vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
5352 commits 2 branches 62 tags 205 MiB
Commit graph

228 commits

Author SHA1 Message Date
Joseph Schorr
8887f09ba8 Use the instance service key for registry JWT signing 2016-06-07 11:58:10 -04:00
Joseph Schorr
dd0dd39bf0 Fix the queue cleanup worker to delete the items that have expired, not unexpired 2016-06-03 22:14:14 -04:00
Joseph Schorr
5746b42c69 Add a cleanup worker for the queue item table 
Fixes #784
 2016-06-02 15:00:44 -04:00
josephschorr
ec492bb683 Merge pull request #1323 from coreos-inc/secworkerreturn 
Move security notification work into its own method to allow for retu…
 2016-06-02 13:59:25 -04:00
Jake Moshenko
9221a515de Use the registry API for security scanning 
when the storage engine doesn't support direct download url
 2016-05-04 18:04:06 -04:00
Joseph Schorr
73fa593d02 Various small fixes in prep for QE release 2016-05-04 15:20:27 -04:00
Jimmy Zelinskie
f842545b3e rename config values to remove "Quay" (#1431) 2016-05-03 13:11:21 -04:00
Evan Cordell
489752a0b7 Only refresh current instance service key 2016-04-29 14:10:33 -04:00
Evan Cordell
a6f6a114c2 service key worker to refresh automatic keys 2016-04-29 14:10:33 -04:00
Jimmy Zelinskie
128b0cd38c logrotateworker: archive every 24 hours 2016-04-18 13:02:30 -04:00
Jimmy Zelinskie
ef65822410 logrotateworker: perf optimizations 
This removes our needless transaction, only calculates the cutoff date
once, removes the logs generator, and uses a tested optimal
MIN_LOGS_PER_ROTATION.
 2016-04-15 16:51:17 -04:00
Jimmy Zelinskie
3d190b786f userfiles: make handler optional 2016-04-15 13:56:07 -04:00
Jimmy Zelinskie
c7c52e6c74 logrotateworker: save to storage via userfiles 2016-04-14 13:29:29 -04:00
Joseph Schorr
d62ec22fc9 Move security notification work into its own method to allow for return values 
Fixes #1302
Fixes #1304
 2016-03-31 14:08:33 -04:00
Joseph Schorr
dc8f9713f8 Change logs worker to use a global lock in the inner loop and move storage out of the transaction 2016-03-24 14:09:48 -04:00
Joseph Schorr
aa5587c93c Fixes and added tests for the security notification worker 
Fixes #1301

- Ensures that the worker uses pagination properly
- Ensures that the worker handles failure as expected
- Moves marking the notification as read to after the worker processes it
- Increases the number of layers requested to 100
 2016-03-18 20:28:06 -04:00
Quentin Machu
5b7d6b0638 Merge pull request #1275 from Quentin-M/min_id_once 
Compute min_id only once during securityworker's lifetime
 2016-03-04 14:02:47 -05:00
Quentin Machu
54153c9b80 Compute min_id only once during securityworker's lifetime 2016-03-04 14:02:28 -05:00
Jimmy Zelinskie
b5d904f373 Merge pull request #1218 from jzelinskie/logrotate5ever 
vastly simplify log rotation
 2016-03-04 13:48:21 -05:00
Quentin Machu
888f976e8d Use a feature flag to toggle security notifications 2016-03-01 15:54:18 -05:00
Joseph Schorr
f498e92d58 Implement against new Clair paginated notification system 2016-02-25 15:58:42 -05:00
Joseph Schorr
c0374d71c9 Refactor the security worker and API calls and add a bunch of tests 2016-02-25 12:29:41 -05:00
Quentin Machu
e5da33578c Adapt security worker for Clair v1.0 (except notifications) 2016-02-19 17:44:14 -05:00
Quentin Machu
f62a05f6d7 various securityworker fixes 2016-02-09 21:25:07 -05:00
Quentin Machu
1d2b31a581 Mark layers that Clair can't extract as failed 2016-02-09 18:24:35 -05:00
Jimmy Zelinskie
ee705fe7a9 vastly simplify log rotation 2016-02-09 18:20:14 -05:00
Quentin Machu
13c10ba7b1 Double the securityworker indexing interval 2016-02-09 14:49:10 -05:00
Joseph Schorr
ab166c4448 Delete the image diff feature 
Fixes #1077
 2015-12-23 13:08:01 -05:00
Jimmy Zelinskie
f439ad7804 Merge pull request #618 from jzelinskie/logsworker 
add a log rotation worker
 2015-12-16 17:25:50 -05:00
Jimmy Zelinskie
e1f955a3f6 add a log rotation worker 
Fixes #609.
 2015-12-16 17:22:28 -05:00
Joseph Schorr
c888a8b3be Make GC timeout configurable 2015-12-16 15:45:02 -05:00
Jake Moshenko
2f626f2691 Unify the database connection lifecycle across all workers 2015-12-04 15:51:53 -05:00
Joseph Schorr
544fa40a5f Add a base class for a global worker that locks via Redis 2015-11-24 16:18:45 -05:00
Silas Sewell
1162814734 securityworker: mark children we can't analyze 
This allows us to differentiate between images that are queued and those we
can't analyze in constant time.
 2015-11-19 11:22:15 -05:00
Quentin Machu
88e85cded0 Fix security worker (again?) 2015-11-18 19:45:09 -05:00
Quentin Machu
7e9faa6c54 Add missing import 2015-11-18 17:39:27 -05:00
Quentin Machu
605ed1fc77 Refactor security worker 2015-11-18 14:38:32 -05:00
Jake Moshenko
0459c3bc54 Merge remote-tracking branch 'upstream/master' into python-registry-v2 2015-11-16 14:22:54 -05:00
Joseph Schorr
6412e145dd Fix key error 2015-11-13 13:16:33 -05:00
Jimmy Zelinskie
09ce33e0dc fix case where query broke on empty list 2015-11-13 12:35:18 -05:00
Joseph Schorr
927a0b639c Add check for empty locations list 2015-11-13 12:23:02 -05:00
Joseph Schorr
030c69d7d2 Further merge fixes 2015-11-12 22:00:28 -05:00
Joseph Schorr
7816b0c657 Merge master into vulnerability-tool 2015-11-12 21:52:47 -05:00
Joseph Schorr
25b8b7590f Fix all the things! 2015-11-12 20:55:41 -05:00
Jimmy Zelinskie
37ce84f6af tiny fixes to securityworker 2015-11-12 17:18:04 -05:00
Jimmy Zelinskie
f6a34c5d06 refactor securityworker 
Fixes #772.
 2015-11-12 16:03:10 -05:00
Jake Moshenko
ab340e20ea Merge remote-tracking branch 'upstream/master' into python-registry-v2 2015-11-11 16:41:40 -05:00
Joseph Schorr
ca7d736db2 Only send vulnerability events if the minimum priority is gte to that specified 
Fixes #770
 2015-11-10 16:05:55 -05:00
Jimmy Zelinskie
8e2868737b rename secscan_endpoint and move db close to API 2015-11-10 15:22:31 -05:00
Jimmy Zelinskie
da31714fb5 specify securityworker skip message 2015-11-10 15:22:30 -05:00