Commit graph

80 commits

Author SHA1 Message Date
Joseph Schorr
bc82edb2d1 Add ability to configure OIDC internal auth engine via superuser panel 2017-09-12 12:23:52 -04:00
Joseph Schorr
ec71d787af Add config option to enable self-service team syncing 2017-07-21 11:16:19 -04:00
Joseph Schorr
661c0e6432 Add superuser configuration for action log rotation 2017-07-10 13:22:29 +03:00
Jimmy Zelinskie
e028e159c0 add app registry config to setup tool: default off 2017-06-16 15:44:00 -04:00
Joseph Schorr
2b9873483a Enable toggling of the direct login feature in the superuser panel
Allows superusers to disable login to the UI via credentials if at least one OIDC provider is configured
2017-05-24 12:57:55 -04:00
Erica
57ab9d6c96 Merge pull request #2592 from coreos-inc/FEAT-AUDIT-LOG-FAILOVER-UI
feat(config-setup): add auditlog failover option
2017-05-03 11:42:48 -04:00
Joseph Schorr
6e3968896b Add ng-if to fix Angular scope+form bug in superuser tool 2017-05-02 17:08:19 -04:00
Joseph Schorr
646c323de5 Always show the tag expiration options UI in the superuser panel
If the user disabled the feature flag, they still need to configure the list to ensure the default is there
2017-05-02 16:48:14 -04:00
EvB
c4d15f1456 feat(suepr-user): add custom icon for data consistency settings 2017-05-01 16:21:06 -04:00
EvB
27b3c40015 feat(config-setup): add auditlog failover option 2017-05-01 16:20:30 -04:00
Kyle Brown
1c2a8d5911 updates to gitlabsetup 2017-04-21 16:48:29 -07:00
Joseph Schorr
3dcbe3c631 If enabled, allow users and orgs to set their time machine expiration
Fixes https://www.pivotaltracker.com/story/show/142881203
2017-04-21 11:32:45 -04:00
Joseph Schorr
6c7b6101cc Add missing client ID and client secret from OIDC config in setup tool
Stupidly forget to add these
2017-04-07 11:30:31 -04:00
Joseph Schorr
0b6c062e32 Add superuser panel config for team syncing 2017-04-03 11:31:30 -04:00
Joseph Schorr
de07dc1a78 Clarify that a custom SSL cert might be needed for QSS 2017-03-24 17:18:27 -04:00
Joseph Schorr
0851c72e30 Add support for OIDC binding field to the setup tool 2017-03-01 14:58:21 -05:00
Joseph Schorr
1146b62c13 Add superuser config panel support for OIDC login 2017-02-28 16:18:34 -05:00
Joseph Schorr
7e0fbeb625 Custom SSL certificates config panel
Adds a new panel to the superuser config tool, for managing custom SSL certificates in the config bundle

[Delivers #135586525]
2017-01-13 14:34:35 -05:00
Joseph Schorr
f4bcf68928 Add support for custom ports on RADOS and S3 storage engines 2016-12-01 14:23:18 -05:00
josephschorr
74e54bdbbb Merge pull request #1872 from coreos-inc/qe-torrent
Add QE setup tool support for BitTorrent downloads
2016-11-11 13:56:22 -05:00
Joseph Schorr
681f975df5 Add QE setup tool support for BitTorrent downloads
Fixes #1871
2016-11-02 17:32:12 -04:00
Joseph Schorr
b3d1d7227c Add support to Keystone Auth for external user linking
Also adds Keystone V3 support
2016-10-27 15:42:03 -04:00
Joseph Schorr
fbb524e34e Add support to ExternalJWT Auth for external user linking 2016-10-27 15:42:03 -04:00
Joseph Schorr
ee96693252 Add superuser config section for updating license 2016-10-17 21:44:25 -04:00
Joseph Schorr
5a8200f17a Add option to properly handle external TLS
Fixes #1984
2016-10-13 14:49:29 -04:00
Lucas Serven
10a44a9224 frontend: fix gitlab icon spacing
fixes: #1888
2016-09-28 14:06:10 -07:00
Joseph Schorr
25ed99f9ef Add feature flag to turn off requirement for team invitations
Fixes #1804
2016-09-20 16:45:00 -04:00
Joseph Schorr
adaeeba5d0 Allow for multiple user RDNs in LDAP
Fixes #1600
2016-07-07 14:46:38 -04:00
Joseph Schorr
60bbca2185 Fix setup tool when binding to external auth
We now query the external auth provider for the external service's identifier before adding the linking row into the database. This fixes the case where the external service resolves a different identifier for the same username.

