Joseph Schorr
f6ff0d6ca0
Add support for populating test data during migration testing
...
This change ensures that the tables in the database during migration have at least one row of "real" data, which should help catch issues in the future where we forget to set column defaults and other such schema oversights that can only be truly tested with non-empty tables
Fixes https://jira.coreos.com/browse/QUAY-913
2018-06-18 14:14:32 -04:00
Joseph Schorr
0fa1a1d5fd
Implement support for blob mounting via the mount
parameter on blob uploads
...
Fixes https://jira.coreos.com/browse/QUAY-893
2018-06-06 11:31:28 -04:00
Joseph Schorr
b2262eaf46
Add feature flag to disable username confirmation
...
Fixes https://jira.coreos.com/browse/QUAY-914
2018-06-01 13:30:50 -04:00
Joseph Schorr
8ee98c1c48
Show starred public repositories in the starred repos list
...
We forgot to check if the repository was public in the filter
Fixes https://jira.coreos.com/browse/QUAY-857
2018-05-31 17:34:17 -04:00
Joseph Schorr
6ffafe44d3
Merge pull request #3059 from quay/joseph.schorr/QUAY-906/reg-tests
...
Move registry integration tests to py.test
2018-05-22 17:09:11 -04:00
Joseph Schorr
861e81cccd
Allow team syncing if user creation is disabled
...
Before this change, if user creation was disabled, team sync would fail to sync over users that had not yet been invited/logged in, because their accounts could not be created. Following this change, team syncing of users not yet in the system will create those user accounts, allowing users to be "auto invited" via team sync.
Fixes https://jira.coreos.com/browse/QUAY-910
2018-05-22 14:09:40 -04:00
Joseph Schorr
a007332d4c
Temporarily change to storing logs in a new LogEntry2 table
...
This will prevent us from running out of auto-incrementing ID values until such time as we can upgrade to peewee 3 and change the field type to a BigInt
Fixes https://jira.coreos.com/browse/QUAY-943
2018-05-18 20:15:16 -04:00
Joseph Schorr
f5fafc480f
Notifications can target robots, but the model did not reflect that
...
This fixes a breakage when deleting robots that have notifications targeting them.
2018-05-15 16:19:46 -04:00
josephschorr
58612955d6
Merge pull request #3079 from quay/joseph.schorr/QUAY-927/robots-limit
...
Limit robots displayed in entity search
2018-05-15 13:59:48 -04:00
josephschorr
6780a1f06b
Merge pull request #3077 from quay/joseph.schorr/QUAY-931/log-slowdown
...
Logs slowdown fixes
2018-05-15 13:28:05 -04:00
Joseph Schorr
5c50161d85
Limit robots displayed in entity search
...
Before, we'd load *all* the robots, which can be a huge issue in namespaces with a large number of robots. Now, we only load the top-20 robots (as per recency in login), and we also limit the information returned to the entity search to save some bandwidth.
Fixes https://jira.coreos.com/browse/QUAY-927
2018-05-15 11:00:57 -04:00
Joseph Schorr
b98c65b3a3
Filter out deleted users and organizations from the superuser list
...
Superusers were getting confused because the users/orgs were being disabled and renamed, but still appeared in the list until they were GCed by the background worker. Now we just hide them.
Fixes https://jira.coreos.com/browse/QUAY-936
2018-05-15 10:42:41 -04:00
Joseph Schorr
e3248bde47
Small fixes to make loading of logs faster
...
Removes filtering of log types where not necessary, removes filtering based on namespace when filtering based on repository (superfluous check that was causing issues in MySQL preventing the use of the correct index) and fix some other small issues around the API
Fixes https://jira.coreos.com/browse/QUAY-931
2018-05-14 11:41:49 -04:00
Joseph Schorr
29058201e5
Fix bug in modelutil pagination that caused us to load far more results than necessary
...
Also adds tests for the modelutil pagination
2018-05-14 11:40:31 -04:00
Joseph Schorr
49699fe251
Fix MySQL bug in full text search
...
Fixes https://jira.coreos.com/browse/QUAY-937
2018-05-14 08:41:40 -04:00
Joseph Schorr
f06eec8a35
Fix issue where we didn't delete robots immediately under a namespace
...
