Joseph Schorr
ca7d736db2
Only send vulnerability events if the minimum priority is gte to that specified
...
Fixes #770
2015-11-10 16:05:55 -05:00
Matt Jibson
4d81567a0c
Remove error notification when user deletes repos
...
Also prevent duplicate notifications of that type.
fixes #493
2015-11-04 16:11:15 -05:00
Joseph Schorr
8a8955d234
Add documentation search to the main search bar
2015-08-03 17:15:53 -04:00
Joseph Schorr
5f2729f41f
Fix logic bug in param check
2015-07-20 17:04:06 -04:00
Jake Moshenko
3efaa255e8
Accidental refactor, split out legacy.py into separate sumodules and update all call sites.
2015-07-17 11:56:15 -04:00
Jake Moshenko
f5ee7a6697
Make the scopes dynamic based on app config.
2015-07-15 18:13:15 -04:00
Joseph Schorr
fb8e718c44
Fix OAuth 2 handler to support retrieving parameters from other places; various OAuth client (such as the Go library) send the values in the request body or even the Auth header
2015-05-18 12:38:39 -04:00
Joseph Schorr
8eb9c376cd
Add constructors for the QuayDeferredPermissionUser so that we can avoid extraneous DB lookups of the user whenever we already have the object
2015-05-07 15:04:12 -04:00
Joseph Schorr
d5c70878c5
Get build preparation working for bitbucket and do a lot of code cleanup around this process across all the triggers. Note: tests are not yet updated.
2015-04-29 17:04:52 -04:00
Joseph Schorr
333e0acd6d
Add the builds tab
2015-03-13 15:34:28 -07:00
Joseph Schorr
43ab838998
Merge branch 'newbuildview'
2015-03-05 16:17:29 -05:00
Joseph Schorr
e227d7e526
Start on the new build view
2015-02-26 17:45:28 -05:00
Joseph Schorr
5f605b7cc8
Fix queue handling to remove the dependency from repobuild, and have a cancel method
2015-02-23 13:38:01 -05:00
Joseph Schorr
7c81d90cda
Start recording the commit sha and other metadata about github triggered builds. We'll eventually show this information in the UI
2015-02-18 14:12:59 -05:00
Joseph Schorr
83e05d2342
Add tracking of the kind of temporary access tokens, so we can display if a pull/push by token is for a build worker
2015-02-17 12:35:16 -05:00
Joseph Schorr
f84d1bad45
Handle internal errors in a better fashion: If a build would be marked as internal error, only do so if there are retries remaining. Otherwise, we mark it as failed (since it won't be rebuilt anyway)
2015-02-12 16:19:44 -05:00
Jake Moshenko
0f3d87466e
Unify the logging infrastructure and turn the prod logging level to INFO in preparation for picking up a new cloud logger.
2015-02-11 14:15:18 -05:00
Joseph Schorr
09a10b6153
Have cache busting hashes be generated as part of the build process.
2015-02-06 17:52:09 -05:00
Joseph Schorr
cf774e23df
Merge branch 'master' into v2
2015-02-05 15:37:14 -05:00
Joseph Schorr
a1938593a9
Better handling of retries on build errors
2015-02-03 16:29:47 -05:00
Jake Moshenko
432da28b42
Reduce the retry count to 2.
2015-02-02 15:28:51 -05:00
Jake Moshenko
84f5780c1d
Up the number of retries available for builds.
2015-01-29 11:52:42 -05:00
Joseph Schorr
2a89accc49
Fix exception handling in the registry health check and make sure the user_loader is registered before the process is forked
2015-01-16 22:41:54 -05:00
Joseph Schorr
b89ba61286
Change to only run the cloud watch reporter in the gunicorn_web
2015-01-16 13:44:29 -05:00
Joseph Schorr
5bbf1d0c14
Make sure the ac-discovery URL is generated properly from config values
2015-01-13 18:00:01 -05:00
Jimmy Zelinskie
f3259c862b
Merge branch 'koh'
...
Conflicts:
auth/scopes.py
requirements-nover.txt
requirements.txt
static/css/quay.css
static/directives/namespace-selector.html
static/js/app.js
static/partials/manage-application.html
templates/oauthorize.html
2014-12-01 12:30:09 -08:00
Joseph Schorr
3a935822fc
Fix PhantomJS by always using the local copy of CDN files, and making sure to specify TLS (instead of the default SSLv3, which is now deprecated)
2014-11-25 15:32:10 -05:00
Joseph Schorr
7bf96c506f
Merge branch 'bees' into koh
2014-11-24 19:25:53 -05:00
Jimmy Zelinskie
dee4c389a8
Base sessions on UUIDs.
...
Now that a backfill has been applied, sessions can now be based on UUIDs
because all users will have one.
2014-11-20 18:44:36 -05:00
Jake Moshenko
2b8c246476
Temporarily put user rename behind a feature flag. Switch queue names back to using the username for namespace while we figure out a real migration strategy.
2014-11-20 15:36:39 -05:00
Jimmy Zelinskie
12ff4b107c
Undo sessions being driven by UUID.
...
Basing sessions on UUIDs must be done in phases. First all users
must obtain an UUID. Once a backfill has given all previous users
UUIDs and new users are being generated with UUIDs, then we can
actually change the session to be based on that value.
2014-11-20 12:57:17 -05:00
Jimmy Zelinskie
9d677b8eb3
Add UUID to User model and use in cookie.
2014-11-19 13:28:16 -05:00
Jake Moshenko
f4681f2c18
Merge branch 'master' into nomenclature
...
Conflicts:
test/data/test.db
2014-11-17 17:59:59 -05:00
Joseph Schorr
58ca76239b
Add ability to one-click generate an authorization access token in the applications panel
2014-11-17 14:54:07 -05:00
Joseph Schorr
9d1b6d829a
Make sure the external login link for GHE links to the enterprise GitHub and not the hosted version
2014-11-06 20:35:52 -05:00
Joseph Schorr
3e79379942
- Make the OAuth config system centralized
...
- Add support for Github Enterprise login
2014-11-05 16:43:37 -05:00
Joseph Schorr
6adf4644b4
Remove unneeded extra logging call
2014-11-03 17:17:05 -05:00
Joseph Schorr
79e4864eb2
Move the the track_and_log code into its own module. This breaks a dependency chain between index -> common -> api -> subscribe -> common again.
2014-10-30 12:49:51 -04:00
Joseph Schorr
c1398c6d2b
- Add a log entry for repo verb handling and make the container usage calculation take it into account
...
- Move all the repo push/pull/verb logging into a central track_and_log method
- Readd images accidentally deleted in the last CL
- Make the uncompressed size migration script better handle exceptions
2014-10-29 15:42:44 -04:00
Joseph Schorr
93cd7de0e0
Handle email errors in a better manner
2014-10-28 12:10:44 -04:00
Jake Moshenko
1461310ab8
Merge remote-tracking branch 'origin/master' into nomenclature
...
Conflicts:
endpoints/common.py
endpoints/notificationhelper.py
test/data/test.db
workers/dockerfilebuild.py
2014-10-23 13:25:37 -04:00
Joseph Schorr
208c97776f
Make sure builds are queued under a transaction. This should prevent a queue item from existing without its repository build object (or vice versa).
2014-10-22 15:20:53 -04:00
Joseph Schorr
8b331b453e
Make the contact page dynamic so that enterprise customers can configure it however they like
2014-10-22 14:49:33 -04:00
Jake Moshenko
e8b3d1cc4a
Phase 4 of the namespace to user migration: actually remove the column from the db and remove the dependence on serialized namespaces in the workers and queues
2014-10-01 14:23:46 -04:00
Jake Moshenko
03190efde3
Phase 2 of migrating repo namespaces to referencing user objects, backfilling the rows without a value for namespace_user, and changing all accesses to go through the namespace_user object. All tests are passing, manual testing still required.
2014-09-24 18:01:35 -04:00
Jake Moshenko
3259cda000
The new strategy is to do a three phase migration. This is the first phase: getting the namespace user in the db and written for all new repositories.
2014-09-22 17:27:02 -04:00
Jake Moshenko
8626d1cd70
Initial changes to move repositories from using a namespace string to referencing a user object. Also stores the user id in the cookie rather than the username, to allow users to be renamed. This commit must not be used unmodified because the database migration is too aggressive for live migration.
2014-09-19 10:17:23 -04:00
Joseph Schorr
e783df31e0
Add the concept of require_fresh_login to both the backend and frontend. Sensitive methods will now be marked with the annotation, which requires that the user has performed a login within 10 minutes or they are asked to do so in the UI before running the operation again.
2014-09-04 14:24:20 -04:00
Jake Moshenko
5d4a6fc279
Add support for GA at least for the initial page load.
2014-08-07 20:44:59 -04:00
Jake Moshenko
0372013f70
Merge remote-tracking branch 'origin/redalert'
...
Conflicts:
app.py
2014-08-04 16:56:34 -04:00
Joseph Schorr
b12d63ce9a
Make sure to always return the same cache busting string on prod, so that reloads of the page can still use the same cached resources
2014-07-29 20:54:16 -04:00
Joseph Schorr
7de1dd7dc0
Merge branch 'master' into redalert
2014-07-28 18:35:39 -04:00
Jake Moshenko
b39b847c98
Add messaging around required params for oauth. Style fixes.
2014-07-21 15:09:31 -04:00
Joseph Schorr
752efb9e0f
Fix the spawn_notification to work in all cases and clean up some of the remaining code
2014-07-18 16:34:52 -04:00
Joseph Schorr
af31bde997
Add support for the remaining events to the frontend and the backend
2014-07-18 15:58:18 -04:00
Joseph Schorr
205362bc7b
Add UI for handling the case when an enterprise has reached its maximum seat count
2014-05-28 15:22:36 -04:00
Jake Moshenko
f6726bd0a4
Merge branch 'ldapper'
...
Conflicts:
Dockerfile
app.py
data/database.py
endpoints/index.py
test/data/test.db
2014-05-22 12:13:41 -04:00
Jake Moshenko
d14798de1d
Add a queue capacity reporter plugin to the queue. Move the queue definitions to app. Add a cloudwatch reporter to the dockerfile build queue.
2014-05-21 19:50:37 -04:00
Joseph Schorr
08ccad7fe4
Add support for not using CDN-based resources. When USE_CDN = False, all CDN-based resources will instead be used from the local system.
2014-05-09 18:49:33 -04:00
Jake Moshenko
fe665118bb
Add sentry exception monitoring.
2014-04-28 18:59:22 -04:00
jakedt
31aab09be5
Sort the files before we send them to the template renderer. Remove a stack symlink if present to avoid interfering with the volume.
2014-04-16 14:23:22 -04:00
Joseph Schorr
ede8ed21f4
Enable DEBUGGING mode, which loads the individual script files rather than the minimized bundles created by grunt
2014-04-15 16:35:15 -04:00
Joseph Schorr
5fa4733a2f
- Enable minification for the frontend JS bundle
...
- Make sure we are pegged to version 3.3.3 of D3
2014-04-15 15:58:00 -04:00
Joseph Schorr
7aab6a9fdd
Get basic grunt-ified CSS and JS working. Note that this currently uses the dist bundles for both prod and debug.
2014-04-15 15:51:32 -04:00
jakedt
dcc993a20e
Fix the cache buster.
2014-04-15 14:27:00 -04:00
jakedt
61a6db236f
Finish the implementation of local userfiles. Strip charsets from mimetypes in the build worker. Add canonical name ordering to the build queue. Port all queues to the canonical naming version.
2014-04-11 18:34:47 -04:00
Joseph Schorr
3a3758654c
- Move all quay.io domain references to config and add new methods for easy construction of URLs
...
- Make the Olark chat live behind a feature flag
2014-04-08 20:33:20 -04:00
Joseph Schorr
da859203f7
- Add a config whitelist
...
- Send the config values to the frontend
- Add a service class for exposing the config values
- Change the directives to inject both Features and Config
- Change directive users to make use of the new scope
2014-04-08 19:14:24 -04:00
Joseph Schorr
c374e8146a
- Add code for placing the features information on the frontend
...
- Add a Features service for examining feature flags on the frontend
- Add a directive (quay-requires) that matches feature flags and, if any one does not match, removes the element from the DOM
- Add a directive (quay-show) that injects the features into the scope so that expressions of the form "Features.BILLING || something" work out of the box to show/hide the element
- Add a directive (quay-classes) that allows for setting of CSS classes on an element based on feature expression(s) such as {"!BILLING": "active"} (e.g. the BILLING flag is set to false, add the class "active".
2014-04-04 23:26:10 -04:00
Joseph Schorr
4f4112b18d
Add show_if and hide_if methods for routes and APIs, as well as proper comparison of feature values
2014-04-03 19:32:09 -04:00
jakedt
204fecc1f9
Restore the cache buster.
2014-04-02 12:22:32 -04:00
Joseph Schorr
9a79d1562a
Change to store the pull robot on the repository build and only add the credentials to the queue item. This prevents the credentials from being exposed to the end user. Also fixes the restart build option
2014-04-01 21:49:06 -04:00
jakedt
3525e383df
Merge remote-tracking branch 'origin/master' into pullinprivate
...
Conflicts:
test/data/test.db
2014-04-01 18:28:48 -04:00
Joseph Schorr
35f69b9f5b
Add support for .tar.gz build packs in the build package viewer
2014-04-01 00:23:53 -04:00
jakedt
d67a1cddc2
Merge remote-tracking branch 'origin/master' into pullinprivate
...
Conflicts:
workers/dockerfilebuild.py
2014-03-31 18:10:34 -04:00
Joseph Schorr
2006917e03
Add support for pull credentials on builds and build triggers
2014-03-27 18:33:13 -04:00
jakedt
910fabe103
Disable that pesky browser cache in the ways that matter.
2014-03-26 18:36:59 -04:00
jakedt
f060fd6ae0
Fix and unify CSRF support across web and API endpoints.
2014-03-25 14:32:26 -04:00
jakedt
0992c8a47e
Fix some permissions problems still around due to some usage of scopes as strings.
2014-03-19 18:21:58 -04:00
jakedt
c93c62600d
Merge remote-tracking branch 'origin/master' into swaggerlikeus
...
Conflicts:
data/database.py
endpoints/api.py
endpoints/common.py
templates/base.html
test/data/test.db
test/specs.py
2014-03-19 15:39:44 -04:00
Joseph Schorr
807fa68fe4
Fix the remainder of the API usage tests. Note that this still fails when the blueprint is registered again, so each subset of tests has to be run on its own
2014-03-18 20:32:37 -04:00
jakedt
64071b9e8e
Add a user info scope and thread it through the code. Protect the org modification API.
2014-03-18 19:21:27 -04:00
jakedt
3b3d71bfd7
Feed error messages through a cors wrapper so that people on other domains can see what's happening.
2014-03-17 16:57:35 -04:00
jakedt
5bb4008880
Fix cookie auth to work with oauth token auth. Make sure user loading is truly deferred to save DB connections.
2014-03-17 12:01:13 -04:00
Joseph Schorr
e759066ae0
Change ApiService to use the new swagger-backed discovery and the new /v1/ API endpoints. Also changes all other /api/ calls (the few that are still manually invoked)
2014-03-14 23:40:41 -04:00
Joseph Schorr
e5a461989f
Add a check_repository_usage method which adds (or removes) a notification on the user/org when they go over their plan usage
2014-03-12 19:19:39 -04:00
Joseph Schorr
368a8da7db
- Add data classes for notifications
...
- Add basic API for notifications
- Change the password required to be a notification
2014-03-12 00:49:03 -04:00
Joseph Schorr
c5fa12329c
Update path matching regex to support dots
2014-03-11 14:42:53 -04:00
Joseph Schorr
e699739b23
Fix handling of repository names that match known endpoints (build, trigger, etc) and add tests to ensure it is fixed
2014-03-11 14:30:00 -04:00
jakedt
011490d36d
Refactor a lot of the build create code out into a common method. Add an endpoint for manually starting triggers.
2014-02-25 19:39:43 -05:00
jakedt
b9580c1c29
Merge remote-tracking branch 'origin/master' into rustedbuilds
2014-02-25 17:19:15 -05:00
jakedt
9afd49e882
Leave ISEs as 400s, but log exceptions and have slightly improved error messages.
2014-02-25 17:19:02 -05:00
jakedt
de49ce151b
Merge remote-tracking branch 'origin/master' into rustedbuilds
2014-02-25 17:00:38 -05:00
jakedt
fa4c925e4d
Allow exception tracebacks to get logged to the log file.
2014-02-25 16:54:49 -05:00
jakedt
d5304f7db0
Merge remote-tracking branch 'origin/master' into rustedbuilds
...
Conflicts:
data/database.py
endpoints/api.py
endpoints/common.py
test/data/test.db
2014-02-21 14:52:40 -05:00
jakedt
b5d4919364
Split out callbacks into their own blueprint. Add build trigger DB information and connect it with some APIs. Stub out the UI to allow for generation of triggers. Split out the triggers into a plugin-ish architecture for easily adding new triggers.
2014-02-18 15:50:15 -05:00
jakedt
e7064f1191
Fix the tests and the one bug that it highlighted.
2014-02-16 18:59:24 -05:00
Joseph Schorr
4ffb86314b
Fix all non-test url_for’s
2014-01-30 17:23:21 -05:00
Joseph Schorr
310c98df50
Move each flask module into a Blueprint and have CSRF protection only on the API blueprint
2013-12-30 17:05:27 -05:00
Joseph Schorr
b598c7ec85
Style fixes
2013-12-28 19:56:23 -05:00