Jimmy Zelinskie
f3c3e684a1
prepare branch to be merged into phase1-11-07-2015
...
This removes the checksum backfill, removes the migration that runs the
backfills, and defaults the security scan feature off.
2015-11-06 15:22:18 -05:00
Joseph Schorr
cfa03951e1
Add a SecScanEndpoint class and move all the cert and config handling in there
2015-11-06 15:22:18 -05:00
Joseph Schorr
e4508fc0d0
Add vulnerabilities and packages API to Quay
...
Fixes #564
2015-11-06 15:22:18 -05:00
Joseph Schorr
0f3db709ea
Add a vulnerability_found event for notice when we detect a vuln
...
Fixes #637
Note: This PR does *not* actually raise the event; it merely adds support for it
2015-11-06 15:22:18 -05:00
Joseph Schorr
2d1df267dd
Add security config
2015-11-06 15:22:18 -05:00
Joseph Schorr
f6a53f7cc5
Change all Quay.io references to Quay, fix tour and change logo
...
Fixes #741
2015-11-02 14:37:48 -05:00
Jake Moshenko
fc55730db8
Add a feature flag to advertise v2 endpoints
2015-10-26 14:20:51 -04:00
Jake Moshenko
26cea9a07c
Merge remote-tracking branch 'upstream/master' into python-registry-v2
2015-09-17 16:16:27 -04:00
Jake Moshenko
9c3ddf846f
Some fixes and tests for v2 auth
...
Fixes #395
2015-09-10 15:38:57 -04:00
Joseph Schorr
c0286d1ac3
Add support for Dex to Quay
...
Fixes #306
- Adds support for Dex as an OAuth external login provider
- Adds support for OIDC in general
- Extract out external logins on the JS side into a service
- Add a feature flag for disabling direct login
- Add support for directing to the single external login service
- Does *not* yet support the config in the superuser tool
2015-09-04 17:05:06 -04:00
Jake Moshenko
210ed7cf02
Merge remote-tracking branch 'upstream/master' into python-registry-v2
2015-09-04 16:32:01 -04:00
Joseph Schorr
0a91a1d9d8
Redirect to the /setup page automatically in the ER when not fully setup
2015-09-02 14:59:54 -04:00
Joseph Schorr
724b1607d7
Add automatic storage replication
...
Adds a worker to automatically replicate data between storages and update the database accordingly
2015-09-01 14:53:32 -04:00
Jake Moshenko
e1b3e9e6ae
Another huge batch of registry v2 changes
...
Add patch support and resumeable sha
Implement all actual registry methods
Add a simple database generation option
2015-08-12 16:41:12 -04:00
Joseph Schorr
e53c3e23be
Change docs to load from HTTPS
2015-08-05 14:34:11 -04:00
Joseph Schorr
8a8955d234
Add documentation search to the main search bar
2015-08-03 17:15:53 -04:00
Joseph Schorr
70de107268
Make GC of repositories fully async for whitelisted namespaces
...
This change adds a worker to conduct GC on repositories with garbage every 10s.
Fixes #144
2015-07-28 15:30:04 -04:00
Jake Moshenko
bc29561f8f
Fix and templatize the logic for external JWT AuthN and registry v2 Auth.
...
Make it explicit that the registry-v2 stuff is not ready for prime time.
2015-07-17 11:56:15 -04:00
Joseph Schorr
33b31a2451
Fix logs view in superuser panel
...
This seems to have been broken ever since we moved to syslog
2015-06-15 20:55:23 -04:00
Jake Moshenko
e09d84b3c8
Merge pull request #55 from coreos-inc/oauthdeny
...
Fix OAuth redirect for denial action when generating for internal tokens
2015-06-05 14:00:16 -04:00
Joseph Schorr
5516911de9
Fix OAuth redirect for denial action when generating for internal tokens
2015-06-02 12:25:59 -04:00
Joseph Schorr
54992c23b7
Add a feature flag for disabling unauthenticated access to the registry in its entirety.
