Commit graph

148 commits

Author SHA1 Message Date
Joseph Schorr
840e4cd64b Add missing requirement 2015-09-10 11:57:43 -04:00
Jake Moshenko
210ed7cf02 Merge remote-tracking branch 'upstream/master' into python-registry-v2 2015-09-04 16:32:01 -04:00
Jake Moshenko
82efc746b3 Make our JWT checking more strict. 2015-09-04 15:18:57 -04:00
Joseph Schorr
b87427aefb Add missing pyjwkest dependency 2015-08-25 14:18:07 -04:00
Joseph Schorr
f092c00621 Allow builds to be started with an external archive URL
Fixes #114
2015-08-17 17:01:49 -04:00
Jake Moshenko
e1b3e9e6ae Another huge batch of registry v2 changes
Add patch support and resumeable sha
Implement all actual registry methods
Add a simple database generation option
2015-08-12 16:41:12 -04:00
Jake Moshenko
2109d24483 Add the toposort dependency. 2015-07-17 11:50:41 -04:00
Jake Moshenko
1fb676d1f6 Refresh the dependencies and switch back to upstream peewee now that coleifer has added a fix. 2015-07-06 15:02:52 -04:00
Jimmy Zelinskie
3fb052be3c reqs: fallback to vendored python-etcd
We need to figure out why this is a problem, but it can't block our
deployment for now.
2015-06-24 16:20:07 -04:00
Jimmy Zelinskie
282125e4f7 reqs: refreeze requirements.txt 2015-06-24 15:19:40 -04:00
Jake Moshenko
5f1d23c6e8 Use a UNION query instead of a multitude of left outer joins for performance reasons.
Fixes #159
2015-06-23 17:18:37 -04:00
Jake Moshenko
2a2414d6af Merge pull request #60 from coreos-inc/jwtauthentication
Add support for an external JWT-based authentication system
2015-06-05 13:37:42 -04:00
Joseph Schorr
8aac3fd86e Add support for an external JWT-based authentication system
This authentication system hits two HTTP endpoints to check and verify the existence of users:

Existance endpoint:
GET http://endpoint/ with Authorization: Basic (username:) =>
    Returns 200 if the username/email exists, 4** otherwise

Verification endpoint:
GET http://endpoint/ with Authorization: Basic (username:password) =>
    Returns 200 and a signed JWT with the user's username and email address if the username+password validates, 4** otherwise with the body containing an optional error message

