vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
9049 commits 2 branches 62 tags 205 MiB
Commit graph

2241 commits

Author SHA1 Message Date
Joseph Schorr
a572fd33c7 Ensure that we limit the length of repository names 
Until now, they'd simply be truncated by the database. Now, we properly check their lengths.

Fixes https://jira.coreos.com/browse/QUAY-963
 2018-07-13 13:22:33 +03:00
Joseph Schorr
d32efc4e17 Move anon checked test to pytest 2018-07-12 15:24:49 +03:00
Joseph Schorr
00d965a301
Merge pull request #3135 from quay/joseph.schorr/QUAY-999/informative-errors 
Make API errors more informative
 2018-07-10 22:41:34 +03:00
Sam Chow
bd54eacbad Add app var for init scripts location to access certs install 2018-07-10 11:43:34 -04:00
Joseph Schorr
924dda296f Fully migrate API security tests into the pytest test suite 
Also adds an additional test that ensures that at least one security test exists for every (api endpoint, http method) pair.
 2018-07-08 18:33:21 +03:00
Joseph Schorr
4f152fd7c7 Make API errors more informative 
Fixes https://jira.coreos.com/browse/QUAY-999
 2018-07-08 11:45:33 +03:00
Brad Ison
73cb7f3228
endpoints/api: Allow null fields in user metadata 
The user metadata fields are nullable in the database, but were not in
the json sechema.  This prevented users from updating some of their
information on the site if they hadn't set the metadata fields.
 2018-06-27 15:34:55 -04:00
Sam Chow
f32bbf1fdc
Merge pull request #3121 from quay/project/upload-tar 
Q.E. User can upload a tarball config to modify
 2018-06-22 14:50:21 -04:00
Joseph Schorr
892cc82b6a Ensure that verbs cannot be performed on disabled namespaces or by disabled users 2018-06-21 14:41:27 -04:00
Sam Chow
b5f630ba29 Fix alembic migrations importing app 
Ensure we connect to loaded config db
 2018-06-20 17:17:35 -04:00
Joseph Schorr
2caaf84f31 Add caching support to catalog 
We will now cache the results of the catalog for 60s and not hit the database at all if cached
 2018-06-20 14:58:01 -04:00
Joseph Schorr
7604e9842b Change repo filtering for users to use a user ID reference, rather than the username 
While this means we need an additional query for initial lookup, it makes the *filtering* query (which is the heavy part) require far fewer joins, thus making it more efficient.

Also adds a new unit test to verify that our filter filters to the correct set of repositories.
 2018-06-19 10:51:30 -04:00
Joseph Schorr
3161b60522 Switch V2 pagination back to using IDs, which should be much faster and easier on the DB 
Also adds a test for the tags endpoint
 2018-06-18 16:11:26 -04:00
Joseph Schorr
0fdefd78e9 Extract app from torrent handling code 
Fixes https://jira.coreos.com/browse/QUAY-969
 2018-06-14 17:29:39 -04:00
Sam Chow
093a58558c
Merge pull request #3104 from quay/project/app-endpoints 
Config App initial entrypoint
 2018-06-12 17:03:59 -04:00
Joseph Schorr
1be22a9a56
Merge pull request #3110 from quay/joseph.schorr/QUAY-966/gitlab-v4 
Reimplement GitLab trigger handler using the V4 API library
 2018-06-12 17:03:31 -04:00
Joseph Schorr
bf966545ba Reimplement GitLab trigger handler using the V4 API library 
GitLab has deprecated and removed the V3 API entirely

Fixes https://jira.coreos.com/browse/QUAY-966
 2018-06-12 15:01:37 -04:00
Sam Chow
e9d24dc5ff Make script paths work in docker and locally for config_app 2018-06-12 14:45:00 -04:00
Sam Chow
d080ca2cc6 Create webpack config for config app 
further improve developer morale