Fixes #1477
2016-05-23 17:11:36 -04:00
Joseph Schorr
f2b3c89ec9 Fix checkboxes in setup tool to use a directive
Fixes #1481
2016-05-20 12:23:32 -05:00
Joseph Schorr
4aab834156 Move to Angular 1.5
This has been reasonably well tested, but further testing should be done on staging.

Also optimizes avatar handling to use a constant size and not 404.

Fixes #1434
2016-05-17 16:32:08 -04:00
josephschorr
f55fd2049f Merge pull request #1433 from coreos-inc/ldapoptions
Add additional options for LDAP
2016-05-04 14:06:29 -04:00
Joseph Schorr
42515ed9ec Add additional options for LDAP
Fixes #1420
2016-05-04 13:59:20 -04:00
Joseph Schorr
2cbdecb043 Implement setup tool support for Clair
Fixes #1387
2016-05-04 13:40:50 -04:00
Joseph Schorr
54e8e72ad2 Fix all target="_blank" anchors to be safer
Fixes #1411
2016-04-28 14:38:22 -04:00
Quentin Machu
03b5584bc8 Fix typo in setup tool 2016-04-20 19:41:49 -04:00
josephschorr
b9f47f6761 Merge pull request #1285 from coreos-inc/configmaildefaults
Fix mail and signing defaults
2016-03-31 12:31:26 -04:00
Joseph Schorr
1ffee6484d Remove unneeded javascript:void(0)
Fixes #1199
2016-03-22 14:15:54 -04:00
Joseph Schorr
8e1727b6d3 Fix mail and signing defaults 2016-03-08 18:08:40 -05:00
Joseph Schorr
1940fd9939 Add UI to the setup tool for enabling ACI conversion
Fixes #1211
2016-02-17 12:05:48 -05:00
Joseph Schorr
04f96ea859 Fix upload file boxes in config setup 2015-12-07 15:55:55 -05:00
Silas Sewell
5000b1621c superuser: add storage replication config 2015-11-09 17:34:22 -05:00
Joseph Schorr
6f2271d0ae Add support for direct download in Swift storage engine
Fixes #483
2015-09-14 18:00:03 -04:00
Joseph Schorr
587ef85c7f Allow users to choose the version of Swift to use
Fixes #442
2015-09-02 17:46:14 -04:00
Joseph Schorr
066637f496 Basic Keystone Auth support
Note: This has been verified as working by the end customer
2015-07-20 10:55:21 -04:00
Joseph Schorr
07439328a4 Remove user_exists endpoint from all auth systems 2015-06-23 17:33:51 -04:00
Joseph Schorr
de2a64e066 Fix documentation link for JWT auth 2015-06-05 15:21:57 -04:00
Jake Moshenko
2a2414d6af Merge pull request #60 from coreos-inc/jwtauthentication
Add support for an external JWT-based authentication system
2015-06-05 13:37:42 -04:00
Joseph Schorr
8aac3fd86e Add support for an external JWT-based authentication system
This authentication system hits two HTTP endpoints to check and verify the existence of users:

Existance endpoint:
GET http://endpoint/ with Authorization: Basic (username:) =>
    Returns 200 if the username/email exists, 4** otherwise

Verification endpoint:
GET http://endpoint/ with Authorization: Basic (username:password) =>
    Returns 200 and a signed JWT with the user's username and email address if the username+password validates, 4** otherwise with the body containing an optional error message

The JWT produced by the endpoint must be issued with an issuer matching that configured in the config.yaml, and the audience must be "quay.io/jwtauthn". The JWT is signed using a private key and then validated on the Quay.io side with the associated public key, found as "jwt-authn.cert" in the conf/stack directory.
2015-06-05 13:20:10 -04:00
Joseph Schorr
c0e995c1d4 Merge branch 'master' into nolurk 2015-06-02 13:55:16 -04:00