Joseph Schorr
3c2e050593
Support pulling of schema2 manifests directly via a manifest list tag
...
This change ensures that if a manifest list is requested with an accepts header for a *schema 2* manifest, the legacy manifest (if any) is returned as schema 2 if it was pushed as a schema 2 manifest (rather than being auto-converted to schema 1)
2018-12-07 11:57:13 -05:00
Joseph Schorr
c3710a6a5e
Add ability for specific geographic regions to be blocked from pulling images within a namespace
2018-12-06 17:14:45 -05:00
Joseph Schorr
63f9043312
Code review small fixes
2018-11-28 12:56:16 +02:00
Joseph Schorr
180d8847db
Fix image replication for images with remote layers
2018-11-26 16:15:48 +02:00
Joseph Schorr
e6c2ddfa93
Add support for direct pushing of schema 2 manifests without tags
...
This is required for manifest lists
2018-11-19 14:01:41 +02:00
Joseph Schorr
d97055e2ba
Code review fixes
2018-11-14 09:15:58 +02:00
Joseph Schorr
7a794e29c0
Add tests for manifest lists and fix some issues encountered while testing
2018-11-13 21:03:20 +02:00
Joseph Schorr
7b9f56eff3
Fixes to ensuring existing code can process schema 2 manifests
2018-11-13 17:13:51 +02:00
Joseph Schorr
849e613386
Implement support for schema 2 manifests
2018-11-13 11:49:12 +02:00
Joseph Schorr
30f072aeff
Add support for creating schema 2 manifests and manifest lists via the OCI model
2018-11-12 23:27:49 +02:00
Joseph Schorr
fdcb8bad23
Implement the new OCI-based registry data model
...
Note that this change does *not* enable the new data model by default, but does allow it to be used when a special environment variable is specified.
2018-11-07 22:07:58 -05:00
Joseph Schorr
114e2c3bf2
Have all tag code add, modify and delete both old and new style tags
...
This preps us for being able to use the new data model with existing repositories
2018-11-01 17:59:10 -04:00
Joseph Schorr
88f19ee0b9
Make blob upload errors more specific
2018-10-29 12:21:18 -04:00
Joseph Schorr
4a7b4ad06a
Fix disabled namespace check
2018-10-18 14:25:40 -04:00
Joseph Schorr
cbf0edb164
Address remaining usage of the old data interface
2018-10-18 14:25:40 -04:00
Joseph Schorr
3a8a913ad3
Convert V2's catalog endpoint to use the new data model interface
2018-10-18 14:25:40 -04:00
Joseph Schorr
e91ba98e1b
Convert V2's tag endpoints to use the new data model interface
2018-10-18 14:25:40 -04:00
Joseph Schorr
6b5064aba4
Convert V2's manifest endpoints to use the new data model interface
2018-10-18 14:25:40 -04:00
Joseph Schorr
a172de4fdc
Reimplement cache support for blobs in the registry data model
2018-10-18 14:25:40 -04:00
Joseph Schorr
7a68c41f1c
Convert V2 to use the blob uploader interface
2018-10-18 14:25:40 -04:00
Joseph Schorr
f297249100
Move manifest backfill for V1 tags into the new registry model interface
2018-08-27 15:01:27 -04:00
Jimmy Zelinskie
b7573a8c88
endpoints/v2: fail clients not accepting schema v1
2018-08-15 14:49:26 -04:00
Jimmy Zelinskie
568ca1d7ba
delete trailing whitespace
2018-08-15 13:21:26 -04:00
Joseph Schorr
56222f95dc
Change manifest creation to take in the map of blobs that form the manifest
...
We need to lookup the blobs *specific to the images in that manifest*, so we now pass them in from the locations in which we know that information
2018-08-07 16:28:50 -04:00
Joseph Schorr
e33ccff8cb
Fix query count in test
2018-08-07 14:52:33 -04:00
Joseph Schorr
a46660a06f
Add new Manifest, ManifestLabel, ManifestLegacyImage and ManifestBlob tables and start writing and GCing to/from them
...
This change also starts passing in the manifest interface, rather than the raw data, to the model for writing.
Note that this change does *not* backfill the existing rows in to the new tables; that will occur in a followup PR. The new columns in `tagmanifest` and `tagmanifestlabel` will be used to track the backfill, as it will occur in a worker.
2018-08-06 13:01:11 -04:00
Joseph Schorr
58e553838c
Move manifest corner case tests to pytest
2018-07-17 16:40:56 -04:00
Joseph Schorr
2caaf84f31
Add caching support to catalog
...