get initial angular loading

Add remote css to config index

Starts work to port endpoints into config app

Add the api blueprint
 2018-06-12 14:44:15 -04:00
Sam Chow
92db413da6 Start moving configapp into separate dir 2018-06-12 14:44:15 -04:00
Sam Chow
81af2d9fcc Use different js bundle with base html 2018-06-12 14:44:11 -04:00
Joseph Schorr
0fa1a1d5fd Implement support for blob mounting via the mount parameter on blob uploads 
Fixes https://jira.coreos.com/browse/QUAY-893
 2018-06-06 11:31:28 -04:00
Sam Chow
708b7ee669 Add config flag that only renders new simple page 2018-06-06 10:28:37 -04:00
Joseph Schorr
ef167ab7e3 Rate limit the catalog endpoint by auth token and IP address 2018-06-05 18:24:31 -04:00
Joseph Schorr
2e0edf8f6e Have catalog endpoint return empty if the namespace is disabled 2018-06-05 17:31:00 -04:00
Sam Chow
7f21d0da58
Merge pull request #3096 from quay/refactor/secscan-simple 
Refactor validators to decouple app
 2018-06-01 15:44:18 -04:00
Sam Chow
301cc6992a Remove jwt validation for jschorr to fix later 
Refactor oauth validate method to take config over entire appconfig
 2018-06-01 15:07:06 -04:00
Sam Chow
7df8ed4a60 Add a security scanner api config object for params 
Change SecScanAPI to use a uri creation func instead of test context

Pass config provider through validator context

Remove app config dependency for validators
 2018-06-01 15:06:50 -04:00
Sam Chow
554d4f47a8 Change validators to use the validator_context 
Change InstanceKeys to take a namedtuple for context
 2018-06-01 14:59:49 -04:00
Joseph Schorr
b2262eaf46 Add feature flag to disable username confirmation 
Fixes https://jira.coreos.com/browse/QUAY-914
 2018-06-01 13:30:50 -04:00
Joseph Schorr
8ee98c1c48 Show starred public repositories in the starred repos list 
We forgot to check if the repository was public in the filter

Fixes https://jira.coreos.com/browse/QUAY-857
 2018-05-31 17:34:17 -04:00
Sam Chow
e967fde3ae Decouple oauth methods from app with a namedtuple 2018-05-31 14:53:27 -04:00
Sam Chow
d45b925155 Move config provider to _init to decouple from app 
remove app references from validators
 2018-05-25 11:15:06 -04:00
Joseph Schorr
f86c087b3b Prevent registry operations against disabled namespaces 
Allows admins to completely wall off a namespace by disabling it

Fixes https://jira.coreos.com/browse/QUAY-869
 2018-05-22 18:36:04 -04:00
Joseph Schorr
6ffafe44d3
Merge pull request #3059 from quay/joseph.schorr/QUAY-906/reg-tests 
Move registry integration tests to py.test
 2018-05-22 17:09:11 -04:00
Joseph Schorr
fc6eb71ab1 Switch from an image view UI to a manifest view UI 
We no longer allow viewing individual images, but instead only manifests. This will help with the transition to Clair V3 (which is manifest based) and, eventually, the the new data model (which will also be manifest based)
 2018-05-22 13:11:04 -04:00
Joseph Schorr
a007332d4c Temporarily change to storing logs in a new LogEntry2 table 
This will prevent us from running out of auto-incrementing ID values until such time as we can upgrade to peewee 3 and change the field type to a BigInt

Fixes https://jira.coreos.com/browse/QUAY-943
 2018-05-18 20:15:16 -04:00
josephschorr
58612955d6
Merge pull request #3079 from quay/joseph.schorr/QUAY-927/robots-limit 
Limit robots displayed in entity search
 2018-05-15 13:59:48 -04:00
Joseph Schorr
5c50161d85 Limit robots displayed in entity search 
Before, we'd load *all* the robots, which can be a huge issue in namespaces with a large number of robots. Now, we only load the top-20 robots (as per recency in login), and we also limit the information returned to the entity search to save some bandwidth.

Fixes https://jira.coreos.com/browse/QUAY-927
 2018-05-15 11:00:57 -04:00
Joseph Schorr
e3248bde47 Small fixes to make loading of logs faster 
Removes filtering of log types where not necessary, removes filtering based on namespace when filtering based on repository (superfluous check that was causing issues in MySQL preventing the use of the correct index) and fix some other small issues around the API