This could result in "hanging" robot accounts, although that would only leak the names of said accounts. Now we delete them immediately AND we proactively delete them before replacing the namespace (just to be sure)
2018-05-09 17:53:30 +03:00
Joseph Schorr
178c8e7cb0
Fix bug in in-memory data cache
...
Previously, if we didn't find a key, we'd empty the entire cache, making it essentially a single-key cache. We skip clearing now, although this does mean we won't GC expired entries (not a problem for tests, though)
2018-05-01 13:28:24 +03:00
Joseph Schorr
3309daa32e
Add support for reduced initial build count for new possible abusing users
...
If configured, we now check the IP address of the user signing up and, if they are a possible threat, we further reduce their number of allowed maximum builds to the configured value.
2018-04-20 18:46:32 +03:00
Joseph Schorr
4418772745
Postgres requires defaults for non-nullable cols, even integer ones
...
Fixes https://jira.coreos.com/browse/QUAY-912
2018-04-08 18:54:23 -04:00
Brad Ison
8e5c67e207
Use get_or_create in place of create_or_get
...
Peewee v2.9.0 removes the create_or_get method.
2018-04-04 14:21:16 -04:00
Joseph Schorr
82da2042fd
Add tests for image model, fix a small bug and remove an unused function
2018-04-04 13:13:52 -04:00
Joseph Schorr
8146646761
Simplifying queries around images and placements
...
Only verbs needs to load placements for multiple images, so we can vastly simplify and optimize most queries by making it two-step, and having the rest of the image loads not worry about placements
2018-04-03 16:23:49 -04:00
Joseph Schorr
f6b647bd61
Default for robot account metadata should be an empty dict, not a string
2018-03-27 17:29:55 -04:00
josephschorr
b897d896d7
Merge pull request #2876 from coreos-inc/blocking-logs-fix
...
Decrease redis timeouts to within the WAMP message window
2018-03-22 21:40:47 -04:00
josephschorr
6c43b7ff0d
Merge pull request #3024 from coreos-inc/manageable-robots
...
Manageable robots epic
2018-03-21 18:50:17 -04:00
Joseph Schorr
2ea13e86a0
Add last_accessed information to User and expose for robot accounts
...
Fixes https://jira.coreos.com/browse/QUAY-848
2018-03-21 15:28:34 -04:00
Joseph Schorr
c4debe011c
Fix team add/invite logic around when an invite is required
...
We were accidentally skipping the invite if the user was a member of *any* organization, rather than the specific organization (as intended)
Fixes https://jira.coreos.com/browse/QUAY-880
2018-03-16 17:13:27 -04:00
Joseph Schorr
254cdfe43a
Add support for metadata on robot accounts
...
Fixes https://jira.coreos.com/browse/QUAY-847
Fixes https://jira.coreos.com/browse/QUAY-816
2018-03-12 20:32:05 -04:00
Joseph Schorr
a693771345
Add creation date information to robots API and UI
...
Fixes https://jira.coreos.com/browse/QUAY-846
2018-03-09 13:55:19 -05:00
Joseph Schorr
c4a6273e00
Add creation date to User table
2018-03-09 13:31:29 -05:00
Joseph Schorr
2d34b89203
Decrease redis timeouts to within the WAMP message window
...
This ensures that if the builder sends a heartbeat, but redis is down, we don't time out the build while waiting to connect or receive. Since Redis data is ephemeral anyway, this should give us more stability in builds if/when redis is down
2018-03-02 16:53:37 -05:00
Joseph Schorr
24b77bbc10
Fix serialization of blobs to/from the cache
...
Also makes sure the test checks that serialization
2018-03-02 14:22:55 -05:00
Joseph Schorr
ff1773bd28
Change name field back to a normal string
...
Our prod MySQL does not support an index on a UTF8 field of this size; thankfully, we don't need UTF8 here
2018-03-02 13:23:30 -05:00
Joseph Schorr
4db4a44491
Add missing server_default on enabled col in repositorybuildtrigger
...
Without it, we'll default all existing triggers to disabled
2018-03-02 13:13:32 -05:00
Joseph Schorr
ed84835d23
Changes for code review
2018-03-01 16:49:52 -05:00
Joseph Schorr
3837a7c2ed
Add datetime of when a trigger was disabled
2018-03-01 16:49:51 -05:00
Joseph Schorr
93d79e777e
Automatically disable build triggers with successive failures or internal errors
...
