Commit graph

228 commits

Author SHA1 Message Date
josephschorr
1bfca871ec Merge pull request #2387 from coreos-inc/team-sync
Team synchronization support in Quay Enterprise
2017-04-03 18:26:29 -04:00
Joseph Schorr
83320c2868 Have CDN use be off by default
We only use the CDN now for testing and local development, and having it on by default breaks when doing initial setup for QE behind a corporate firewall that doesn't allow loading of the external libraries we need
2017-04-03 14:31:28 -04:00
Joseph Schorr
04225f2d25 Add feature flag for team syncing 2017-04-03 11:31:29 -04:00
Joseph Schorr
e204f7784c Make app registry off by default 2017-03-23 12:01:59 -04:00
Jimmy Zelinskie
4614419e53 config: add app registry feature flag 2017-03-22 22:57:21 -04:00
Joseph Schorr
dd35677712 Add configurable maximum layer size in nginx 2017-03-21 13:14:11 -04:00
Jimmy Zelinskie
4ed0cdda14 securityscanner: add a min image id option
This will enable us to force some instances of the securityworker to
scan only new images.
2017-03-03 13:55:25 -05:00
Jake Moshenko
de7a5c9959 Make the security scanning worker period configurable 2017-02-27 15:02:29 -05:00
Evan Cordell
eac9927414 Add FEATURE_SIGNING flag and refactor nginx_conf_create.sh 2017-02-23 14:38:16 -05:00
Evan Cordell
9affe193db Add support for tuf metadata endpoints 2017-02-23 14:38:16 -05:00
Jimmy Zelinskie
e81926fcba util.secscan.api: init read-only failover 2017-02-03 19:20:13 -05:00
Joseph Schorr
3eb17b7caa Add support for recaptcha during the create account flow
If the feature is enabled and recaptcha keys are given in config, then a recaptcha box is displayed in the UI when creating a user and a recaptcha response code *must* be sent with the create API call for it to succeed.
2017-01-09 11:08:21 -05:00
Jimmy Zelinskie
00eafff747 Merge pull request #2204 from jzelinskie/429builds
add rate limiting to build queues
2016-12-07 15:03:31 -05:00
Jimmy Zelinskie
57770493fa build rate limiting: use a rate 2016-12-06 16:30:12 -05:00
Jimmy Zelinskie
7877c6ab94 add rate limiting to build queues 2016-12-06 16:30:12 -05:00
Jake Moshenko
709edd7eb6 Reduce the update period on queue worker metrics. 2016-12-05 18:12:14 -05:00
Joseph Schorr
66e09b2a95 Switch landing page to read template from S3 bucket
This change uses CORS to make the Angular template request to a defined S3 bucket, falling back to the compiled login template if the bucket is not available.

Fixes #1313
2016-11-30 14:00:07 -05:00
Charlton Austin
2fe74e4057 Adding in UI for cancel anytime. 2016-11-21 10:58:32 -05:00
Joseph Schorr
5f99448adc Add a chunk cleanup queue for async GC of empty chunks
Instead of having the Swift storage engine try to delete the empty chunk(s) synchronously, we simply queue them and have a worker come along after 30s to delete the empty chunks. This has a few key benefits: it is async (doesn't slow down the push code), helps deal with Swift's eventual consistency (less retries necessary) and is generic for other storage engines if/when they need this as well
2016-11-15 15:07:41 -05:00
josephschorr
45b1148118 Merge pull request #2086 from coreos-inc/user-info
Add collection of user metadata: name and company
2016-11-09 13:15:07 -05:00
Joseph Schorr
7e78406112 Add a defined timeout on all HTTP calls in notification methods 2016-11-08 18:28:06 -05:00
Joseph Schorr
0f2eb61f4a Add collection of user metadata: name and company 2016-11-08 16:15:02 -05:00
Jimmy Zelinskie
3cafa5721d config: fix staggered workers config name 2016-11-01 12:31:12 -04:00
josephschorr
129d2851f7 Merge pull request #1961 from coreos-inc/session-cookies
Enable permanent sessions
2016-10-31 13:58:26 -04:00
Joseph Schorr
3a473cad2a Enable permanent sessions
Fixes #1955
2016-10-31 13:52:09 -04:00
Jimmy Zelinskie
a30b358709 add staggered worker startup
Fixes #787
2016-10-28 17:12:39 -04:00
Jake Moshenko
f04b018805 Write our users to Marketo as leads. 2016-10-14 16:29:11 -04:00
charltonaustin
df4e58f3e4 Fixing some pylint stuff (was trying to get it to work and stumbled on this guy). 2016-10-06 11:41:51 -04:00
Joseph Schorr
6ea51afa66 Add a configurable prometheus namespace for all metrics
Fixes #1918
2016-10-05 10:33:35 +03:00
josephschorr
684ace3b5a Merge pull request #1761 from coreos-inc/nginx-direct-download
Add feature flag to force all direct download URLs to be proxied
2016-09-29 22:46:57 +02:00
Joseph Schorr
dd2e086a20 Add feature flag to force all direct download URLs to be proxied
Fixes #1667
2016-09-29 11:13:41 +02:00
Joseph Schorr
310eded8e6 Add a configuration flag for external TLS termination
This is necessary to ensure that we use the correct scheme when conducting health checks, setting cookies, etc.

