vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
8803 commits 2 branches 62 tags 205 MiB
Commit graph

64 commits

Author SHA1 Message Date
Joseph Schorr
f4b05df179 Fix SSL test import 2018-07-19 11:59:14 -04:00
Sam Chow
860703c2b2 Override config directory in certs install script in config app 2018-07-18 14:21:25 -04:00
Sam Chow
f5a8116f5a Remove password confirmation in config app 
Small fix to manually clean up temp dir when creating new temp dir,
small fix to font awesome icons, change the jwt/keystone
validators to not use username/password
 2018-07-17 16:00:55 -04:00
Sam Chow
ba4b10b386 Update ldap validation test to match expected behavior 2018-07-16 11:18:22 -04:00
Sam Chow
9024419896 Modify ldap validator to just check user existence 
Remove auth user check from updating config app config

remove duplicate certs install script
 2018-07-11 16:49:13 -04:00
Sam Chow
bd54eacbad Add app var for init scripts location to access certs install 2018-07-10 11:43:34 -04:00
Sam Chow
14fefea38f Revert local validation context, extract another util 2018-06-29 15:09:33 -04:00
Sam Chow
d7ffb54333 Move tar filter to file, add tests for it 2018-06-28 17:02:33 -04:00
Sam Chow
aa93d698b2 Tarball the config and give it to the front end 
Download file as blob to avoid binary string encoding
 2018-06-28 13:53:17 -04:00
Sam Chow
7619ab44e5 Revert inmemoryprov, skip local storage validation 2018-06-25 15:23:30 -04:00
Joseph Schorr
0fdefd78e9 Extract app from torrent handling code 
Fixes https://jira.coreos.com/browse/QUAY-969
 2018-06-14 17:29:39 -04:00
Sam Chow
27721a8632 Add docker shell mode, and remove some config 2018-06-12 14:45:04 -04:00
Sam Chow
13293ecdea Fix dockerfile being able to pass in params 
Change config directory to local config_app one
 2018-06-12 14:45:00 -04:00
Sam Chow
301cc6992a Remove jwt validation for jschorr to fix later 
Refactor oauth validate method to take config over entire appconfig
 2018-06-01 15:07:06 -04:00
Sam Chow
7df8ed4a60 Add a security scanner api config object for params 
Change SecScanAPI to use a uri creation func instead of test context

Pass config provider through validator context

Remove app config dependency for validators
 2018-06-01 15:06:50 -04:00
Sam Chow
554d4f47a8 Change validators to use the validator_context 
Change InstanceKeys to take a namedtuple for context
 2018-06-01 14:59:49 -04:00
Sam Chow
e967fde3ae Decouple oauth methods from app with a namedtuple 2018-05-31 14:53:27 -04:00
Sam Chow
d45b925155 Move config provider to _init to decouple from app 
remove app references from validators
 2018-05-25 11:15:06 -04:00
Jimmy Zelinskie
58072f8673 util/config/validators: ensure endpoint isn't prom 2018-04-02 17:59:48 -04:00
Joseph Schorr
3586955669 Remove license code in Quay 
No longer needed under Red Hat rules \o/

Fixes https://jira.coreos.com/browse/QUAY-883
 2018-03-20 17:03:35 -04:00
Joseph Schorr
524d77f527 Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password 2018-01-04 15:27:41 -05:00
Joseph Schorr
72bfebdb60 Add license validation to the config validation check 
Should prevent a customer from accidentally saving a config that violates their license

Fixes https://jira.coreos.com/browse/QS-97
 2017-12-19 13:44:08 -05:00
Joseph Schorr
74f99ba94a Ensure encrypted passwords are not enabled with OIDC auth 
Fixes https://jira.prod.coreos.systems/browse/QS-49
 2017-10-31 16:03:28 -04:00
josephschorr
3bef21253d Merge pull request #2695 from coreos-inc/oidc-internal-auth 
OIDC internal auth support
 2017-10-02 16:51:17 -04:00
Joseph Schorr
f51a863158 Remove access_token from user_info 2017-10-02 16:51:09 -04:00
Joseph Schorr
010dda2c52 Add CloudFrontedS3Storage, which redirects to CloudFront for non-S3 ips 2017-09-28 14:40:58 -04:00
Joseph Schorr
bc82edb2d1 Add ability to configure OIDC internal auth engine via superuser panel 2017-09-12 12:23:52 -04:00
Joseph Schorr
751598056e Enable support in OIDC for endpoints without user info support 
The user info endpoint is apparently optional.
 2017-08-01 13:24:27 -04:00
Antoine Legrand
2d60ad71b6 Print only first line of s3 error message 2017-07-27 18:05:06 +02:00
Joseph Schorr
a13235c032 Fix typo 2017-07-10 18:35:51 +03:00
Joseph Schorr
176c26e3f7 Add config validation for action log archiving 2017-07-10 13:09:33 +03:00
Antoine Legrand
cdb3722c17 Use $QUAYPATH and $QUAYDIR in conf and init files 2017-07-05 16:23:54 +02:00
Jimmy Zelinskie
7d07c2ed07 util.config.validators: fix torrent validation 
This code was mistaken the info dict with the params passed in an
announce request. Rather, now we expose a function for creating a jwt
from infohashes directly.
 2017-06-09 13:31:38 -04:00
Joseph Schorr
2b9873483a Enable toggling of the direct login feature in the superuser panel 
Allows superusers to disable login to the UI via credentials if at least one OIDC provider is configured
 2017-05-24 12:57:55 -04:00
Joseph Schorr
4e09fff181 Remove test that breaks MySQL full DB tests 2017-05-02 16:04:46 -04:00
josephschorr
8b148bf1d4 Merge pull request #2576 from coreos-inc/full-db-tests-tox 
Reenable full database testing locally and in concourse
 2017-04-27 18:09:15 -04:00
Joseph Schorr
4ea4ee3aa4 Fix time machine config validator on old-style config 
Existing config won't have the keys defined, so make sure we skip in that case (and just use the defaults)
 2017-04-27 14:24:47 -04:00
Joseph Schorr
cb3695a629 Change config validator tests to use the shared fixtures 2017-04-24 16:45:14 -04:00
Joseph Schorr
3dcbe3c631 If enabled, allow users and orgs to set their time machine expiration 
Fixes https://www.pivotaltracker.com/story/show/142881203
 2017-04-21 11:32:45 -04:00
Joseph Schorr
ed3da4697f Add client ID and client secret to OIDC config validator 2017-04-07 11:33:02 -04:00
Jake Moshenko
c7241911a5 Fix old-style flask imports to silence deprecation warnings. 2017-04-06 13:15:48 -04:00
Joseph Schorr
a6486b7823 Gitlab validation must allow unspecified endpoint 
Gitlab config validator currently requires the gitlab endpoint to be specified, even though we support leaving it unspecified for non-enterprise installs. Fix the validator to allow this case.
 2017-03-30 12:57:41 -04:00
Joseph Schorr
45179216af Have sec scan retries actually work 
Until this change, if `ping` raised an exception, we wouldn't retry properly
 2017-03-29 16:19:46 -04:00
Joseph Schorr
b017133cc6 Make QSS validation errors more descriptive 2017-03-24 17:28:16 -04:00
Joseph Schorr
157640e696 Add config validator for OIDC logins 2017-02-28 16:18:19 -05:00
Joseph Schorr
d4eb4f7f3c Pull out github trigger and login validation into validator class 2017-02-24 12:23:18 -05:00
Joseph Schorr
a31f2267e8 Pull out gitlab trigger validation into validator class 2017-02-24 12:23:18 -05:00
Joseph Schorr
7a260d81d3 Pull out bitbucket trigger validation into validator class 2017-02-24 12:23:17 -05:00
Joseph Schorr
49638b081b Pull out google login validation into validator class 2017-02-24 12:23:17 -05:00
Joseph Schorr
620e377faf Pull out ssl validation into validator class 2017-02-24 12:23:17 -05:00