Fixes https://jira.coreos.com/browse/QUAY-931
 2018-05-14 11:41:49 -04:00
Joseph Schorr
2ae69dc651 Further fixes to the Kubernetes config provider, and a new set of proper unit tests 2018-05-10 16:44:18 +03:00
Joseph Schorr
77adf9dd77 Fix bug which allowed for implicit library namespace access via the V1 registry protocol when the feature flag was off 
Now we raise a 400 as expected
 2018-05-01 13:28:24 +03:00
Sam Chow
f89ad30320
Merge pull request #3060 from quay/max-results-help-text 
Configurable options for search, disable next page & add help text when at max results
 2018-04-25 08:17:35 -07:00
Sam Chow
1afedafcbb Configurable options for search, info when at max 
includes the options for  maximum search results per page, and the
maximum number of pages available before help text is shown, and
the next page button is disabled
 2018-04-25 11:12:09 -04:00
Joseph Schorr
3309daa32e Add support for reduced initial build count for new possible abusing users 
If configured, we now check the IP address of the user signing up and, if they are a possible threat, we further reduce their number of allowed maximum builds to the configured value.
 2018-04-20 18:46:32 +03:00
Joseph Schorr
a59c951aa3 Add support for multiple scope parameters on V2 auth requests 
Fixes https://jira.coreos.com/browse/QUAY-892
 2018-04-18 20:16:49 +03:00
Joseph Schorr
86aa93aab5 Add a new test suite for the v2auth generate_registry_jwt endpoint 2018-04-18 20:16:49 +03:00
Joseph Schorr
8146646761 Simplifying queries around images and placements 
Only verbs needs to load placements for multiple images, so we can vastly simplify and optimize most queries by making it two-step, and having the rest of the image loads not worry about placements
 2018-04-03 16:23:49 -04:00
josephschorr
323eb63747
Merge pull request #3032 from coreos-inc/joseph.schorr/QUAY-885/squashed-sym 
Retarget broken hard links in squashed images
 2018-03-26 17:59:52 -04:00
Joseph Schorr
dd470bdc9d Add a reporter for verbs to track number of storage streams are needed 2018-03-26 17:02:39 -04:00
Joseph Schorr
110366f656 Retarget hard links pointing to deleted files by emitting the deleted file contents under the first hard link instance. This fixes a breakage in the squashed TAR where we were pointing hard links to missing data. 
Fixes https://jira.coreos.com/browse/QUAY-885
 2018-03-23 14:00:46 -04:00
josephschorr
7b5c22c699
Merge pull request #1205 from coreos-inc/apiimprov 
Remove 404 when an entity is not a member of a team, but is a robot u…
 2018-03-22 21:41:16 -04:00
Joseph Schorr
6d365418b7 Limit the size of then payload for creating robot accounts 2018-03-22 13:54:56 -04:00
josephschorr
6c43b7ff0d
Merge pull request #3024 from coreos-inc/manageable-robots 
Manageable robots epic
 2018-03-21 18:50:17 -04:00
Joseph Schorr
2ea13e86a0 Add last_accessed information to User and expose for robot accounts 
Fixes https://jira.coreos.com/browse/QUAY-848
 2018-03-21 15:28:34 -04:00
Joseph Schorr
3586955669 Remove license code in Quay 
No longer needed under Red Hat rules \o/

Fixes https://jira.coreos.com/browse/QUAY-883
 2018-03-20 17:03:35 -04:00
josephschorr
ca0772e1b5
Merge pull request #3027 from coreos-inc/joseph.schorr/QUAY-871/oauth-scopes 
Fix OAuth scopes display
 2018-03-16 14:28:40 -04:00
Joseph Schorr
86f898d9bd Fix OAuth scopes display 
Before, we were sending the wrong kind of data (namedtuple instead of dict) in the non-superuser case, which broke prod. Now, we always explicitly send a standard dictionary.