We allow users to reenable them manually once disabled
2018-03-01 16:49:51 -05:00
Joseph Schorr
c35eec0615
Add ability for triggers to be disabled
...
Will be used in the followup commit to automatically disable broken triggers
2018-03-01 16:49:28 -05:00
Joseph Schorr
ab0172d2fd
Switch Quay to using an in-container memcached for data model caching
2018-02-27 16:55:22 -05:00
Joseph Schorr
8bc55a5676
Make namespace deletion asynchronous
...
Instead of deleting a namespace synchronously as before, we now mark the namespace for deletion, disable it, and rename it. A worker then comes along and deletes the namespace in the background. This results in a *significantly* better user experience, as the namespace deletion operation now "completes" in under a second, where before it could take 10s of minutes at the worse.
Fixes https://jira.coreos.com/browse/QUAY-838
2018-02-27 13:12:51 -05:00
Brad Ison
f89a16a64d
Make byte_count on BlobUpload table not nullable
...
The byte_count field on the BlobUpload model is marked as not
nullable, but the migration to make the field a big integer removed
that restriction (#2388 :: 76de324
) in the database. It's still in
the model though, which means they are out of sync. This adds a
migration to mark the field as not nullable in the database again.
2018-02-26 11:36:56 -05:00
Brad Ison
5bd826e7b5
Drop checksum from ImageStorage table
...
The checksum field was removed from the ImageStorage model in #815 ,
but was never dropped from the database. This adds a migration to
drop the unused column.
2018-02-24 17:00:07 -05:00
Joseph Schorr
e446eb5757
Switch build queue limiter query to use total number of alive jobs
...
This is slightly more accurate and, not being based on time, will work better under MySQL
2018-02-21 14:04:40 -05:00
josephschorr
d77aa9228f
Merge pull request #3002 from coreos-inc/joseph.schorr/QUAY-822/gc-app-tokens
...
Add a worker to automatically GC expired app specific tokens
2018-02-20 17:21:48 -05:00
Joseph Schorr
9a452ace11
Add configurable limits for number of builds allowed under a namespace
...
We also support that limit being increased automatically once a successful billing charge has gone through
2018-02-20 16:54:22 -05:00
Brad Ison
62971b7f20
Merge pull request #2999 from bison/user-location
...
Add user location metadata filed
2018-02-20 16:48:37 -05:00
Joseph Schorr
e220b50543
Refactor auth code to be cleaner and more extensible
...
We move all the auth handling, serialization and deserialization into a new AuthContext interface, and then standardize a registration model for handling of specific auth context types (user, robot, token, etc).
2018-02-14 15:35:27 -05:00
Joseph Schorr
e1a3857de9
Make sure to filtered already-expired tokens from the "expiring soon" tokens
2018-02-12 17:07:50 -05:00
Joseph Schorr
d45161b120
Add a worker to automatically GC expired app specific tokens
...
Fixes https://jira.coreos.com/browse/QUAY-822
2018-02-12 14:56:01 -05:00
Brad Ison
3de6b4a646
Add location metadata field for users
2018-02-06 16:06:17 -05:00
Joseph Schorr
da0fa2e0d2
Make sure to add primary repo permissions under a transaction
...
Should prevent a repository from being created under a user's namespace without a corresponding admin permission
Fixes https://jira.coreos.com/browse/QUAY-826
2018-02-06 11:20:40 -05:00
Joseph Schorr
6228ab5a51
We cannot cache the full expiration for an app specific token, as it would include the datetime when the cache is created, rather than now
...
Fixes https://jira.coreos.com/browse/QUAY-819
2018-02-02 16:11:59 -05:00
Joseph Schorr
bbdf9e074c
Add metrics for tracking when instance key renewal succeeds and fails, as well as when instance key *lookup* fails
2018-02-02 11:14:42 -05:00
josephschorr
fd1237cff9
Merge pull request #2974 from coreos-inc/joseph.schorr/QS-118/manifest-write-query
...
