vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
7140 commits 2 branches 62 tags 205 MiB
Commit graph

7140 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jimmy Zelinskie
6fb95133f0 CHANGELOG: cut v2.2.0 2017-03-28 16:58:08 -04:00
Charlton Austin
e158314ba0 Merge pull request #2481 from charltonaustin/fix_migration_merge_issue 
fix(migration merge issue): missing .save() on migration
 2017-03-28 15:19:53 -04:00
Charlton Austin
9ff189b16e fix(migration merge issue): missing .save() on migration 2017-03-28 15:17:51 -04:00
Charlton Austin
64cd139552 Merge pull request #2480 from charltonaustin/fix_migration_path 
fix(data): fix branching migration path
 2017-03-28 14:57:33 -04:00
Charlton Austin
d559dc7b3e Fixing the migration path so we don't have incorrect branches. 2017-03-28 14:54:21 -04:00
Charlton Austin
ca99535774 Merge pull request #2449 from charltonaustin/phase_two_config 
feat(build runner): added in context, dockerfile_location
 2017-03-28 14:14:36 -04:00
Charlton Austin
e6d201e0b0 feat(build runner): added in context, dockerfile_location 
this is a new feature meant to allow people to use any file as
  a dockerfile and any folder as a context directory
 2017-03-28 13:55:31 -04:00
Jimmy Zelinskie
42a5bf677c Merge pull request #2444 from coreos-inc/storage-copy-kwargs 
Make sure to compare connection kwargs in storage copy fast-path
 2017-03-27 15:30:32 -04:00
Jimmy Zelinskie
65a17dc155 Merge pull request #2473 from coreos-inc/certs-fixes 
Fixes and improvements around custom certificate handling
 2017-03-27 15:08:36 -04:00
Jimmy Zelinskie
1e041fcad2 Merge pull request #2454 from coreos-inc/fix-take-ownership 
Fix take ownership of organizations
 2017-03-27 14:30:22 -04:00
Jimmy Zelinskie
8931609775 Merge pull request #2469 from coreos-inc/appr_403_vs_401 
Use 401 for bad or missing credentials, 403 for forbidden access
 2017-03-27 11:39:23 -04:00
Jimmy Zelinskie
024f73ecd4 Merge pull request #2476 from coreos-inc/fix_bug_force_push 
Fix force push causing duplicated entries
 2017-03-27 11:39:12 -04:00
Evan Cordell
1016641f8d refactor jwt context building 2017-03-27 11:37:17 -04:00
Evan Cordell
4c94d2c760 Fix xAuth test 2017-03-27 11:37:17 -04:00
Evan Cordell
abd78bce56 Use constants for TUF roots 2017-03-27 11:37:17 -04:00
Evan Cordell
6ad107709c Change build_context_and_subject to take kwargs 2017-03-27 11:37:17 -04:00
Evan Cordell
21d969d309 Refactor tests, no g required 2017-03-27 11:37:17 -04:00
Evan Cordell
43dd974dca Determine which TUF root to show based on actual access, not requested 
access
 2017-03-27 11:37:17 -04:00
Antoine Legrand
d2ed37e158 Fix force push causing duplicated entries 2017-03-27 15:39:57 +02:00
josephschorr
7b411b2c25 Merge pull request #2474 from coreos-inc/fix-log 
Fix logger statement in new auth code
 2017-03-24 17:46:10 -04:00
Joseph Schorr
40f936c053 Fix logger statement in new auth code 2017-03-24 17:43:00 -04:00
Joseph Schorr
b017133cc6 Make QSS validation errors more descriptive 2017-03-24 17:28:16 -04:00
Joseph Schorr
de07dc1a78 Clarify that a custom SSL cert might be needed for QSS 2017-03-24 17:18:27 -04:00
Joseph Schorr
e509eb4cba Better custom cert handling in the superuser tool 
We now only allow certificates ending in .crt to be uploaded and we automatically install the certificate once it has been validated
 2017-03-24 17:15:26 -04:00
Joseph Schorr
da8032fe61 Fix SSL custom certs installation file for bash shell scripting bug 
The missing quotes caused the script to fail with a bash error
 2017-03-24 16:39:28 -04:00
Jimmy Zelinskie
90b130fe16 Merge pull request #2472 from coreos-inc/fix_lstrip_digest 
add test for strip_sha
 2017-03-24 14:58:49 -04:00
Antoine Legrand
22c1a29892 fix strip_sha256 2017-03-24 19:49:52 +01:00
Antoine Legrand
35bebf9e99 Use 401 for bad or missing credentials, 403 for forbidden access 2017-03-24 18:46:13 +01:00
josephschorr
4a64ddc86e Merge pull request #2468 from coreos-inc/fix-all-fixable-vulns 
Fix all fixable vulnerabilities in the Quay image
 2017-03-23 23:40:48 -04:00
Joseph Schorr
0897198e78 Fix all fixable vulnerabilities in the Quay image 
There are now only 39 vulns, and none are fixable according to QSS
 2017-03-23 22:50:38 -04:00
josephschorr
470ed6a99a Merge pull request #2467 from coreos-inc/cnr-public-api-auth-tests 
Add CNR API auth tests for public repos
 2017-03-23 21:22:32 -04:00
Joseph Schorr
94c5eca286 Add CNR API auth tests for public repos 2017-03-23 21:19:56 -04:00
Jimmy Zelinskie
0ce68706ee Merge pull request #2465 from coreos-inc/force_push 
Allow force push for app
 2017-03-23 21:05:08 -04:00
Jimmy Zelinskie
fee9e5b8ec Merge pull request #2466 from coreos-inc/push_same_blob 
test: push twice same blob from different package
 2017-03-23 21:04:36 -04:00
Alec Merdler
e1eb383215 Merge pull request #2464 from alecmerdler/issue-2460 
Fix Security Scan Status UI for Safari
 2017-03-23 17:42:30 -07:00
Antoine Legrand
16f2479a96 test: push twice same blob from different package 2017-03-24 00:39:04 +01:00
Antoine Legrand
bbd74eabd1 Allow force push for app 2017-03-23 22:50:07 +01:00
josephschorr
3976735230 Merge pull request #2428 from coreos-inc/auth-cleanup-and-messaging 
Auth cleanup and messaging
 2017-03-23 15:58:08 -04:00
Joseph Schorr
ac4a79ae01 Update PR for rebase 2017-03-23 15:57:49 -04:00
Joseph Schorr
08673a03e2 Rename cookie header parameter to make it clear it is unused 
The parameter is necessary to match the auth handler interface, but is unused inside the method
 2017-03-23 15:42:45 -04:00
Joseph Schorr
95e1cf6673 Make V2 login errors more descriptive 
If login fails, we now call validate again to get the reason for the failure, and then surface it to the user of the CLI. This allows for more actionable responses, such as:

$ docker login 10.0.2.2:5000
Username (devtable): devtable
Password:

Error response from daemon: Get http://10.0.2.2:5000/v2/: unauthorized: Client login with unencrypted passwords is disabled. Please generate an encrypted password in the user admin panel for use here.
 2017-03-23 15:42:45 -04:00
Joseph Schorr
651666b60b Refactor our auth handling code to be cleaner 
Breaks out the validation code from the auth context modification calls, makes decorators easier to define and adds testing for each individual piece. Will be the basis of better error messaging in the following change.
 2017-03-23 15:42:45 -04:00
Joseph Schorr
1bd4422da9 Move auth decorators into a decorators module 
The non-decorators will be broken out in the followup change
 2017-03-23 15:42:45 -04:00
Joseph Schorr
abf179eb09 Move fixtures under test, since they are shared globally 2017-03-23 15:42:45 -04:00
josephschorr
295b09a201 Merge pull request #2462 from coreos-inc/cnr-login 
Start validating login in CNR
 2017-03-23 15:27:15 -04:00
alecmerdler
5805b80f1c use flexbox to fix safari alignment issue 2017-03-23 12:21:38 -07:00
Joseph Schorr
c9a5ce6701 Start validating login in CNR 
Fixes https://www.pivotaltracker.com/story/show/142342305
 2017-03-23 15:07:46 -04:00
josephschorr
71e27496db Merge pull request #2461 from coreos-inc/oci-blob-fix 
Remove transaction around OCI blobs
 2017-03-23 15:04:57 -04:00
Joseph Schorr
dd9e4bf3e7 Remove transaction around OCI blobs 
Fixes https://www.pivotaltracker.com/story/show/142341399
 2017-03-23 14:51:37 -04:00
josephschorr
20306ef0f6 Merge pull request #2459 from coreos-inc/cnr-api-security-tests 
Add very basic security tests for CNR APIs
 2017-03-23 14:25:52 -04:00