Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								d6fd2fcb8f 
								
							 
						 
						
							
							
								
								Fix config setup tool contact field to allow removal of empty non-URL fields  
							
							... 
							
							
							
							We just need to clear the binding when the value entered is completely empty
Fixes https://jira.coreos.com/browse/QUAY-815  
							
						 
						
							2018-06-01 13:50:39 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								111ba8f7ee 
								
							 
						 
						
							
							
								
								Changes missing from the license removal code  
							
							
							
						 
						
							2018-03-27 16:18:56 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								de47b13c24 
								
							 
						 
						
							
							
								
								Add superuser config for Azure blob storage  
							
							
							
						 
						
							2018-02-06 13:48:40 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								b0f656731c 
								
							 
						 
						
							
							
								
								Add support for configuring CloudFront storage engine  
							
							... 
							
							
							
							Fixes https://jira.coreos.com/browse/QS-116  
							
						 
						
							2018-01-31 11:22:14 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								524d77f527 
								
							 
						 
						
							
							
								
								Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password  
							
							
							
						 
						
							2018-01-04 15:27:41 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								72bfebdb60 
								
							 
						 
						
							
							
								
								Add license validation to the config validation check  
							
							... 
							
							
							
							Should prevent a customer from accidentally saving a config that violates their license
Fixes https://jira.coreos.com/browse/QS-97  
							
						 
						
							2017-12-19 13:44:08 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								3bef21253d 
								
							 
						 
						
							
							
								
								Merge pull request  #2695  from coreos-inc/oidc-internal-auth  
							
							... 
							
							
							
							OIDC internal auth support 
							
						 
						
							2017-10-02 16:51:17 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								9a4c87795f 
								
							 
						 
						
							
							
								
								Fix contacts setup in superuser panel  
							
							... 
							
							
							
							Adds a missing import 
							
						 
						
							2017-09-14 15:40:11 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								bc82edb2d1 
								
							 
						 
						
							
							
								
								Add ability to configure OIDC internal auth engine via superuser panel  
							
							
							
						 
						
							2017-09-12 12:23:52 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								a13235c032 
								
							 
						 
						
							
							
								
								Fix typo  
							
							
							
						 
						
							2017-07-10 18:35:51 +03:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								661c0e6432 
								
							 
						 
						
							
							
								
								Add superuser configuration for action log rotation  
							
							
							
						 
						
							2017-07-10 13:22:29 +03:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								2b9873483a 
								
							 
						 
						
							
							
								
								Enable toggling of the direct login feature in the superuser panel  
							
							... 
							
							
							
							Allows superusers to disable login to the UI via credentials if at least one OIDC provider is configured 
							
						 
						
							2017-05-24 12:57:55 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								3dcbe3c631 
								
							 
						 
						
							
							
								
								If enabled, allow users and orgs to set their time machine expiration  
							
							... 
							
							
							
							Fixes https://www.pivotaltracker.com/story/show/142881203  
							
						 
						
							2017-04-21 11:32:45 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								835acfc58e 
								
							 
						 
						
							
							
								
								Make custom cert upload not hang and handle errors properly  
							
							
							
						 
						
							2017-03-29 16:06:15 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								e509eb4cba 
								
							 
						 
						
							
							
								
								Better custom cert handling in the superuser tool  
							
							... 
							
							
							
							We now only allow certificates ending in .crt to be uploaded and we automatically install the certificate once it has been validated 
							
						 
						
							2017-03-24 17:15:26 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								1146b62c13 
								
							 
						 
						
							
							
								
								Add superuser config panel support for OIDC login  
							
							
							
						 
						
							2017-02-28 16:18:34 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								7e0fbeb625 
								
							 
						 
						
							
							
								
								Custom SSL certificates config panel  
							
							... 
							
							
							
							Adds a new panel to the superuser config tool, for managing custom SSL certificates in the config bundle
[Delivers #135586525 ] 
							
						 
						
							2017-01-13 14:34:35 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								f4bcf68928 
								
							 
						 
						
							
							
								
								Add support for custom ports on RADOS and S3 storage engines  
							
							
							
						 
						
							2016-12-01 14:23:18 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								74e54bdbbb 
								
							 
						 
						
							
							
								
								Merge pull request  #1872  from coreos-inc/qe-torrent  
							
							... 
							