Audit the number of SQL queries we make in writing manifests, and significantly reduce in the common case
2018-01-31 11:08:33 -05:00
Joseph Schorr
182c4594e7
Remove unsupported DB connection arguments for non-pooled DB handler
2018-01-26 13:37:08 -05:00
Joseph Schorr
9e16a989f5
Audit the number of SQL queries we make in writing manifests, and significantly reduce in the common case
...
Instead of 41 queries now for the simple manifest, we are down to 14.
The biggest changes:
- Only synthesize the V1 image rows if we haven't already found them in the database
- Thread the repository object through to the other model method calls, and use it instead of loading again and again
2018-01-25 11:10:43 -05:00
Joseph Schorr
208dc38d25
Allow expired app specific tokens to be deleted
2018-01-23 11:40:51 -05:00
Joseph Schorr
3bc5840496
Extend our logs about whether we are using connection pooling for a DB
2018-01-11 16:43:46 -05:00
josephschorr
b17c05fbd5
Merge pull request #2968 from coreos-inc/joseph.schorr/QS-110/user-login-lock
...
Reduce lock contention on invalid user login calls
2018-01-09 12:41:00 -05:00
Joseph Schorr
81be47486c
Reduce lock contention on invalid user login calls
...
Fixes https://jira.coreos.com/browse/QS-110
2018-01-08 16:57:50 -05:00
josephschorr
13b738c43c
Merge pull request #2954 from coreos-inc/joseph.schorr/QS-102/user-api-filter
...
Add ability to filter users list to enabled users
2018-01-05 15:40:50 -05:00
josephschorr
d8fde005d8
Merge pull request #2961 from coreos-inc/joseph.schorr/QS-107/create-repo-opt
...
Small optimizations around create repository code
2018-01-05 15:40:30 -05:00
Joseph Schorr
6a876a6b73
Change title to be UTF8
2018-01-04 15:27:42 -05:00
Joseph Schorr
888b564a9b
Add a banner to the Quay UI when an app specific token is about to expire
2018-01-04 15:27:42 -05:00
Joseph Schorr
2214a2c7ad
Disable fresh login check in auth engines that won't support it
2018-01-04 15:27:41 -05:00
Joseph Schorr
524d77f527
Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password
2018-01-04 15:27:41 -05:00
Joseph Schorr
3f99e864e1
Reduce the number of DB queries for creating a repo
2018-01-04 14:32:39 -05:00
Joseph Schorr
1e1bec0afe
Remove extra update call on create repo
2018-01-04 13:42:05 -05:00
Joseph Schorr
8e473b9779
Add filter for disabled users to superuser user list API
...
Fixes https://jira.coreos.com/browse/QS-102
2017-12-22 16:45:49 -05:00
josephschorr
024c183f67
Merge pull request #2944 from coreos-inc/joseph.schorr/QS-91/v2-caching
...
V2 registry blob caching
2017-12-18 14:42:02 -05:00
Joseph Schorr
9e16596854
Add a bunch of logging to the data model caching mechanism
...
Should help us debug any potential issues
2017-12-18 14:18:37 -05:00
Joseph Schorr
097cbbeaae
Add new Quay pricing plans
2017-12-18 13:12:16 -05:00
Joseph Schorr
60bc655695
Fix flakiness in a test when comparing date times
2017-12-14 14:00:20 -05:00
Joseph Schorr
3c72e9878d
Add the concept of a data model cache, for caching of Namedtuple objects from the data model
...
Will be used to cache blobs, thus removing the need to hit the database in most blob requests
2017-12-14 13:36:51 -05:00
Joseph Schorr
51e67ab7f5
Fix get_blob_path to not make any database calls and add a test
...
This will be supported by caching, hopefully removing the need to hit the database when the blob object is cached
2017-12-13 16:27:46 -05:00
josephschorr
b2db266747
Merge pull request #2935 from coreos-inc/joseph.schorr/QS-80/password-reset-expire
...
Add maximum lifetime of 30m on password recovery tokens
2017-12-07 14:21:32 -05:00
josephschorr
1861d7dee9
Merge pull request #2938 from coreos-inc/joseph.schorr/QS-85/signout-all
...
Invalidate all session tokens when a user signs out
2017-12-07 13:25:00 -05:00
Joseph Schorr
1d1c6f0606
Invalidate all session tokens when a user signs out
...