The JWT produced by the endpoint must be issued with an issuer matching that configured in the config.yaml, and the audience must be "quay.io/jwtauthn". The JWT is signed using a private key and then validated on the Quay.io side with the associated public key, found as "jwt-authn.cert" in the conf/stack directory.
2015-06-05 13:20:10 -04:00
Joseph Schorr
698f62388e Switch the python-etcd client to the sslfix branch
This fixes an issue with urllib3 and SSL
2015-06-03 14:32:32 -04:00
Jake Moshenko
7bc5f7a1ca Merge pull request #53 from coreos-inc/v1test
Add tests for the registry that mimic Docker's calls
2015-06-02 12:24:42 -04:00
Joseph Schorr
9585e2a765 End-to-end registry tests 2015-06-01 16:35:30 -04:00
josephschorr
491de200f6 Merge pull request #45 from coreos-inc/ldapreferfix
Fix LDAP referral and multiple pair handling
2015-06-01 14:11:00 -04:00
Joseph Schorr
e4e82790ca Remove unneeded avatar library 2015-06-01 13:32:57 -04:00
Joseph Schorr
386b1710ed Merge branch 'master' into ldapreferfix 2015-05-27 15:15:47 -04:00
Joseph Schorr
1aff701bc7 Fix LDAP referral and multiple pair handling
Fixes two issues found with our LDAP handling code. First, we now follow referrals in both LDAP calls, as some LDAP systems will return a referral instead of the original record. Second, we now make sure to handle multiple search result pairs properly by further filtering based on the presence of the 'mail' attribute when we have multiple valid pairs. This CL also adds tests for all of the above cases.
2015-05-27 15:04:34 -04:00
Joseph Schorr
5845e37e32 Add Swift storage library 2015-05-26 16:05:21 -04:00
Joseph Schorr
efab02ae47 LDAP improvements:
- Better logging
  - Better error messages
  - Add unit tests
  - Clean up the setup tool for LDAP
2015-05-11 21:23:18 -04:00
Joseph Schorr
e3aededcbc Merge branch 'master' into gitlab 2015-05-03 12:13:09 -04:00
Jimmy Zelinskie
7426a540dd initial gitlab angular stuff 2015-05-02 13:31:54 -04:00
Joseph Schorr
56c4727e7a Add missing url lib and requests dependencies 2015-05-01 16:36:02 -04:00
Joseph Schorr
6479f8ddc9 Work In Progress!
Get the full activation and deactivation cycle working for bitbucket.
2015-04-28 18:15:12 -04:00
Joseph Schorr
7dccd5acbe Fix requirements.txt 2015-04-08 16:09:01 -04:00
Joseph Schorr
a34d56045f Add scoring based on the string distance 2015-04-07 12:32:23 -04:00
Jimmy Zelinskie
34ceb274c3 requirements: switch to vendored python-etcd 2015-02-23 14:31:24 -05:00
Joseph Schorr
f7615b2e96 Add missing lib requirement 2015-02-18 14:17:09 -05:00
Joseph Schorr
f107b50a46 Merge branch 'master' into ackbar 2015-02-12 12:04:45 -05:00
Joseph Schorr
98b4f62ef7 Switch to using a squashed image for the build workers 2015-02-10 15:43:01 -05:00
Joseph Schorr
045614c6c8 Merge branch 'master' into ackbar 2015-02-09 17:16:42 -05:00
Joseph Schorr
c081b1fa86 Fix DB test and upgrade to peewee 2.4.7, which has the delete instance fix 2015-02-09 11:10:26 -05:00
Joseph Schorr
cf774e23df Merge branch 'master' into v2 2015-02-05 15:37:14 -05:00
Joseph Schorr
9dfe523615 Merge master changes 2015-02-05 13:11:16 -05:00
Joseph Schorr
400ffa73e6 Add SSL cert and key validation 2015-02-05 13:06:56 -05:00
Joseph Schorr
bfb0784abc Add signing to the ACI converter 2015-02-04 15:29:24 -05:00
Jake Moshenko
f2471a86f6 Fix the python requirements. Add the ability to map in etcd client certs and ca. 2015-01-22 10:53:23 -05:00
Jimmy Zelinskie
0da9c5826b Update MixPanel and use BufferedConsumer 2015-01-16 16:04:13 -05:00
Jimmy Zelinskie
f4d078e87a vendor pygithub
It's going to be a long time before the developer decides to merge our
changes upstream.
2015-01-06 15:41:29 -05:00
Jimmy Zelinskie
f3259c862b Merge branch 'koh'
Conflicts:
	auth/scopes.py
	requirements-nover.txt
	requirements.txt
	static/css/quay.css
	static/directives/namespace-selector.html
	static/js/app.js
	static/partials/manage-application.html
	templates/oauthorize.html
2014-12-01 12:30:09 -08:00
Joseph Schorr
72d613614d Merge branch 'bagger' 2014-12-01 12:48:59 -05:00
Joseph Schorr
9d675b51ed - Change SSL to only be enabled via an environment variable. Nginx will be terminating SSL for the ER.
- Add the missing dependencies to the requirements.txt
- Change the builder ports to non-standard locations
- Add the /b1/socket and /b1/controller endpoints in nginx, to map to the build manager
- Have the build manager start automatically.
2014-11-25 18:08:18 -05:00
Jake Moshenko
1c32faa31d Update the requirements-nover.txt to pull from the forked avatar lib and to use the proper forked libs in the versioned requirements.txt. 2014-11-25 16:23:49 -05:00
Jimmy Zelinskie
a1ea2f6571 Update requirements.txt 2014-11-25 16:08:29 -05:00
Jake Moshenko
a77ccee9cd Refresh the dependencies and switch to upstream docker-py. 2014-11-21 12:39:01 -05:00
Joseph Schorr
007efb1143 Switch to using our branch of docker-py 2014-10-15 16:03:16 -04:00
Jake Moshenko
6ddd4b5570 Refresh the base image and the python requirements. 2014-10-07 17:10:46 -04:00
Joseph Schorr
5b3514b49c Add missing pyyaml dependency 2014-08-21 20:38:30 -04:00
Joseph Schorr
d2880807b2 - Further fixes for license stuff
- Small fixes to ensure Quay works for Postgres
2014-08-21 19:21:20 -04:00
Jake Moshenko
09917ff062 Switch unidecode over to the new anunidecode library and write some tests to validate results. 2014-08-01 15:50:25 -04:00