We will now cache the results of the catalog for 60s and not hit the database at all if cached
2018-06-20 14:58:01 -04:00
Joseph Schorr
3161b60522
Switch V2 pagination back to using IDs, which should be much faster and easier on the DB
...
Also adds a test for the tags endpoint
2018-06-18 16:11:26 -04:00
Joseph Schorr
0fa1a1d5fd
Implement support for blob mounting via the mount
parameter on blob uploads
...
Fixes https://jira.coreos.com/browse/QUAY-893
2018-06-06 11:31:28 -04:00
Joseph Schorr
ef167ab7e3
Rate limit the catalog endpoint by auth token and IP address
2018-06-05 18:24:31 -04:00
Joseph Schorr
2e0edf8f6e
Have catalog endpoint return empty if the namespace is disabled
2018-06-05 17:31:00 -04:00
Joseph Schorr
f86c087b3b
Prevent registry operations against disabled namespaces
...
Allows admins to completely wall off a namespace by disabling it
Fixes https://jira.coreos.com/browse/QUAY-869
2018-05-22 18:36:04 -04:00
Joseph Schorr
a59c951aa3
Add support for multiple scope parameters on V2 auth requests
...
Fixes https://jira.coreos.com/browse/QUAY-892
2018-04-18 20:16:49 +03:00
Joseph Schorr
86aa93aab5
Add a new test suite for the v2auth generate_registry_jwt endpoint
2018-04-18 20:16:49 +03:00
Joseph Schorr
3586955669
Remove license code in Quay
...
No longer needed under Red Hat rules \o/
Fixes https://jira.coreos.com/browse/QUAY-883
2018-03-20 17:03:35 -04:00
Joseph Schorr
24b77bbc10
Fix serialization of blobs to/from the cache
...
Also makes sure the test checks that serialization
2018-03-02 14:22:55 -05:00
Joseph Schorr
e220b50543
Refactor auth code to be cleaner and more extensible
...
We move all the auth handling, serialization and deserialization into a new AuthContext interface, and then standardize a registration model for handling of specific auth context types (user, robot, token, etc).
2018-02-14 15:35:27 -05:00
Joseph Schorr
eae9175950
Allow size of pages in V2 api to be configurable
2018-02-02 13:54:41 -05:00
Joseph Schorr
9e16a989f5
Audit the number of SQL queries we make in writing manifests, and significantly reduce in the common case
...
Instead of 41 queries now for the simple manifest, we are down to 14.
The biggest changes:
- Only synthesize the V1 image rows if we haven't already found them in the database
- Thread the repository object through to the other model method calls, and use it instead of loading again and again
2018-01-25 11:10:43 -05:00
Joseph Schorr
524d77f527
Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password
2018-01-04 15:27:41 -05:00
Joseph Schorr
c1cff32c1e
Fix log levels in registry
2018-01-04 13:07:11 -05:00
Joseph Schorr
11e3724919
Return an http 415 (manifest version not supported) for OCI manifest content types
...
This was breaking skopeo, as it first tries to send the *OCI* manifest type, which we didn't say we didn't support, thus breaking the tool
2017-12-20 11:02:34 -05:00
Joseph Schorr
9e16596854
Add a bunch of logging to the data model caching mechanism
...
Should help us debug any potential issues
2017-12-18 14:18:37 -05:00
Joseph Schorr
b2485934ed
Enable caching of blobs in V2 registry protocol, to avoid DB connections after the cache has been loaded
...
This should help for bursty pull traffic, as it will avoid DB connections on a huge % of requests
2017-12-14 13:38:24 -05:00
Joseph Schorr
db6007cb37
Change v2 registry auth code to not hit the database when we know we have permissions loaded
...
Avoids a DB call and, when used in conjunction with blob caching, will avoid a DB *connection*
2017-12-14 13:37:31 -05:00
Joseph Schorr
51e67ab7f5
Fix get_blob_path to not make any database calls and add a test
...
This will be supported by caching, hopefully removing the need to hit the database when the blob object is cached
2017-12-13 16:27:46 -05:00
Joseph Schorr
56fbbcf7cf
Add request IP to get_direct_download_url method
2017-09-25 17:14:28 -04:00
Joseph Schorr
48c79003c6
yap
2017-07-25 17:18:06 -04:00
Joseph Schorr
e7dbc4ee91
Move notification helper code into the root module
2017-07-25 17:00:07 -04:00