josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								47afbb65dc 
								
							 
						 
						
							
							
								
								Merge pull request  #1490  from coreos-inc/aci-reproduce  
							
							... 
							
							
							
							Make ACI generation consistent across calls 
							
						 
						
							2016-05-26 19:37:01 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								4ec3a6c231 
								
							 
						 
						
							
							
								
								Make ACI generation consistent across calls  
							
							... 
							
							
							
							This will ensure that no matter which signature we write for the generated ACI, it is correct for that image. 
							
						 
						
							2016-05-26 17:09:19 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jake Moshenko 
								
							 
						 
						
							
							
							
							
								
							
							
								8323c51e6e 
								
							 
						 
						
							
							
								
								Extend registry auth to support notary JWTs.  
							
							
							
						 
						
							2016-05-24 13:42:28 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								fa3b342901 
								
							 
						 
						
							
							
								
								Merge pull request  #1483  from coreos-inc/superuser-external-user  
							
							... 
							
							
							
							Fix setup tool when binding to external auth 
							
						 
						
							2016-05-23 17:17:45 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								7933aecf25 
								
							 
						 
						
							
							
								
								Add support for direct granting of OAuth tokens and add tests  
							
							... 
							
							
							
							This allows a client (when authorized in a whitelist) to send direct credentials via a Basic auth header and therefore bypass the OAuth approval UI for that user. 
							
						 
						
							2016-05-23 17:17:06 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								60bbca2185 
								
							 
						 
						
							
							
								
								Fix setup tool when binding to external auth  
							
							... 
							
							
							
							We now query the external auth provider for the external service's identifier before adding the linking row into the database. This fixes the case where the external service resolves a different identifier for the same username.
Fixes  #1477  
							
						 
						
							2016-05-23 17:11:36 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								f670c4c7a9 
								
							 
						 
						
							
							
								
								Change Signer to use the config provider and fix tests  
							
							... 
							
							
							
							Fixes the broken ACI tests 
							
						 
						
							2016-05-23 17:10:03 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								5568cc77b8 
								
							 
						 
						
							
							
								
								remove all default keys ( #1485 )  
							
							... 
							
							
							
							This change:
- Generates a new BitTorrent pepper by default
- Generates a new pagination key by default
- Changes the pagination key format to base64
- Removes selfsigned JWT certs
- Moves test keys to test/data 
							
						 
						
							2016-05-23 16:00:48 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								1365492b28 
								
							 
						 
						
							
							
								
								Fix ACI signing tests  
							
							
							
						 
						
							2016-05-16 13:31:43 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								64fe11a5f1 
								
							 
						 
						
							
							
								
								Add ACI signing tests  
							
							
							
						 
						
							2016-05-13 18:29:57 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								de6b7bc88d 
								
							 
						 
						
							
							
								
								Merge pull request  #1460  from coreos-inc/queuefilebinarydata  
							
							... 
							
							
							
							Add a binary data test for queue file 
							
						 
						
							2016-05-13 16:43:18 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								d74198ee66 
								
							 
						 
						
							
							
								
								Add a binary data test for queue file  
							
							
							
						 
						
							2016-05-13 15:56:06 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								72fd2b76e2 
								
							 
						 
						
							
							
								
								Add basic ACI conversion tests  
							
							
							
						 
						
							2016-05-13 15:50:57 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								a736407611 
								
							 
						 
						
							
							
								
								Fix user:admin scope handling and add test  
							
							
							
						 
						
							2016-05-09 11:16:01 +02:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								343a080833 
								
							 
						 
						
							
							
								
								Make security scan testing much faster  
							
							
							
						 
						
							2016-05-05 13:55:24 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								232fa42897 
								
							 
						 
						
							
							
								
								Add testing of the new secscan-for-local endpoint and fix a bug  
							
							
							
						 
						
							2016-05-04 21:47:03 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jake Moshenko 
								
							 
						 
						
							
							
							
							
								
							
							
								9221a515de 
								
							 
						 
						
							
							
								
								Use the registry API for security scanning  
							
							... 
							
							
							
							when the storage engine doesn't support direct download url 
							
						 
						
							2016-05-04 18:04:06 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								550b9cb2b3 
								
							 
						 
						
							
							
								
								Merge pull request  #1428  from coreos-inc/clair-setup-new  
							
							... 
							
							
							
							Implement setup tool support for Clair 
							
						 
						
							2016-05-04 13:52:54 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								2cbdecb043 
								
							 
						 
						
							
							
								
								Implement setup tool support for Clair  
							
							... 
							
							
							
							Fixes  #1387  
						
							2016-05-04 13:40:50 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								6e2df3b339 
								
							 
						 
						
							
							
								
								Fix key server to not list expired keys  
							
							... 
							
							
							
							Fixes the key server to not list expire keys and by default not return expired or unapproved keys unless explicitly requested.
Fixes  #1430  
							
						 
						
							2016-05-03 17:58:47 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								e502f50c88 
								
							 
						 
						
							
							
								
								tests: add test RSA key for torrent test ( #1427 )  
							
							
							
						 
						
							2016-05-03 13:11:02 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								b89d81d748 
								
							 
						 
						
							
							
								
								test: add missing helpers.py file  
							
							
							
						 
						
							2016-04-29 14:44:52 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								6091db983b 
								
							 
						 
						
							
							
								
								Hide expired keys outside of their staleness window  
							
							
							
						 
						
							2016-04-29 14:10:33 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								4f63a50a17 
								
							 
						 
						
							
							
								
								Change account-less logs to use a user and not null  
							
							... 
							