Fixes https://jira.coreos.com/browse/QS-85
2017-12-07 13:03:11 -05:00
Joseph Schorr
d38a1fc851
Ensure user files are always sent with the Content-Disposition header
...
This prevents them from being executed in the browser directly
Fixes https://jira.coreos.com/browse/QS-84
2017-12-06 17:12:00 -05:00
Joseph Schorr
5dd95038cf
Add maximum lifetime of 30m on password recovery tokens
...
Fixes https://jira.coreos.com/browse/QS-80
2017-12-06 17:06:03 -05:00
josephschorr
8d7381336a
Merge pull request #2910 from coreos-inc/joseph.schorr/QS-58/oidc-auth-bug
...
Don't add a "password required" notification for non-database auth via OIDC
2017-12-06 14:19:49 -05:00
Joseph Schorr
32255f122b
Simplify and further optimize handling of unfiltered search results
...
Using the DB-side limit is much faster
2017-11-30 16:56:01 -05:00
Joseph Schorr
eea026be52
Fix bug around search pagination with non-filtered searches
...
Also further optimizes the queries
2017-11-30 16:13:42 -05:00
Joseph Schorr
0440cca3ef
Fix typo in how we order search results
...
`.desc()` needs to be on the field
2017-11-30 14:53:23 -05:00
Joseph Schorr
c767c88b82
Optimize searching of repositories when there is no query
2017-11-30 14:10:22 -05:00
Joseph Schorr
2ced523313
Add Explore tab and query-less searching
...
Allows for exploration of all visible repositories, in paginated form.
This change also fixes the layout of the header on different viewport sizes to be consistently a single line in height.
Fixes https://jira.coreos.com/browse/QS-63
2017-11-28 16:50:23 +02:00
Joseph Schorr
503cff8f0c
Don't add a "password required" notification for non-database auth via OIDC
2017-11-13 16:17:36 -05:00
Joseph Schorr
2e28976d7c
Change exception to debug on expected RAC integrity error
...
Fixes https://jira.prod.coreos.systems/browse/QS-44
2017-10-30 12:55:24 -04:00
Joseph Schorr
9f804de23d
Fix bug in deletion of repos with OCI-style linked tags
...
MySQL does not allow rows in the same table referencing other rows to be deleted in a single statement. We now do a two-pass deletion, and add a test to make sure.
Fixes https://jira.prod.coreos.systems/browse/QS-18
2017-10-18 17:03:27 -04:00
Joseph Schorr
c2a56ae828
Add a test for ping in OIDC auth
2017-10-12 16:49:06 -04:00
Joseph Schorr
c1ce84822d
Fix tuple for health check
2017-10-12 16:25:31 -04:00
Joseph Schorr
7e63184ab4
Add missing ping method
2017-10-12 16:25:21 -04:00
Joseph Schorr
2ce4e49711
Build job does not have a request context when calling get_file_url
...
We therefore need to specify some sort of IP or get_file_url will attempt to get it from context
2017-10-06 12:57:02 -04:00
josephschorr
3bef21253d
Merge pull request #2695 from coreos-inc/oidc-internal-auth
...
OIDC internal auth support
2017-10-02 16:51:17 -04:00
Joseph Schorr
f51a863158
Remove access_token from user_info
2017-10-02 16:51:09 -04:00
Joseph Schorr
56fbbcf7cf
Add request IP to get_direct_download_url method
2017-09-25 17:14:28 -04:00
Joseph Schorr
804d3c46c3
Add feature flag to allow users to be created only if invited to join a team
...
Allows for open user creation, but only if extended an invitation by someone who already has access
2017-09-14 16:28:39 -04:00
Joseph Schorr
c6aad5fef0
Add option to disable partial autocompletion of users
2017-09-12 15:55:37 -04:00
Evan Cordell
1d246784dd
Include invalid oidc token in the error message for debugging
2017-09-12 12:26:42 -04:00
Joseph Schorr
ed897c7cb0
Change OIDC engine to not be federated
...