							
							
							Add QE setup tool support for BitTorrent downloads 
							
						 
						
							2016-11-11 13:56:22 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								681f975df5 
								
							 
						 
						
							
							
								
								Add QE setup tool support for BitTorrent downloads  
							
							... 
							
							
							
							Fixes  #1871  
						
							2016-11-02 17:32:12 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Jake Moshenko 
								
							 
						 
						
							
							
							
							
								
							
							
								45bacbabaa 
								
							 
						 
						
							
							
								
								s/Regions/Deployments  
							
							
							
						 
						
							2016-10-24 16:04:04 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								213cc856e4 
								
							 
						 
						
							
							
								
								Fix UI for real license handling  
							
							... 
							
							
							
							Following this change, the user gets detailed errors and entitlement information 
							
						 
						
							2016-10-19 17:49:15 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								7a6fb7554d 
								
							 
						 
						
							
							
								
								Only attempt to load the license for the setup tool once there is a valid user  
							
							... 
							
							
							
							Prevents the 401 session expired box from appearing 
							
						 
						
							2016-10-17 21:57:17 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								ee96693252 
								
							 
						 
						
							
							
								
								Add superuser config section for updating license  
							
							
							
						 
						
							2016-10-17 21:44:25 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								5a8200f17a 
								
							 
						 
						
							
							
								
								Add option to properly handle external TLS  
							
							... 
							
							
							
							Fixes  #1984  
						
							2016-10-13 14:49:29 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								14b93f72ff 
								
							 
						 
						
							
							
								
								Make S3 access key and secret key optional, enabling IAM.  
							
							... 
							
							
							
							If not specified, then boto will fallback to reading the credentials from IAM if on an EC2 machine. This should be safe as the validator will still ensure the credentials work if not specified.
Fixes  #1707  
							
						 
						
							2016-08-11 17:17:36 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								adaeeba5d0 
								
							 
						 
						
							
							
								
								Allow for multiple user RDNs in LDAP  
							
							... 
							
							
							
							Fixes  #1600  
						
							2016-07-07 14:46:38 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								40ec2fcfd0 
								
							 
						 
						
							
							
								
								Fix enter key in password dialogs  
							
							
							
						 
						
							2016-06-09 14:45:48 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								60bbca2185 
								
							 
						 
						
							
							
								
								Fix setup tool when binding to external auth  
							
							... 
							
							
							
							We now query the external auth provider for the external service's identifier before adding the linking row into the database. This fixes the case where the external service resolves a different identifier for the same username.
Fixes  #1477  
							
						 
						
							2016-05-23 17:11:36 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								f2b3c89ec9 
								
							 
						 
						
							
							
								
								Fix checkboxes in setup tool to use a directive  
							
							... 
							
							
							
							Fixes  #1481  
						
							2016-05-20 12:23:32 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								4aab834156 
								
							 
						 
						
							
							
								
								Move to Angular 1.5  
							
							... 
							
							
							
							This has been reasonably well tested, but further testing should be done on staging.
Also optimizes avatar handling to use a constant size and not 404.
Fixes  #1434  
							
						 
						
							2016-05-17 16:32:08 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								9113fcecb5 
								
							 
						 
						
							
							
								
								Add basic Swift V3 support  
							
							
							
						 
						
							2016-05-16 14:57:59 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								2cbdecb043 
								
							 
						 
						
							
							
								
								Implement setup tool support for Clair  
							
							... 
							
							
							
							Fixes  #1387  
						
							2016-05-04 13:40:50 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								09f252a7e1 
								
							 
						 
						
							
							
								
								Fix handling of default values in string config fields  
							
							... 
							
							
							
							Fixes  #1322  
						
							2016-04-22 13:55:47 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								1940fd9939 
								
							 
						 
						
							
							
								
								Add UI to the setup tool for enabling ACI conversion  
							
							... 
							
							
							
							Fixes  #1211  
						
							2016-02-17 12:05:48 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								04f96ea859 
								
							 
						 
						
							
							
								
								Fix upload file boxes in config setup  
							
							
							
						 
						
							2015-12-07 15:55:55 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Matt Jibson 
								
							 
						 
						
							
							
							
							
								
							
							
								b3c2388618 
								
							 
						 
						
							
							
								
								Allow setting of boto's S3 host for SIGv4  
							
							... 
							