							
							
							This allows us to skip the migration 
							
						 
						
							2016-04-29 14:09:37 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								28a80ef6a9 
								
							 
						 
						
							
							
								
								Make sure to verify service names on key creation  
							
							
							
						 
						
							2016-04-29 14:09:37 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								5d6e5a42e8 
								
							 
						 
						
							
							
								
								Add delete logging and tests for logging  
							
							
							
						 
						
							2016-04-29 14:09:09 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								bc08ac2749 
								
							 
						 
						
							
							
								
								Fix timeouts in the JWT endpoint tests  
							
							
							
						 
						
							2016-04-29 14:05:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								522cf68c5d 
								
							 
						 
						
							
							
								
								Lots of smaller fixes:  
							
							... 
							
							
							
							- Add the rotation_duration to the keys API
- Have the key service UI use the new rotation_duration field
- Fix notification deletion lookup path
- Add proper support for the new notification in the UI
- Only delete expired keys after 7 days (configurable)
- Fix angular digest loop
- Fix unit tests
- Regenerate initdb 
							
						 
						
							2016-04-29 14:05:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								2805dad64f 
								
							 
						 
						
							
							
								
								test_endpoints: update to use JWT headers  
							
							
							
						 
						
							2016-04-29 14:05:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								cfc15746a6 
								
							 
						 
						
							
							
								
								keyserver: tests!  
							
							
							
						 
						
							2016-04-29 14:05:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								d19eb16b45 
								
							 
						 
						
							
							
								
								keyserver: add generate key function  
							
							... 
							
							
							
							The superuser API, initdb, and tests will all need this functionality. 
							
						 
						
							2016-04-29 14:05:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								23a8a29654 
								
							 
						 
						
							
							
								
								More tests  
							
							
							
						 
						
							2016-04-29 14:05:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								b0dac1d27e 
								
							 
						 
						
							
							
								
								initdb: add unapproved service key  
							
							
							
						 
						
							2016-04-29 14:05:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								fb1dca4e94 
								
							 
						 
						
							
							
								
								Add API usage tests  
							
							
							
						 
						
							2016-04-29 14:05:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								11ff3e9b59 
								
							 
						 
						
							
							
								
								keys ui WIP  
							
							
							
						 
						
							2016-04-29 14:05:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								dc593c0197 
								
							 
						 
						
							
							
								
								tests: shell of key server tests  
							
							
							
						 
						
							2016-04-29 13:38:25 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								bbaeaffbdb 
								
							 
						 
						
							
							
								
								run initdb for service keys  
							
							
							
						 
						
							2016-04-29 13:38:25 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								9e88b1413d 
								
							 
						 
						
							
							
								
								Merge pull request  #1325  from coreos-inc/blobuncompressedsize  
							
							... 
							
							
							
							Fix uncompressed size for blob store and add test 
							
						 
						
							2016-04-28 13:15:33 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								3f8d51ebd7 
								
							 
						 
						
							
							
								
								Fix handling of Clair notifications without New block  
							
							... 
							
							
							
							Fixes  #1398  
						
							2016-04-22 13:05:34 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								c604dbd0f6 
								
							 
						 
						
							
							
								
								Fix permissions when converting a user to an org  
							
							... 
							
							
							
							Fixes  #1366  
						
							2016-04-14 17:39:45 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Evan Cordell 
								
							 
						 
						
							
							
							
							
								
							
							
								7b44beb1fd 
								
							 
						 
						
							
							
								
								Fix WWW-Authenticate header on 401  
							
							
							
						 
						
							2016-04-13 09:01:42 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Evan Cordell 
								
							 
						 
						
							
							
							
							
								
							
							
								b5db41920f 
								
							 
						 
						
							
							
								
								Address review comments  
							
							
							
						 
						
							2016-04-11 16:34:40 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Evan Cordell 
								
							 
						 
						
							
							
							
							
								
							
							
								eba75494d9 
								
							 
						 
						
							
							
								
								Use new error format for auth errors (factor exceptions into module)  
							
							
							
						 
						
							2016-04-11 16:22:26 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Evan Cordell 
								
							 
						 
						
							
							
							
							
								
							
							
								9c08717173 
								
							 
						 
						
							
							
								
								Return application/problem+json format errors and provide error endpoint  
							
							... 
							
							
							
							to dereference error codes. 
							
						 
						
							2016-04-11 14:57:24 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								affb600423 
								
							 
						 
						
							
							
								
								Merge pull request  #1328  from coreos-inc/queuefilefix  
							
							... 
							
							
							
							Fix QueueFile to support read-to-end semantics and add some tests 
							
						 
						
							2016-04-08 18:07:06 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								1009362d26 
								
							 
						 
						
							
							
								
								Have recovery auto-verify the user  
							
							... 
							
							
							
							Fixes  #1355  
						
							2016-04-08 13:41:16 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								d62ec22fc9 
								
							 
						 
						
							
							
								
								Move security notification work into its own method to allow for return values  
							
							... 
							
							
							
							Fixes  #1302 
Fixes  #1304  
						
							2016-03-31 14:08:33 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								6251e63e0e 
								
							 
						 
						
							
							
								
								Fix QueueFile to support read-to-end semantics and add some tests  
							
							
							
						 
						
							2016-03-31 12:06:49 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								edb157c5cb 
								
							 
						 
						
							
							
								
								Merge pull request  #1294  from coreos-inc/partialperms  
							
							... 
							
							
							
							Change permissions to only load required by default 
							
						 
						
							2016-03-30 16:40:40 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								db6f3691e5 
								
							 
						 
						
							
							
								
								Fix broken test  
							
							
							
						 
						
							2016-03-30 16:32:08 -04:00