We don't need linking, just the ability to perform lookup
2017-09-12 12:26:41 -04:00
Joseph Schorr
bc82edb2d1
Add ability to configure OIDC internal auth engine via superuser panel
2017-09-12 12:23:52 -04:00
Joseph Schorr
e724125459
Add support for using OIDC tokens via the Docker CLI
2017-09-12 12:23:22 -04:00
Jimmy Zelinskie
9e09612851
Revert "Merge pull request #2844 from coreos-inc/alegrand/use_latest_appr_server_code"
...
This reverts commit 646fafb2fd
, reversing
changes made to 5c1b635439
.
2017-08-09 20:45:46 -04:00
Antoine Legrand
646fafb2fd
Merge pull request #2844 from coreos-inc/alegrand/use_latest_appr_server_code
...
Migrate from cnr -> appr
2017-08-09 00:01:25 +02:00
Antoine Legrand
6336a4a971
Migrate from cnr -> appr
2017-08-08 11:48:59 +02:00
Charlton Austin
6c29ec873a
refactor(endpoints/api/superuser*): refactored code behind db model
...
this moves all the db model code behind an interface in prep for v2-2
Issue: https://coreosdev.atlassian.net/browse/QUAY-750
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-08-01 11:27:55 -04:00
josephschorr
6ce06942f0
Merge pull request #2791 from coreos-inc/purge-repo-optimization
...
Optimize purging of a repository by skipping the unreferenced check
2017-07-31 18:02:28 -04:00
Jimmy Zelinskie
fe6760749a
Merge pull request #2826 from jzelinskie/appr-v22
...
endpoints.appr: move to new v22 format
2017-07-31 07:36:40 -07:00
Joseph Schorr
dfe371286a
Optimize purging of a repository by skipping the unreferenced check
2017-07-28 13:41:14 -04:00
Joseph Schorr
6043bf45b4
Add configurable stale_timeout and max_connections on pool
2017-07-27 15:26:26 -04:00
Joseph Schorr
f79542fefb
Enable connection pooling in the registry
2017-07-27 14:00:23 -04:00
Jake Moshenko
e9a5fdbad1
Use a more pro-active approach to identify an uninitialized db proxy.
2017-07-26 18:23:05 -04:00
Joseph Schorr
50c144a7c4
Remove the configure call in UseThenDisconnect
...
This hopefully avoids us creating secondary connections
2017-07-26 14:14:52 -04:00
Jimmy Zelinskie
155cb65f7d
endpoints.appr: move to new v22 format
2017-07-26 11:02:44 -07:00
Jake Moshenko
0011ddda16
Release database connections after updating build statuses.
2017-07-26 12:29:51 -04:00
Joseph Schorr
9febb539a7
Close the database connection after operations in buildman
...
Also adds a *temporary* hack to prevent this from breaking tests
2017-07-26 12:10:48 -04:00
Charlton Austin
be206a8b88
Merge pull request #2814 from charltonaustin/create_data_interface_for_subsystem_api/repository_633
...
refactor(endpoints/api/repository*): added in pre_oci_model abstraction
2017-07-25 13:59:52 -04:00
josephschorr
074b4e4981
Merge pull request #2810 from coreos-inc/joseph.schorr/QUAY-747/common-data-interface
...
Convert endpoints/common into using a data interface
2017-07-24 15:59:13 -04:00
Charlton Austin
8f1200b00d
style(data, endpoints, test): ran yapf against changed files
...
### Description of Changes
Issue: https://coreosdev.atlassian.net/browse/QUAY-633
## Reviewer Checklist
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-24 11:05:15 -04:00
Joseph Schorr
aecec02b6c
Change common_login to take in a user uuid, instead of a user DB object
2017-07-20 16:01:39 -04:00
Jimmy Zelinskie
d7b094f65c
Merge pull request #2801 from jzelinskie/keyserver-update
...
endpoints.keyserver: new fs org for data interface
2017-07-20 14:48:57 -04:00
Joseph Schorr
7d4fed6892
Change error message when trying to pull a deleted or expired tag
...
Will let the users know they can recover the tag via time machine
Note: This was tested with the Docker protocol, but the new error code is *technically* out of spec; we should make sure its okay.
2017-07-19 17:13:48 -04:00
Joseph Schorr
99d7fde8ee
Add UI for viewing and changing the expiration of tags
2017-07-19 17:13:48 -04:00
Joseph Schorr
4663bf4194
Add additional test for tag expiration
2017-07-19 17:13:06 -04:00
Joseph Schorr
4ad3682b9c
Make health check failures report their reasons
...