2015-05-19 17:52:44 -04:00
Joseph Schorr
ba0fafc857
Add missing default for the gitlab feature flag
2015-05-04 19:04:27 -07:00
Joseph Schorr
c480fb2105
Work in progress: bitbucket support
2015-04-24 15:13:08 -04:00
Joseph Schorr
5cd500257d
Merge branch 'master' into orgview
2015-04-01 13:56:49 -04:00
Joseph Schorr
27a9b84587
Switch avatars to be built out of CSS and only overlayed with the gravatar when a non-default exists
2015-03-30 17:55:04 -04:00
Joseph Schorr
e4b659f107
Add support for encrypted client tokens via basic auth (for the docker CLI) and a feature flag to disable normal passwords
2015-03-25 18:43:12 -04:00
Jake Moshenko
78c8354174
Switch our temporary token lookups for signed grants which will not require DB access.
2015-02-19 16:54:23 -05:00
Jake Moshenko
ec01373240
Rename the config variable for temp tag expiration per the pull request feedback.
2015-02-18 17:06:41 -05:00
Jake Moshenko
41108a0856
Allow tags to be marked as hidden. Create a hidden tag on every image during a push to prevent them from getting GCed.
2015-02-18 17:05:16 -05:00
Joseph Schorr
3cae6609a7
Remove old services from the blacklist
2015-02-18 16:34:42 -05:00
Joseph Schorr
0d2c42ad03
Fix tests
2015-01-09 17:11:51 -05:00
Joseph Schorr
40d2b1748f
Fix handling of secret key: We now generate it on app startup if it doesn't exist in the config (which it doesn't anymore in the base config.py).
2015-01-05 12:31:02 -05:00
Joseph Schorr
1bf25f25c1
WIP
2015-01-04 14:38:41 -05:00
Joseph Schorr
4ca877c1d4
Add ability to download system logs
2014-12-23 14:01:00 -05:00
Jimmy Zelinskie
f3259c862b
Merge branch 'koh'
...
Conflicts:
auth/scopes.py
requirements-nover.txt
requirements.txt
static/css/quay.css
static/directives/namespace-selector.html
static/js/app.js
static/partials/manage-application.html
templates/oauthorize.html
2014-12-01 12:30:09 -08:00
Joseph Schorr
72d613614d
Merge branch 'bagger'
2014-12-01 12:48:59 -05:00
Joseph Schorr
660a640de6
Better organize the source file structure of the build manager and change it to choose a lifecycle manager based on the config
2014-11-25 16:14:44 -05:00
Joseph Schorr
e9cac407df
Add a configurable avatar system and add an internal avatar system for enterprise
2014-11-24 19:25:13 -05:00
Jimmy Zelinskie
716d7a737b
Strip whitespace from ALL the things.
2014-11-24 16:07:38 -05:00
Jake Moshenko
8b3184a7cb
Change the default username and password for flask-mail to None instead of empty string.
2014-11-21 12:32:30 -05:00
Jake Moshenko
2b8c246476
Temporarily put user rename behind a feature flag. Switch queue names back to using the username for namespace while we figure out a real migration strategy.
2014-11-20 15:36:39 -05:00
Joseph Schorr
3e79379942
- Make the OAuth config system centralized
...
- Add support for Github Enterprise login
2014-11-05 16:43:37 -05:00
Joseph Schorr
98602a2d0c
Add a new configurable health check, to make sure production instances are not taken down by Redis or non-local DB issues
2014-11-02 15:06:17 -05:00
Joseph Schorr
4eedd54b66
- Make usage language more accurate by stating "repositories"
...
- Have usage counter be based on a 4 weeks TTL
- Add a simple usage counter breakage test
2014-10-30 13:26:02 -04:00
Joseph Schorr
c1398c6d2b
- Add a log entry for repo verb handling and make the container usage calculation take it into account
...
- Move all the repo push/pull/verb logging into a central track_and_log method
- Readd images accidentally deleted in the last CL
- Make the uncompressed size migration script better handle exceptions
2014-10-29 15:42:44 -04:00
Joseph Schorr
8b331b453e
Make the contact page dynamic so that enterprise customers can configure it however they like
2014-10-22 14:49:33 -04:00
Jake Moshenko
fa6a06502d
Change the default redis host to localhost. Fix some whitespace issues in the userevents module.
2014-10-14 14:37:02 -04:00
Jake Moshenko
44637dad96
Merge branch 'master' of bitbucket.org:yackob03/quay
2014-10-14 13:58:14 -04:00
Jake Moshenko
328db8b660
Split the app into separate backends, which can use different worker types and different timeouts.
2014-10-14 13:58:08 -04:00
Joseph Schorr
49f8629566
Make the default mail sender use the Flask mail config value
2014-10-10 13:14:33 -04:00
Joseph Schorr
c682899861
Add a feature flag to disable user creation
2014-10-02 14:49:18 -04:00
Joseph Schorr
2c5cc7990f
Allow for additional REDIS config such as password and port
2014-10-01 14:16:42 -04:00
Joseph Schorr
f3b03ebc34
Add a feature flag for disabling all emails
2014-09-22 19:11:48 -04:00
Jake Moshenko
2455c17f96
Merge remote-tracking branch 'origin/master' into waltermitty
...
Conflicts:
app.py
data/userfiles.py
2014-09-11 11:18:28 -04:00
Jake Moshenko
c9e1648781
Small fixes to bugs in the streaming handler for use with magic and radosgw.
2014-09-09 18:30:14 -04:00
Jake Moshenko
451e034ca1
Archived logs commit 1. Squash me.
2014-09-08 16:43:17 -04:00
Joseph Schorr
e028d4ae0a
Merge master into branch
2014-09-04 18:08:18 -04:00
Joseph Schorr
4140e115e5
Put building behind a feature flag
2014-08-22 18:03:22 -04:00
Joseph Schorr
2597bcef3f
Add support for login with Google. Note that this CL is not complete
2014-08-11 15:47:44 -04:00
Joseph Schorr
6f804c222a
Replace references seen in the enterprise version to "Quay.io" with a config-pulled value
2014-08-08 13:50:04 -04:00
Joseph Schorr
bcbea37fce
Change distributed config format to make it easier for the setup tool
2014-08-07 13:45:15 -04:00
Joseph Schorr
49801bc2c4
- Add web hook queue code back in. We'll remove it and turn it off after this CL goes to prod
...
- Make notification lookup always be by repo and its UUID, rather than the internal DB ID
- Add the init script for the notification worker
2014-07-31 13:30:54 -04:00
Joseph Schorr
8d7493cb86
Convert over to notifications system. Note this is incomplete
2014-07-17 22:51:58 -04:00
Jake Moshenko
6047f3759f
Remove the placement fallback since the DB has been fully backfilled.
2014-06-24 17:01:23 -04:00
Jake Moshenko
cf2ba9f0b6
Fix a typo in the config for the backfill location.
2014-06-23 11:25:14 -04:00
Jake Moshenko
0a62f7f725
Add the ability to look up images which do not have a placement yet.
2014-06-18 12:40:23 -04:00
Jake Moshenko
bf98575feb
Add the basics of geographic data distribution and get the tests to work.
2014-06-17 16:03:43 -04:00
Jake Moshenko
0057ced98c
Move GitHub build trigger behind a feature flag.
2014-05-30 18:28:18 -04:00
Jake Moshenko
d1f4fbdacc
Split out the redis hostname for user events and build logs as a string config. Modularize the user events and fix all callers.
2014-05-30 14:25:29 -04:00
Joseph Schorr
69be86be97
Add extra seat check in the user API call and turn off user->org conversion when authentication is LDAP
2014-05-28 15:53:53 -04:00
Jake Moshenko
f6726bd0a4
Merge branch 'ldapper'
...
Conflicts:
Dockerfile
app.py
data/database.py
endpoints/index.py
test/data/test.db
2014-05-22 12:13:41 -04:00
Jake Moshenko
d14798de1d
Add a queue capacity reporter plugin to the queue. Move the queue definitions to app. Add a cloudwatch reporter to the dockerfile build queue.
2014-05-21 19:50:37 -04:00
Jake Moshenko
11c6c5fa52
Merge remote-tracking branch 'origin/master' into ldapper
...
Conflicts:
app.py
2014-05-13 16:55:02 -04:00
Joseph Schorr
08ccad7fe4
Add support for not using CDN-based resources. When USE_CDN = False, all CDN-based resources will instead be used from the local system.
2014-05-09 18:49:33 -04:00
Jake Moshenko
bcb993a914
Set up the build logs to use our fake build logs on test and local.
2014-05-09 18:45:11 -04:00
Jake Moshenko
027ada1f5c
First stab at LDAP integration.
2014-05-09 17:39:43 -04:00
Jake Moshenko
fe2eb079b7
Remove unused import.
2014-05-01 21:38:02 -04:00
Jake Moshenko
a5a61576ae
Revamp the logging a bit. Not quite done yet.
2014-05-01 19:44:28 -04:00
Jake Moshenko
fe665118bb
Add sentry exception monitoring.
2014-04-28 18:59:22 -04:00
Joseph Schorr
91c1342ffb
Switch to having GitHub login off in the default config, since the keys are empty anyway
2014-04-16 22:51:56 -04:00
jakedt
4b8217d4ad
Add config to allow for setting the queue names at runtime. Fix a bug in the data model.
2014-04-11 19:23:57 -04:00
jakedt
61a6db236f
Finish the implementation of local userfiles. Strip charsets from mimetypes in the build worker. Add canonical name ordering to the build queue. Port all queues to the canonical naming version.
2014-04-11 18:34:47 -04:00
jakedt
14fba3ae7c
Rename SERVER_NAME to SERVER_HOSTNAME to fix the subdomain routing problems.
2014-04-11 11:17:45 -04:00
jakedt
0fd5da172e
Fix the super user default config. Slight style tweaks to the super user permission implementation.
2014-04-10 15:51:39 -04:00
jakedt
73f23f155c
Merge branch 'ncc1701' of ssh://bitbucket.org/yackob03/quay into ncc1701
2014-04-10 15:20:26 -04:00
jakedt
d39f3cc5d4
Fix the tests and implement a fake stripe.
2014-04-10 15:20:16 -04:00
Joseph Schorr
bdf2b02c1a
Merge branch 'ncc1701' of https://bitbucket.org/yackob03/quay into ncc1701
2014-04-10 00:27:51 -04:00
Joseph Schorr
0e320c964f
- Add support for super users
...
- Add a super user API
- Add a super user interface
2014-04-10 00:26:55 -04:00
jakedt
fc7756a3c2
Add alembic plumbing for database schema migrations.
2014-04-09 19:11:33 -04:00
jakedt
4d4f3b1c18
Add the olark feature flag to the default config and fix the usage of flask modules.
2014-04-08 23:05:45 -04:00
Joseph Schorr
da859203f7
- Add a config whitelist
...
- Send the config values to the frontend
- Add a service class for exposing the config values
- Change the directives to inject both Features and Config
- Change directive users to make use of the new scope
2014-04-08 19:14:24 -04:00
jakedt
265fa5070a
Fix support for multiple stack configurations and move most secrets into the quay-config project.
2014-04-07 16:59:22 -04:00
jakedt
8e9faf6121
Toward running quay in a docker container.
2014-04-07 01:20:09 -04:00
Joseph Schorr
6e2b8d96b8
Add a simplified landing page for the case where billing is disabled
2014-04-06 14:48:58 -04:00
Joseph Schorr
c374e8146a
- Add code for placing the features information on the frontend
...
- Add a Features service for examining feature flags on the frontend
- Add a directive (quay-requires) that matches feature flags and, if any one does not match, removes the element from the DOM
- Add a directive (quay-show) that injects the features into the scope so that expressions of the form "Features.BILLING || something" work out of the box to show/hide the element
- Add a directive (quay-classes) that allows for setting of CSS classes on an element based on feature expression(s) such as {"!BILLING": "active"} (e.g. the BILLING flag is set to false, add the class "active".
2014-04-04 23:26:10 -04:00
jakedt
0abbf042dd
Add a features modules that process the flask dict.
2014-04-03 18:47:17 -04:00
jakedt
173f8d9b9a
Remove the invalid import.
2014-04-03 17:45:44 -04:00
jakedt
e87ffa20cf
First attempt at making config loadable through string config overrides in an env variable.
2014-04-03 17:31:46 -04:00
jakedt
f8a1535e78
Fix the trigger delete code and enable peewee autorollback.
2014-03-06 14:47:02 -05:00