Fixes #1865
2016-09-22 18:28:57 -04:00
Joseph Schorr
25ed99f9ef Add feature flag to turn off requirement for team invitations
Fixes #1804
2016-09-20 16:45:00 -04:00
Joseph Schorr
608ffd9663 Basic labels support
Adds basic labels support to the registry code (V2), and the API. Note that this does not yet add any UI related support.
2016-08-26 15:24:26 -04:00
Joseph Schorr
75e8af47e5 Switch Olark to Chatlio 2016-08-08 18:18:35 -04:00
Joseph Schorr
a1009af61c Move aggregator into its own repo and add it to the image 2016-07-05 15:39:51 -04:00
Joseph Schorr
9158fe38ee Add Marketo munchkin tracking via angulartics 2016-06-20 16:22:30 -04:00
Joseph Schorr
8887f09ba8 Use the instance service key for registry JWT signing 2016-06-07 11:58:10 -04:00
Joseph Schorr
7933aecf25 Add support for direct granting of OAuth tokens and add tests
This allows a client (when authorized in a whitelist) to send direct credentials via a Basic auth header and therefore bypass the OAuth approval UI for that user.
2016-05-23 17:17:06 -04:00
Jimmy Zelinskie
5568cc77b8 remove all default keys (#1485)
This change:
- Generates a new BitTorrent pepper by default
- Generates a new pagination key by default
- Changes the pagination key format to base64
- Removes selfsigned JWT certs
- Moves test keys to test/data
2016-05-23 16:00:48 -04:00
Jake Moshenko
17536e66dc Change our jwt signing key to actually be self signed. 2016-05-23 15:07:33 -04:00
Joseph Schorr
4aab834156 Move to Angular 1.5
This has been reasonably well tested, but further testing should be done on staging.

Also optimizes avatar handling to use a constant size and not 404.

Fixes #1434
2016-05-17 16:32:08 -04:00
Joseph Schorr
2cbdecb043 Implement setup tool support for Clair
Fixes #1387
2016-05-04 13:40:50 -04:00
Jimmy Zelinskie
f842545b3e rename config values to remove "Quay" (#1431) 2016-05-03 13:11:21 -04:00
Jimmy Zelinskie
437ec84c9f torrent: use quay.pem to mint JWT (#1425) 2016-05-02 18:10:16 -04:00
Evan Cordell
a6f6a114c2 service key worker to refresh automatic keys 2016-04-29 14:10:33 -04:00
Evan Cordell
c766727d1d address review comments
- more inline documentation
 - don't explicitly specify audience
 - approver is optional in `generate_key`
 - ADD -> RUN for better caching of jwtproxy
2016-04-29 14:10:33 -04:00
Evan Cordell
d2aa4be29e Explicitly set jwtproxy audience 2016-04-29 14:10:33 -04:00
Evan Cordell
f30a9e56f3 Be really sure about proxy protocol 2016-04-29 14:10:33 -04:00
Evan Cordell
f4d2fae5d8 Separate jwtproxy signer config from secscan config 2016-04-29 14:10:33 -04:00