Note that we add a new block with expanded service info, to avoid breaking compatibility with existing callers of the health endpoint
2017-07-19 16:17:02 +03:00
Joseph Schorr
0dfb6806e3
Add ping method to auth engines to determine if they are reachable
2017-07-19 16:16:41 +03:00
Jimmy Zelinskie
42869cb00a
endpoints.keyserver: new fs org for data interface
2017-07-17 14:25:18 -04:00
josephschorr
fdb21aa5dc
Merge pull request #2777 from coreos-inc/joseph.schorr/QUAY-618/notificationworker-data-interface
...
Change notificationworker to use data interface
2017-07-13 00:23:15 +03:00
josephschorr
d00c7d299c
Merge pull request #2778 from coreos-inc/gc-long-chain-test
...
Add a long-chain test for GC
2017-07-13 00:23:03 +03:00
Charlton Austin
82488c9102
Merge pull request #2753 from charltonaustin/api_tag_v22
...
refactor(endpoints/api/tag): refactor code for v22
2017-07-12 15:51:48 -04:00
Charlton Austin
131acde317
refactor(data+endpoints): code review changes
...
this puts the view logic on the object and adds a parameter for logging
[TESTING->locally with docker compose]
Issue: https://coreosdev.atlassian.net/browse/QUAY-632
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-12 14:10:21 -04:00
Joseph Schorr
2b51265b48
Add a long-chain test for GC
2017-07-12 18:03:27 +03:00
Joseph Schorr
b6f1782642
Change notificationworker to use a data interface
2017-07-12 17:40:45 +03:00
Joseph Schorr
bdab367285
Change blobuploadcleanupworker to use a data interface
2017-07-11 16:58:09 +03:00
Charlton Austin
897a091692
style(data+endpoints): ran yapf
...
### Description of Changes
ran yapf for the branch
[TESTING->locally using docker compose]
Issue: https://coreosdev.atlassian.net/browse/QUAY-632
## Reviewer Checklist
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-10 09:46:02 -04:00
Charlton Austin
fc4b3642d3
refactor(endpoints/api/tag): refactor code for v22
...
this decouples the database models from the api
[TESTING->locally with docker compose]
Issue: https://coreosdev.atlassian.net/browse/QUAY-632
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-07-10 09:40:33 -04:00
EvB
ccca0c9655
refactor(util/tufmetadata/test): move app test to gc suite
2017-07-07 15:14:14 -04:00
josephschorr
89ab94ffbb
Merge pull request #2720 from coreos-inc/gc-opt
...
GC optimizations
2017-06-29 20:55:14 +03:00
Jimmy Zelinskie
ecd5996386
endpoints.v2: new fs layout for data interface
...
Fixes QUAY-656
2017-06-29 13:19:53 -04:00
josephschorr
0e702c72f2
Merge pull request #2739 from coreos-inc/joseph.schorr/QUAY-664/verbs-interface-refactor
...
Refactor Verbs model definitions to match new style
2017-06-29 10:07:36 +03:00
Jimmy Zelinskie
80c9b611a4
Merge pull request #2730 from jzelinskie/v2-interface
...
endpoints.v2: new fs layout for data interface
2017-06-28 13:51:43 -04:00
Joseph Schorr
8b4958dbcc
Move verbs model into new file structure
2017-06-28 13:05:02 +03:00
Joseph Schorr
8dcea30d58
Fix build by pre-calling the caches
...
They were being called in a test-dependent order, which caused any tests which relied on query count to fail
2017-06-27 18:11:46 +03:00
Joseph Schorr
cdd7cb9321
Remove directly referenced images from the candidate set before starting GC iteration
...
Makes the lookup query underneath the transaction smaller if there are a lot of images referenced directly by tag. We still must do the direct referenced check within the transaction, but this should reduce the scope of the search space a bit.
2017-06-27 17:33:58 +03:00
Joseph Schorr
45c7008078
Change Repo GC to be iterative
...
This prevents us from creating a massive join when there are a large number of tags in the repository, which can result in locking the entire DB for long periods of time. