Commit graph

6997 commits

Author SHA1 Message Date
EvB
243b0dc4fc fix(initdb.py): skip db initialization with env var
Only run the db-initialization (e.g. creating schemas) if the
`SKIP_DB_SCHEMAS` isn't set to true when run as main. This value
is checked in other circumstances and should be here as well so
that this script can be used to populate arbitrary test databases
as needed in development.
2017-02-23 15:00:08 -05:00
Evan Cordell
eac9927414 Add FEATURE_SIGNING flag and refactor nginx_conf_create.sh 2017-02-23 14:38:16 -05:00
Evan Cordell
16ec19d356 Add dnsmasq so nginx will allow an upstream service to not block startup 2017-02-23 14:38:16 -05:00
Evan Cordell
9affe193db Add support for tuf metadata endpoints 2017-02-23 14:38:16 -05:00
josephschorr
6436444274 Merge pull request #2379 from coreos-inc/fix-build-form
Fix Dockerfile Build Form
2017-02-22 20:42:15 -05:00
Charlton Austin
e87404c327 Adding in what metadata_root_name to JWT 2017-02-22 16:59:19 -05:00
Joseph Schorr
baf4b7bed4 Change Dockerfile build form to not require a robot unless sure we need it
Fixes #2377

Before this change, we'd err on the side of caution, which is bad UX
2017-02-22 16:27:32 -05:00
Joseph Schorr
7f1980bff1 Fix DockerfileService to properly parse repo names and tags
Before this change, the tag name would be included in the image, which breaks the API
2017-02-22 16:26:47 -05:00
josephschorr
a726a12096 Merge pull request #2378 from coreos-inc/docker-versioning-fix
Docker versioning fix
2017-02-22 16:10:33 -05:00
Joseph Schorr
67c0bf6263 Fix docker versioning library to support new versioning scheme
Fixes: https://sentry.io/coreos/backend-production/issues/222349174/
Reference: https://github.com/docker/docker/pull/31075
2017-02-22 16:08:17 -05:00
Joseph Schorr
94be8731f3 Change Docker Version tests to pytest 2017-02-22 15:45:06 -05:00
josephschorr
90f841175e Merge pull request #2375 from coreos-inc/2.1.0-fixchangelog
Update 2.1.0 changelog with reference to new doc
2017-02-22 14:18:28 -05:00
josephschorr
f7a7d30ec2 Merge pull request #2366 from coreos-inc/alert-spam-fixes
Small fixes for alert spam
2017-02-22 14:18:18 -05:00
Joseph Schorr
3faa082cf7 Update 2.1.0 changelog with reference to new doc 2017-02-22 14:13:26 -05:00
Joseph Schorr
478b1642b2 Eat AttributeError in peewee close database call
Fixes https://sentry.io/coreos/backend-production/issues/104257892/
2017-02-22 13:21:12 -05:00
Joseph Schorr
7cc7e54945 Remove unicode before sending it to path parser
Fixes https://sentry.io/coreos/backend-production/issues/175929456/
2017-02-22 13:21:12 -05:00
Joseph Schorr
3f1d394e14 Catch IOErrors when starting builds
Fixes https://sentry.io/coreos/backend-production/issues/207144068/
2017-02-22 13:20:04 -05:00
Joseph Schorr
d29d2da1ca Handle IntegrityError in tag update code
Fixes https://sentry.io/coreos/backend-production/issues/173470565/events/4938537230/
2017-02-22 13:20:04 -05:00
Joseph Schorr
9db20ff961 Catch SSL errors due to timeouts in Github calls
Fixes https://sentry.io/coreos/backend-production/issues/219378902/
2017-02-22 13:20:04 -05:00
Joseph Schorr
ef9cb3757d Check for missing repository on GC call
Fixes https://sentry.io/coreos/backend-production/issues/192273882/
2017-02-22 13:18:23 -05:00
Joseph Schorr
89b7c13da5 Catch team member invite missing exception
Fixes https://sentry.io/coreos/backend-production/issues/195926082/
2017-02-22 13:18:22 -05:00
Joseph Schorr
fd4a31d3c3 Make pop on realm work even if the realm isn't present
This is cleanup code and, occasionally, we get a cleanup without the realm having been added, leading to a KeyError
2017-02-22 13:18:22 -05:00
Jimmy Zelinskie
b145ed7ad8 Merge pull request #2374 from jzelinskie/df-upgrade
dockerfile: -y for apt-get upgrade
2017-02-22 13:03:28 -05:00
Jimmy Zelinskie
4538d11c95 dockerfile: -y for apt-get upgrade 2017-02-22 13:01:00 -05:00
Jimmy Zelinskie
1a6d05531d Merge pull request #2373 from jzelinskie/df-upgrade
dockerfile: upgrade base OS packages
2017-02-22 11:49:20 -05:00
Jimmy Zelinskie
