Joseph Schorr
bbdf9e074c
Add metrics for tracking when instance key renewal succeeds and fails, as well as when instance key *lookup* fails
2018-02-02 11:14:42 -05:00
Joseph Schorr
ede3a81c68
Disallow dots in repository names to fix reflected text "attack"
...
Fixes https://jira.coreos.com/browse/QS-125
2018-01-18 13:19:37 -05:00
Joseph Schorr
c887aa543b
Change superuser API errors to be more descriptive
...
Fixes https://jira.coreos.com/browse/QS-103
2018-01-05 17:09:26 -05:00
josephschorr
13b738c43c
Merge pull request #2954 from coreos-inc/joseph.schorr/QS-102/user-api-filter
...
Add ability to filter users list to enabled users
2018-01-05 15:40:50 -05:00
Joseph Schorr
5b4f5f9859
Regenerate test DB for token changes
2018-01-04 15:27:41 -05:00
Joseph Schorr
524d77f527
Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password
2018-01-04 15:27:41 -05:00
Joseph Schorr
8e473b9779
Add filter for disabled users to superuser user list API
...
Fixes https://jira.coreos.com/browse/QS-102
2017-12-22 16:45:49 -05:00
Joseph Schorr
3ce9d68a3e
Fix broken registry test
...
Flask now returns a 404 error, rather than redirecting like it used to do
2017-12-20 11:43:55 -05:00
Joseph Schorr
f9bd7ef42b
Add validation of Docker V2_1 schemas and add a test for PUTing an invalid schema
2017-12-20 11:43:03 -05:00
Joseph Schorr
11e3724919
Return an http 415 (manifest version not supported) for OCI manifest content types
...
This was breaking skopeo, as it first tries to send the *OCI* manifest type, which we didn't say we didn't support, thus breaking the tool
2017-12-20 11:02:34 -05:00
josephschorr
024c183f67
Merge pull request #2944 from coreos-inc/joseph.schorr/QS-91/v2-caching
...
V2 registry blob caching
2017-12-18 14:42:02 -05:00
Joseph Schorr
097cbbeaae
Add new Quay pricing plans
2017-12-18 13:12:16 -05:00
Joseph Schorr
b2485934ed
Enable caching of blobs in V2 registry protocol, to avoid DB connections after the cache has been loaded
...
This should help for bursty pull traffic, as it will avoid DB connections on a huge % of requests
2017-12-14 13:38:24 -05:00
Joseph Schorr
a706d99849
Add additional logs and an additional test for verbs
2017-12-07 15:22:20 -05:00
Joseph Schorr
1d1c6f0606
Invalidate all session tokens when a user signs out
...
Fixes https://jira.coreos.com/browse/QS-85
2017-12-07 13:03:11 -05:00
Joseph Schorr
927d469db0
In password recovery, don't reveal whether an e-mail address is valid (unless it is an org's e-mail address)
2017-12-06 14:07:38 -05:00
Joseph Schorr
2677720577
Fix exception raised for certain non-JSON strings given to is_json
...
This is breaking pushes in production for certain manifests
Fixes https://jira.prod.coreos.systems/browse/QS-60
2017-11-14 13:46:06 -05:00
Joseph Schorr
9f804de23d
Fix bug in deletion of repos with OCI-style linked tags
...
MySQL does not allow rows in the same table referencing other rows to be deleted in a single statement. We now do a two-pass deletion, and add a test to make sure.
Fixes https://jira.prod.coreos.systems/browse/QS-18
2017-10-18 17:03:27 -04:00
Joseph Schorr
010dda2c52
Add CloudFrontedS3Storage, which redirects to CloudFront for non-S3 ips
2017-09-28 14:40:58 -04:00
Joseph Schorr
c6aad5fef0
Add option to disable partial autocompletion of users
2017-09-12 15:55:37 -04:00
Joseph Schorr
464bccb5a0
Fix permissions on accessing archived logs
2017-08-18 13:45:36 -04:00
Jimmy Zelinskie
9e09612851
Revert "Merge pull request #2844 from coreos-inc/alegrand/use_latest_appr_server_code"
...
This reverts commit 646fafb2fd
, reversing
changes made to 5c1b635439
.
2017-08-09 20:45:46 -04:00
Joseph Schorr
854155fe82
Fix missing to_dict and import in robots model
...
Also adds a test to catch this issue
2017-08-09 20:33:14 -04:00
Antoine Legrand
646fafb2fd
Merge pull request #2844 from coreos-inc/alegrand/use_latest_appr_server_code
...