Jake Moshenko
2d21dc9293 Replace the GPLed aniso8601 library with a fake version. 2014-07-31 17:01:26 -04:00
Jake Moshenko
6b38ddb9b6 Remove the gpled loremipsum module. 2014-07-31 16:46:02 -04:00
Jake Moshenko
db953cdc79 Temporarily downgrade the gunicorn version until the fix for this bug is available: https://github.com/benoitc/gunicorn/issues/790 2014-07-17 14:04:51 -04:00
Jake Moshenko
cceb09d4f6 Remove some unused dependencies and update the rest. 2014-07-17 12:08:07 -04:00
Jake Moshenko
0e14493edd Fix the logentries version in requirements.txt. 2014-06-11 22:11:31 -04:00
Joseph Schorr
3b3b55cf5d Add logging to log entries 2014-06-11 20:53:28 -04:00
Jake Moshenko
2da8b4737e Fix the registry to work with unicode usernames in LDAP. 2014-05-13 15:22:31 -04:00
Jake Moshenko
a5a61576ae Revamp the logging a bit. Not quite done yet. 2014-05-01 19:44:28 -04:00
Jake Moshenko
fe665118bb Add sentry exception monitoring. 2014-04-28 18:59:22 -04:00
jakedt
61a6db236f Finish the implementation of local userfiles. Strip charsets from mimetypes in the build worker. Add canonical name ordering to the build queue. Port all queues to the canonical naming version. 2014-04-11 18:34:47 -04:00
jakedt
576fbe4f0d Switch over to phusion baseimage. Prevent everything from daemonizing and start it with runit under phusion. Make workers trap and handle sigint and sigterm. Extend the reservation to 1hr for dockerfilebuild. Update nginx to remove the dependency on libgd. Merge the requirements and requirements enterprise files. 2014-04-11 13:32:45 -04:00
jakedt
8fac0474b5 Get staging to run under docker on an EC2 host. 2014-04-10 18:30:09 -04:00
jakedt
265fa5070a Fix support for multiple stack configurations and move most secrets into the quay-config project. 2014-04-07 16:59:22 -04:00
jakedt
8e9faf6121 Toward running quay in a docker container. 2014-04-07 01:20:09 -04:00
jakedt
da2a48954f Update the docker-py dependency to point to our patched library. 2014-04-02 12:12:10 -04:00
jakedt
7c14190d2a Freeze the version of docker-py to 0.3.0 and create a fancy streaming json decoder to work around the lack of newlines in push statuses. 2014-03-28 17:53:33 -04:00
jakedt
cb9c0e58d4 Update requirements.txt with new versions and new requirements. 2014-03-25 17:45:51 -04:00
jakedt
8bf51461a7 Manually downgrade reportlab to keep xhtml2pdf happy. 2014-03-04 19:10:28 -05:00
jakedt
ea6d60192b Re-generate the requirements to add pygithub. 2014-03-04 19:00:32 -05:00
yackob03
df389e81c7 Fix up the test endpoints with better fake data. Install them at a known location. Update the building test repository to point to the new fakes. 2014-02-05 20:01:23 -05:00
yackob03
67e0736fc6 Separate out the dockerfile build stuff to a separate class. Add a dependency on docker-py master. 2014-02-05 11:07:54 -05:00
yackob03
5270066d6d Switch to the redis backed build logs and status. 2014-02-03 19:08:37 -05:00
yackob03
c13654bb52 First attempt at emitting logstash style logs. 2014-01-30 13:32:06 -05:00
yackob03
025518ac17 Upgrade the requirements, including the digitalocean library which scrubs data by default. 2014-01-02 14:44:34 -05:00
yackob03
af4c67d7cb Switch from eventlet to gevent, it seems to work better with flask static files. 2013-11-18 18:42:02 -05:00
yackob03
bde0a29296 Switcht the requirements and -nover files to the standard formatting. 2013-11-18 15:00:08 -05:00
Joseph Schorr
4c6012f756 Add ability to download receipts in PDF form 2013-11-18 14:49:54 -05:00
yackob03
d3d593f7e1 Add some missing dependencies to for the workers. 2013-10-29 18:14:22 -04:00
yackob03
607bf3ecc4 Daemonize the worker. 2013-10-18 17:52:55 -04:00
Ubuntu
3c3cca1140 Some fixes for generating snapshots against the local host. 2013-10-11 03:56:27 +00:00
yackob03
00b8244661 Add analytics on push and pull repo events in the backend. 2013-10-03 16:19:01 -04:00
Ubuntu
fc80616eab Set up for running under gunicorn and nginx. 2013-10-02 20:42:12 +00:00
yackob03
7bd18c1bab Checkpointing stripe work. 2013-10-02 00:48:03 -04:00
yackob03
52db1c8796 Try using pymysql instead of mysqldb. 2013-09-30 20:26:41 -04:00
yackob03
f8f86bcb04 Try to upgrade distribute prior to the app running. 2013-09-30 20:13:36 -04:00
yackob03
2e3c4723d0 I'm losing my mind here. This needs to start working. 2013-09-30 20:04:32 -04:00
yackob03
705624dd6f Try install mysql-python through yum. 2013-09-30 19:55:00 -04:00
yackob03
8f554c51d0 Try downgrading both distribute and mysql. 2013-09-30 19:48:17 -04:00
yackob03
ab1305d728 Going to try rebuilding the environment. 2013-09-30 19:33:32 -04:00
yackob03
22edde9cb4 It was the distribute library not mysql causing problems. 2013-09-30 19:28:51 -04:00
yackob03
84adf680b9 Switch the registry and index to use real s3 and rds. 2013-09-30 19:10:27 -04:00
yackob03
b0720aac1c Update to support running on elasticbeanstalk. 2013-09-30 16:14:48 -04:00
yackob03
99341f7d53 Send a confirmation email when an account is created. Links don't do anything yet. 2013-09-27 19:29:01 -04:00
yackob03
e107d79612 Add some login machinery. 2013-09-23 12:37:40 -04:00
yackob03
458b69953a Integrate flask-principal in order to provide RBAC. 2013-09-20 18:38:17 -04:00
yackob03
8e169b1026 Index that kinda works and is backed by a database. Still lots to do. 2013-09-20 11:55:44 -04:00