cc56ce79a8 dockerfile: upgrade base OS packages 2017-02-22 11:48:11 -05:00
Jake Moshenko
a32d329b17 Merge pull request #2372 from jakedt/clairunscanned
Move the images count stat back to the prom stat worker
2017-02-22 11:45:51 -05:00
Jake Moshenko
27f5f14f90 Linter fixes 2017-02-22 11:45:38 -05:00
Jake Moshenko
add6b654ae Move the total image count stat back to the prom stat worker 2017-02-22 11:45:38 -05:00
Joseph Schorr
6133b01d4d Fix transparent icons in entity autocomplete
This is not a *complete* solution, as it still won't show the nice CSS-based avatars, but that can be done in a followup
2017-02-21 21:16:15 -05:00
Jimmy Zelinskie
deb2b1b003 Merge pull request #2370 from jakedt/clairunscanned
Read the number of unscanned clair images from the block allocator
2017-02-21 19:18:05 -05:00
Jake Moshenko
b03e03c389 Read the number of unscanned clair images from the block allocator 2017-02-21 19:13:51 -05:00
Jimmy Zelinskie
8957541844 Merge pull request #2369 from jzelinskie/optim-qss
data.model.image: fake QSS progress metric
2017-02-21 17:50:22 -05:00
Jimmy Zelinskie
3d21af59fd data.model.image: fake QSS progress metric 2017-02-21 17:48:40 -05:00
josephschorr
0214b1ba9f Merge pull request #2368 from coreos-inc/entity-search-avatar
Display avatars in entity search autocomplete
2017-02-21 16:49:45 -05:00
Joseph Schorr
fcff867bfd Display avatars in entity search autocomplete
Fixes https://github.com/coreos/bugs/issues/1819
2017-02-21 16:29:13 -05:00
josephschorr
2ef55a5842 Merge pull request #2363 from coreos-inc/opt-search
Small search query optimizations
2017-02-18 13:51:12 -05:00
josephschorr
ecf11d4504 Merge pull request #2364 from coreos-inc/cut-2.1.0
CHANGELOG for v2.1.0
2017-02-17 13:47:53 -05:00
Joseph Schorr
c35691a746 CHANGELOG for v2.1.0 2017-02-17 13:46:29 -05:00
Joseph Schorr
a319c55616 Don't make permissions request in search for public callers
They are unnecessary, so we can skip them
2017-02-17 12:22:21 -05:00
Joseph Schorr
eece782038 Prevent peewee from loading the visibility every time
By calling `visibility` instead of `visibility_id`, peewee was issuing a SQL Select statement for the repository, which removes the benefit of the optimization
2017-02-17 12:09:48 -05:00
josephschorr
7cb2da4cea Merge pull request #2348 from coreos-inc/oidc-bind
Add support for binding OIDC and external login auth to the backing internal login auth
2017-02-16 16:29:00 -05:00
Joseph Schorr
198bdf88bc Move OAuth login into its own endpoints module 2017-02-16 16:27:54 -05:00
Joseph Schorr
0167e1e7bf Style fixes 2017-02-16 16:27:54 -05:00
Joseph Schorr
cc4258c015 Blacklist any OIDC service ids that may conflict with our own 2017-02-16 16:27:53 -05:00
Joseph Schorr
421c5d6012 Fix bug where the login service ID doesn't exist 2017-02-16 16:27:53 -05:00
Joseph Schorr
6736e69ebd Add end-to-end OIDC binding test 2017-02-16 16:27:53 -05:00
Joseph Schorr
d47696b69c Add support for sub binding field 2017-02-16 16:27:53 -05:00
Joseph Schorr
7b386e9d63 Move endpoint test fixtures to a non-conftest file 2017-02-16 16:27:53 -05:00
Joseph Schorr
2c35383724 Allow OAuth and OIDC login engines to bind to fields in internal auth
This feature is subtle but very important: Currently, when a user logs in via an "external" auth system (such as Github), they are either logged into an existing bound account or a new account is created for them in the database. While this normally works jut fine, it hits a roadblock when the *internal* auth system configured is not the database, but instead something like LDAP. In that case, *most* Enterprise customers will prefer that logging in via external auth (like OIDC) will also *automatically* bind the newly created account to the backing *internal* auth account. For example, login via PingFederate OIDC (backed by LDAP) should also bind the new QE account to the associated LDAP account, via either username or email. This change allows for this binding field to be specified, and thereafter will perform the proper lookups and bindings.
2017-02-16 16:27:53 -05:00