acceptance to join an org 2014-08-15 17:47:43 -04:00
Joseph Schorr
389c88a7c4 Update federated login to store metadata and have the UI pull the information from the metadata 2014-08-11 18:25:01 -04:00
Joseph Schorr
32b2ecdfa6 Add ability to dismiss notifications 2014-07-28 18:23:46 -04:00
Joseph Schorr
34fc279092 Add e-mail authorization to the repository notification flow. Also validates the creation of the other notification methods. 2014-07-28 14:58:12 -04:00
Joseph Schorr
8d7493cb86 Convert over to notifications system. Note this is incomplete 2014-07-17 22:51:58 -04:00
Joseph Schorr
a84fe0681a Start on data model changes and API changes for the new repository notification system 2014-07-16 16:30:47 -04:00
Jake Moshenko
5645b6da32 Add support for read slave databases. 2014-07-02 19:10:24 -04:00
Jake Moshenko
bf98575feb Add the basics of geographic data distribution and get the tests to work. 2014-06-17 16:03:43 -04:00
Jake Moshenko
78c5aec5b9 Switch the checksums to use the registry computed value, remove all assumptions of namespaced paths for legacy storage, fix an upload race condition in the registry code. 2014-06-11 15:37:45 -04:00
Jake Moshenko
0ba4201020 Add a module which will create notifications for all users when the license is at its expiration period, and terminate the process when the license expires. 2014-05-29 11:24:10 -04:00
Jake Moshenko
f6726bd0a4 Merge branch 'ldapper'
Conflicts:
	Dockerfile
	app.py
	data/database.py
	endpoints/index.py
	test/data/test.db
2014-05-22 12:13:41 -04:00
Jake Moshenko
e1a5a3e543 Temporarily remove the db pool until we can figure out why they are running out of connections. 2014-05-19 17:14:23 -04:00
Jake Moshenko
5fdccfe3e6 Add an alembic migration for the full initial database with the data. Switch LDAP to using bind and creating a federated login entry. Add LDAP support to the registry and index endpoints. Add a username transliteration and suggestion mechanism. Switch the database and model to require a manual initialization call. 2014-05-13 12:17:26 -04:00
Jake Moshenko
feb7ad8dd1 Use the pooled mysql database. 2014-05-07 12:37:45 -04:00
Jake Moshenko
ef9fe871fc Move the upload flag to the database, and use the database stored image size rather than going to s3. 2014-05-02 16:59:46 -04:00
jakedt
61a6db236f Finish the implementation of local userfiles. Strip charsets from mimetypes in the build worker. Add canonical name ordering to the build queue. Port all queues to the canonical naming version. 2014-04-11 18:34:47 -04:00
jakedt
8fac0474b5 Get staging to run under docker on an EC2 host. 2014-04-10 18:30:09 -04:00
jakedt
4f3fa34206 Remove test field from the database definition. 2014-04-09 19:13:46 -04:00
jakedt
fc7756a3c2 Add alembic plumbing for database schema migrations. 2014-04-09 19:11:33 -04:00
jakedt
265fa5070a Fix support for multiple stack configurations and move most secrets into the quay-config project. 2014-04-07 16:59:22 -04:00
Joseph Schorr
9a79d1562a Change to store the pull robot on the repository build and only add the credentials to the queue item. This prevents the credentials from being exposed to the end user. Also fixes the restart build option 2014-04-01 21:49:06 -04:00
Joseph Schorr
2006917e03 Add support for pull credentials on builds and build triggers 2014-03-27 18:33:13 -04:00
jakedt
afb3a67b7b Switch the data to a textfield for authorization codes. 2014-03-25 16:06:34 -04:00
jakedt
b81e48cb41 Merge branch 'swaggerlikeus' of ssh://bitbucket.org/yackob03/quay into swaggerlikeus
Conflicts:
	test/data/test.db
2014-03-25 12:43:09 -04:00
jakedt
cbc40588cb Finally figure out what the data field is supposed to be for and use it to implement and fix 3LO. 2014-03-25 12:42:40 -04:00