Fixes https://jira.coreos.com/browse/QUAY-871
 2018-03-16 13:03:42 -04:00
Brad Ison
e8429f9194
Add organization collaborators API endpoint 
Adds an API endpoint, `/v1/organization/<orgname>/collaborators`, that
lists an organization's "outside collaborators", i.e. users that have
direct permissions on one or more repositories belonging to the
organization, but who aren't members of any teams in the organization.
 2018-03-14 16:11:53 -04:00
Joseph Schorr
f1da3c452f Remove unused code 2018-03-12 20:32:05 -04:00
Joseph Schorr
254cdfe43a Add support for metadata on robot accounts 
Fixes https://jira.coreos.com/browse/QUAY-847
Fixes https://jira.coreos.com/browse/QUAY-816
 2018-03-12 20:32:05 -04:00
Joseph Schorr
a693771345 Add creation date information to robots API and UI 
Fixes https://jira.coreos.com/browse/QUAY-846
 2018-03-09 13:55:19 -05:00
Joseph Schorr
da45bedcdb Remove 404 when an entity is not a member of a team, but is a robot under the org. 
Fixes #1200
 2018-03-02 16:07:03 -05:00
Joseph Schorr
24b77bbc10 Fix serialization of blobs to/from the cache 
Also makes sure the test checks that serialization
 2018-03-02 14:22:55 -05:00
Joseph Schorr
93d79e777e Automatically disable build triggers with successive failures or internal errors 
We allow users to reenable them manually once disabled
 2018-03-01 16:49:51 -05:00
Joseph Schorr
c35eec0615 Add ability for triggers to be disabled 
Will be used in the followup commit to automatically disable broken triggers
 2018-03-01 16:49:28 -05:00
Joseph Schorr
4be3594ec8 Remove internal_only from superuser APIs for users and orgs 2018-03-01 15:14:39 -05:00
Joseph Schorr
8bc55a5676 Make namespace deletion asynchronous 
Instead of deleting a namespace synchronously as before, we now mark the namespace for deletion, disable it, and rename it. A worker then comes along and deletes the namespace in the background. This results in a *significantly* better user experience, as the namespace deletion operation now "completes" in under a second, where before it could take 10s of minutes at the worse.

Fixes https://jira.coreos.com/browse/QUAY-838
 2018-02-27 13:12:51 -05:00
josephschorr
6220df4f88
Merge pull request #3012 from coreos-inc/access-control-header 
Add X-Requested-With header to allowed CORS headers
 2018-02-21 14:27:36 -05:00
Joseph Schorr
bcd9b680fa Add X-Requested-With header to allowed CORS headers 
Will fix the API explorer
 2018-02-21 14:21:27 -05:00
Joseph Schorr
e446eb5757 Switch build queue limiter query to use total number of alive jobs 
This is slightly more accurate and, not being based on time, will work better under MySQL
 2018-02-21 14:04:40 -05:00
Joseph Schorr
9a452ace11 Add configurable limits for number of builds allowed under a namespace 
We also support that limit being increased automatically once a successful billing charge has gone through
 2018-02-20 16:54:22 -05:00
Brad Ison
62971b7f20
Merge pull request #2999 from bison/user-location 
Add user location metadata filed
 2018-02-20 16:48:37 -05:00
Joseph Schorr
188ea98441 Add new decorator to prevent reflected text attacks 
Instead of disabling repo names with periods in them, we simply disallow calls to the API when they are GET requests, whose path ends in a dot, and that do not have a referrer from the frontend.
 2018-02-20 11:33:45 -05:00
josephschorr
ac328da383
Merge pull request #3006 from coreos-inc/joseph.schorr/QUAY-827/noop-team-name 
Add messaging when trying to create a team that already exists
 2018-02-15 16:41:51 -05:00
Joseph Schorr
72ca758c88 Add messaging when trying to create a team that already exists 
Fixes https://jira.coreos.com/browse/QUAY-827
 2018-02-15 16:03:09 -05:00
Joseph Schorr
e220b50543 Refactor auth code to be cleaner and more extensible 
We move all the auth handling, serialization and deserialization into a new AuthContext interface, and then standardize a registration model for handling of specific auth context types (user, robot, token, etc).
 2018-02-14 15:35:27 -05:00
Brad Ison
5965929187 Include location in user analytics 2018-02-06 16:06:17 -05:00
Brad Ison
3de6b4a646 Add location metadata field for users 2018-02-06 16:06:17 -05:00
josephschorr
9f7b08d0ff
Merge pull request #2993 from coreos-inc/joseph.schorr/QUAY-797/pagination-size 
Allow size of pages in V2 api to be configurable
 2018-02-02 15:21:15 -05:00
Joseph Schorr
eae9175950 Allow size of pages in V2 api to be configurable 2018-02-02 13:54:41 -05:00
josephschorr
6514bf229f
Merge pull request #2973 from coreos-inc/joseph.schorr/QS-116/cloudfront-storage 
Add support for configuring cloudfront storage
 2018-02-02 10:14:28 -05:00
Joseph Schorr
b0f656731c Add support for configuring CloudFront storage engine 
Fixes https://jira.coreos.com/browse/QS-116
 2018-01-31 11:22:14 -05:00
josephschorr
fd1237cff9
Merge pull request #2974 from coreos-inc/joseph.schorr/QS-118/manifest-write-query 
Audit the number of SQL queries we make in writing manifests, and significantly reduce in the common case
 2018-01-31 11:08:33 -05:00
Joseph Schorr
9e16a989f5 Audit the number of SQL queries we make in writing manifests, and significantly reduce in the common case 
Instead of 41 queries now for the simple manifest, we are down to 14.

The biggest changes:
  - Only synthesize the V1 image rows if we haven't already found them in the database
  - Thread the repository object through to the other model method calls, and use it instead of loading again and again
 2018-01-25 11:10:43 -05:00
Joseph Schorr
208dc38d25 Allow expired app specific tokens to be deleted 2018-01-23 11:40:51 -05:00
josephschorr
b29e8202e5
Merge pull request #2977 from coreos-inc/joseph.schorr/QS-121/gunicorn-health 
Add instance health checks for all gunicorn workers
 2018-01-16 11:31:22 -05:00
Joseph Schorr
e91b83e1be Add instance health checks for all gunicorn workers 
Fixes https://jira.coreos.com/browse/QS-121
 2018-01-16 11:29:40 -05:00
Joseph Schorr
a32edb646d Fix 500 exception when sending a non-string release name to appr 
Fixes https://jira.coreos.com/browse/QS-120
 2018-01-12 17:14:05 -05:00
Joseph Schorr
c887aa543b Change superuser API errors to be more descriptive 
Fixes https://jira.coreos.com/browse/QS-103
 2018-01-05 17:09:26 -05:00
josephschorr
13b738c43c
Merge pull request #2954 from coreos-inc/joseph.schorr/QS-102/user-api-filter 
Add ability to filter users list to enabled users
 2018-01-05 15:40:50 -05:00
josephschorr
5286fd63b0
Merge pull request #2953 from coreos-inc/joseph.schorr/QS-101/discovery-anon 
Allow anonymous access to the discovery endpoint
 2018-01-05 15:40:39 -05:00
josephschorr
d8fde005d8
Merge pull request #2961 from coreos-inc/joseph.schorr/QS-107/create-repo-opt 
Small optimizations around create repository code
 2018-01-05 15:40:30 -05:00
Joseph Schorr
888b564a9b Add a banner to the Quay UI when an app specific token is about to expire 2018-01-04 15:27:42 -05:00
Joseph Schorr
2214a2c7ad Disable fresh login check in auth engines that won't support it 2018-01-04 15:27:41 -05:00
Joseph Schorr
524d77f527 Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password 2018-01-04 15:27:41 -05:00
Joseph Schorr
1e1bec0afe Remove extra update call on create repo 2018-01-04 13:42:05 -05:00
Joseph Schorr
c1cff32c1e Fix log levels in registry 2018-01-04 13:07:11 -05:00
Joseph Schorr
f05982dc7c Fix app registry logging 2018-01-04 13:05:50 -05:00
Joseph Schorr
8e473b9779 Add filter for disabled users to superuser user list API 
Fixes https://jira.coreos.com/browse/QS-102
 2017-12-22 16:45:49 -05:00
Joseph Schorr
1d3a93efcb Linter fixes for superuser API file 2017-12-22 16:18:58 -05:00
Joseph Schorr
6b42e3e4ca Allow anonymous access to the discovery endpoint 
Fixes https://jira.coreos.com/browse/QS-101
 2017-12-22 16:13:23 -05:00
Joseph Schorr
11e3724919 Return an http 415 (manifest version not supported) for OCI manifest content types 
This was breaking skopeo, as it first tries to send the *OCI* manifest type, which we didn't say we didn't support, thus breaking the tool
 2017-12-20 11:02:34 -05:00
Joseph Schorr
9e16596854 Add a bunch of logging to the data model caching mechanism 
Should help us debug any potential issues
 2017-12-18 14:18:37 -05:00
Joseph Schorr
b2485934ed Enable caching of blobs in V2 registry protocol, to avoid DB connections after the cache has been loaded 
This should help for bursty pull traffic, as it will avoid DB connections on a huge % of requests
 2017-12-14 13:38:24 -05:00
Joseph Schorr
db6007cb37 Change v2 registry auth code to not hit the database when we know we have permissions loaded 
Avoids a DB call and, when used in conjunction with blob caching, will avoid a DB *connection*
 2017-12-14 13:37:31 -05:00
Joseph Schorr
51e67ab7f5 Fix get_blob_path to not make any database calls and add a test 
This will be supported by caching, hopefully removing the need to hit the database when the blob object is cached
 2017-12-13 16:27:46 -05:00
Joseph Schorr
a706d99849 Add additional logs and an additional test for verbs 2017-12-07 15:22:20 -05:00
josephschorr
6db2ecc19f
Merge pull request #2928 from coreos-inc/joseph.schorr/QS-74/fix-restart 
Have Quay lookup the sbin/my_init PID to kill
 2017-12-07 13:25:16 -05:00
Joseph Schorr
1d1c6f0606 Invalidate all session tokens when a user signs out 
Fixes https://jira.coreos.com/browse/QS-85
 2017-12-07 13:03:11 -05:00
josephschorr
d405f6f158
Merge pull request #2899 from coreos-inc/joseph.schorr/QS-36/appr-auth-improvement 
Allow app registry to use robots and tokens to login
 2017-12-06 15:04:22 -05:00
josephschorr
b9ad8bbb5d
Merge pull request #2934 from coreos-inc/joseph.schorr/QS-78/email-recovery 
Security fixes for password recovery
 2017-12-06 14:53:02 -05:00
Joseph Schorr
a204dc20fb Require CAPTCHA for password recovery 
https://jira.coreos.com/browse/QS-79
 2017-12-06 14:25:34 -05:00
josephschorr
8d7381336a
Merge pull request #2910 from coreos-inc/joseph.schorr/QS-58/oidc-auth-bug 
Don't add a "password required" notification for non-database auth via OIDC
 2017-12-06 14:19:49 -05:00
Joseph Schorr
927d469db0 In password recovery, don't reveal whether an e-mail address is valid (unless it is an org's e-mail address) 2017-12-06 14:07:38 -05:00
Joseph Schorr
3bf8973fd9 Change app registry to use the credentials verification system 
Allows for tokens, OAuth tokens and robot accounts to be used as well

Fixes https://jira.prod.coreos.systems/browse/QS-36
 2017-12-06 13:52:25 -05:00
Joseph Schorr
aa49b37ad2 Change Docker V1 index to use verify_credentials 2017-12-06 13:52:25 -05:00
Joseph Schorr
25248a8c35 Make sure to close the database connection before forking in verbs 
This prevents a bug with the postgres driver from breaking the verbs

Fixes https://jira.coreos.com/browse/QS-68
 2017-12-04 16:33:24 -05:00
Joseph Schorr
4db1615d94 Fix bugs in updateuser 
1) Also check for matching organization names
2) Ensure that errors don't leave the throbber
 2017-12-01 14:58:29 -05:00
Joseph Schorr
874a7b0c41 Have Quay lookup the sbin/my_init PID to kill 
We changed the entry point in Quay to be a shell script that calls `my_init`, which means the init no longer has PID 1. We therefore need to look up the correct PID to kill it.

Fixes https://jira.coreos.com/browse/QS-74
 2017-12-01 14:04:43 -05:00
Joseph Schorr
2ced523313 Add Explore tab and query-less searching 
Allows for exploration of all visible repositories, in paginated form.

This change also fixes the layout of the header on different viewport sizes to be consistently a single line in height.

Fixes https://jira.coreos.com/browse/QS-63
 2017-11-28 16:50:23 +02:00
Joseph Schorr
9b2fb46e34 Move recaptcha check after the username check 
Ensures that if someone chooses an existing username, they don't need to re-recaptcha

Fixes https://jira.coreos.com/browse/QS-65
 2017-11-27 16:59:42 +02:00
Joseph Schorr
503cff8f0c Don't add a "password required" notification for non-database auth via OIDC 2017-11-13 16:17:36 -05:00
Joseph Schorr
1b6ecb6c1c Fix bug in listing owned tags 
We were indexing into a map using the docker_image_id, but the ancestors use the *image id*. Also cleans up the code and adds some tests.

Fixes https://jira.prod.coreos.systems/browse/QS-55
 2017-11-09 16:21:40 -05:00
Joseph Schorr
f67e2baeba Fix verbs for recent storage change 
1) Initialize the storage class in verbs with the extra needed args
2) Make the CloudFrontedS3Storage resilient to those extra args being missing
 2017-10-07 00:17:10 -04:00
Joseph Schorr
2ce4e49711 Build job does not have a request context when calling get_file_url 
We therefore need to specify some sort of IP or get_file_url will attempt to get it from context
 2017-10-06 12:57:02 -04:00
josephschorr
3bef21253d Merge pull request #2695 from coreos-inc/oidc-internal-auth 
OIDC internal auth support
 2017-10-02 16:51:17 -04:00
josephschorr
491b9c8278 Merge pull request #2872 from coreos-inc/joseph.schorr/QS-12/fix-org-links 
Fix namespace links that end in slashes
 2017-09-29 13:03:10 -04:00
josephschorr
82e09d6f16 Merge pull request #2869 from coreos-inc/joseph.schorr/QS-2/cloudfront 
CloudFront redirect support
 2017-09-29 12:08:50 -04:00
Joseph Schorr
58e6a17373 Fix namespace links that end in slashes 2017-09-28 15:14:53 -04:00
Joseph Schorr
82ff85b125 Add ability for users to change their name and company information 2017-09-26 16:58:04 -04:00
Joseph Schorr
56fbbcf7cf Add request IP to get_direct_download_url method 2017-09-25 17:14:28 -04:00
Alec Merdler
ad61df66c5 Merge pull request #2846 from alecmerdler/QUAY-682 
Optimize Webpack JS Bundle Size
 2017-09-18 16:47:30 -04:00
Joseph Schorr
804d3c46c3 Add feature flag to allow users to be created only if invited to join a team 
Allows for open user creation, but only if extended an invitation by someone who already has access
 2017-09-14 16:28:39 -04:00
Joseph Schorr
c6aad5fef0 Add option to disable partial autocompletion of users 2017-09-12 15:55:37 -04:00
Joseph Schorr
adc70d2fe2 Add alias for callback path 2017-09-12 12:26:42 -04:00
Evan Cordell
1d246784dd Include invalid oidc token in the error message for debugging 2017-09-12 12:26:42 -04:00
Joseph Schorr
e724125459 Add support for using OIDC tokens via the Docker CLI 2017-09-12 12:23:22 -04:00
Joseph Schorr
e0820c6be5 Remove encoding of credentials in build trigger web hook 
This now breaks BitBucket
 2017-09-07 11:27:02 -04:00
Joseph Schorr
2fdc1be94b Remove duplicate orgs when using public namespaces 
Fixes https://coreosdev.atlassian.net/browse/QUAY-770
 2017-08-24 14:13:26 -04:00
Joseph Schorr
464bccb5a0 Fix permissions on accessing archived logs 2017-08-18 13:45:36 -04:00
josephschorr
46e1bd9c75 Merge pull request #2850 from coreos-inc/jpmc-features 
Features for JPMC
 2017-08-16 14:29:00 -04:00
Jimmy Zelinskie
9e09612851 Revert "Merge pull request #2844 from coreos-inc/alegrand/use_latest_appr_server_code" 
This reverts commit 646fafb2fd, reversing
changes made to 5c1b635439.
 2017-08-09 20:45:46 -04:00
Joseph Schorr
854155fe82 Fix missing to_dict and import in robots model 
Also adds a test to catch this issue
 2017-08-09 20:33:14 -04:00
Joseph Schorr
2184721d28 Fix recursion error in images API 
We only need parents for the root set of images
 2017-08-09 13:27:54 -04:00
Evan Cordell
cac0457540 fix misnamed key in permissions api 2017-08-09 08:37:59 -04:00
Antoine Legrand
646fafb2fd Merge pull request #2844 from coreos-inc/alegrand/use_latest_appr_server_code 
Migrate from cnr -> appr
 2017-08-09 00:01:25 +02:00
Joseph Schorr
57136eb343 Require CAPTCHA for creating new accounts via OAuth 
Plugs the remaining hole for bot-based account creation
 2017-08-08 15:23:57 -04:00
Antoine Legrand
6336a4a971 Migrate from cnr -> appr 2017-08-08 11:48:59 +02:00
Joseph Schorr
650dbe5f5b Add config to enable "public" namespaces 
These are namespaces that will be displayed in the repo list view, regardless of whether the user is a member.
 2017-08-07 15:59:06 -04:00