Migrate from cnr -> appr
2017-08-09 00:01:25 +02:00
Antoine Legrand
6336a4a971
Migrate from cnr -> appr
2017-08-08 11:48:59 +02:00
Evan Cordell
66dc093639
Convert RepositoryUserTransitivePermission security tests to pytest
2017-08-01 11:34:31 -04:00
Evan Cordell
a68ec6966e
Add data interface for api-permissions for v2-2
2017-07-31 15:46:13 -04:00
Jake Moshenko
0011ddda16
Release database connections after updating build statuses.
2017-07-26 12:29:51 -04:00
Joseph Schorr
5739e2ef4d
Move notifications test into notifications package
2017-07-25 17:00:06 -04:00
Joseph Schorr
ce56031846
Move notifications into its own package
2017-07-25 17:00:06 -04:00
Charlton Austin
8f1200b00d
style(data, endpoints, test): ran yapf against changed files
...
### Description of Changes
Issue: https://coreosdev.atlassian.net/browse/QUAY-633
## Reviewer Checklist
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-24 11:05:15 -04:00
Charlton Austin
9e1106f164
refactor(endpoints/api/repository*): added in pre_oci_model abstraction
...
this is a part of getting ready for oci stuff
[TESTING->using new PR stack]
Issue: https://coreosdev.atlassian.net/browse/QUAY-633
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-24 11:03:03 -04:00
josephschorr
a6db05e8b5
Merge pull request #2718 from coreos-inc/tag-expiration
...
Formal tag expiration support
2017-07-19 17:48:11 -04:00
Joseph Schorr
7d4fed6892
Change error message when trying to pull a deleted or expired tag
...
Will let the users know they can recover the tag via time machine
Note: This was tested with the Docker protocol, but the new error code is *technically* out of spec; we should make sure its okay.
2017-07-19 17:13:48 -04:00
Joseph Schorr
c5d8b5f86b
Add support for tag expiration based on a quay.expires-after
label
2017-07-19 17:13:06 -04:00
josephschorr
460a9b7fe8
Merge pull request #2732 from coreos-inc/swift-etag
...
Make sure to etag check Swift uploads
2017-07-19 17:06:53 -04:00
Jimmy Zelinskie
9f4ffca736
Merge pull request #2751 from jzelinskie/registry-tests
...
test: convert registry auth test to pytest
2017-07-13 15:09:57 -04:00
Evan Cordell
4ec4b7c6e6
Merge pull request #2782 from ecordell/no-signing-whitelist
...
Revert "Only show signing UI when namespace is explicitly whitelisted"
2017-07-13 10:20:53 -04:00
Evan Cordell
45bf7efc84
Merge branch 'master' into no-signing-whitelist
2017-07-12 15:50:32 -04:00
Evan Cordell
75c1533aec
Revert "Only show signing UI when namespace is explicitly whitelisted"
...
85d382cd84
2017-07-12 15:48:35 -04:00
Jimmy Zelinskie
7d1bbbfe19
test: convert registry auth test to pytest
...
This also moves them into the auth package.
2017-07-12 15:14:12 -04:00
Joseph Schorr
b6f1782642
Change notificationworker to use a data interface
2017-07-12 17:40:45 +03:00
Joseph Schorr
50c2f1fde8
Move notification worker test under its own package
2017-07-12 17:35:09 +03:00
Evan Cordell
939ddfd1d7
Merge v2.4.0-release into cherrypick-2.4.0
2017-07-10 10:25:18 -04:00
Evan Cordell
d4ef594c13
Mark fields as required on globalmessages API so that they are
...
properly checked when the request comes in
2017-07-05 18:16:55 -04:00
josephschorr
89ab94ffbb
Merge pull request #2720 from coreos-inc/gc-opt
...
GC optimizations
2017-06-29 20:55:14 +03:00
josephschorr
0e702c72f2
Merge pull request #2739 from coreos-inc/joseph.schorr/QUAY-664/verbs-interface-refactor
...
Refactor Verbs model definitions to match new style
2017-06-29 10:07:36 +03:00
Jimmy Zelinskie
5a651544bc
Merge pull request #2716 from jzelinskie/secscan-catch-all
...
util.secscan.api: add catch all for API failures
2017-06-28 13:42:33 -04:00
Jimmy Zelinskie
1d2640e012
util.secscan.fake: add test for unexpected status
2017-06-28 13:40:04 -04:00
Joseph Schorr
8ac20edfb2
Move verbs security tests into pytest style
2017-06-28 12:48:02 +03:00