							
							
							The problem only happens when a user has configured the new AWS Frankfurt
region for their S3 backend. It is the only region to require the new
v4 signature. All other regions support both v2 and v4. I'm not sure
which version is used by default on US Standard.
We could attempt to figure out where the bucket is hosted based on its
DNS resolution and auto-populate the host field that way. But I think
the amount of effort to have that work correctly outweighs its benefit
for such a simple solution.
fixes  #863 
fixes  #764  
							
						 
						
							2015-11-18 17:19:33 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Silas Sewell 
								
							 
						 
						
							
							
							
							
								
							
							
								5000b1621c 
								
							 
						 
						
							
							
								
								superuser: add storage replication config  
							
							
							
						 
						
							2015-11-09 17:34:22 -05:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								6f2271d0ae 
								
							 
						 
						
							
							
								
								Add support for direct download in Swift storage engine  
							
							... 
							
							
							
							Fixes  #483  
						
							2015-09-14 18:00:03 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								0823ba5c46 
								
							 
						 
						
							
							
								
								Merge pull request  #441  from coreos-inc/ersetupimprove  
							
							... 
							
							
							
							ER setup improvements 
							
						 
						
							2015-09-02 17:46:53 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								587ef85c7f 
								
							 
						 
						
							
							
								
								Allow users to choose the version of Swift to use  
							
							... 
							
							
							
							Fixes  #442  
						
							2015-09-02 17:46:14 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								f6cca81178 
								
							 
						 
						
							
							
								
								Handle hostname changes in the config panel  
							
							... 
							
							
							
							Fixes  #436  
						
							2015-09-02 17:21:38 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								397dc139a5 
								
							 
						 
						
							
							
								
								Don't accidentally overwrite true values from config  
							
							
							
						 
						
							2015-08-05 13:52:48 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								38a6b3621c 
								
							 
						 
						
							
							
								
								Automatically link the superuser account to federated service for auth  
							
							... 
							
							
							
							When the user commits the configuration, if they have chosen a non-DB auth system, we now auto-link the superuser account to that auth system, to ensure they can login again after restart. 
							
						 
						
							2015-07-22 13:37:23 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								066637f496 
								
							 
						 
						
							
							
								
								Basic Keystone Auth support  
							
							... 
							
							
							
							Note: This has been verified as working by the end customer 
							
						 
						
							2015-07-20 10:55:21 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								bb07d0965f 
								
							 
						 
						
							
							
								
								Allow SSL cert for the database to be configured  
							
							... 
							
							
							
							This change adds a field for the SSL cert for the database in the setup tool. Fixes  #89  
							
						 
						
							2015-06-29 08:08:10 +03:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								07439328a4 
								
							 
						 
						
							
							
								
								Remove user_exists endpoint from all auth systems  
							
							
							
						 
						
							2015-06-23 17:33:51 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								8aac3fd86e 
								
							 
						 
						
							
							
								
								Add support for an external JWT-based authentication system  
							
							... 
							
							
							
							This authentication system hits two HTTP endpoints to check and verify the existence of users:
Existance endpoint:
GET http://endpoint/  with Authorization: Basic (username:) =>
    Returns 200 if the username/email exists, 4** otherwise
Verification endpoint:
GET http://endpoint/  with Authorization: Basic (username:password) =>
    Returns 200 and a signed JWT with the user's username and email address if the username+password validates, 4** otherwise with the body containing an optional error message
The JWT produced by the endpoint must be issued with an issuer matching that configured in the config.yaml, and the audience must be "quay.io/jwtauthn". The JWT is signed using a private key and then validated on the Quay.io side with the associated public key, found as "jwt-authn.cert" in the conf/stack directory. 
							
						 
						
							2015-06-05 13:20:10 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								5845e37e32 
								
							 
						 
						
							
							
								
								Add Swift storage library  
							
							
							
						 
						
							2015-05-26 16:05:21 -04:00 
							
								 
							
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								4f2a1b3734 
								
							 
						 
						
							
							
								
								Add setup UI for the new trigger types (bitbucket and gitlab) and add validation  
							
							
							
						 
						
							2015-05-03 11:50:26 -07:00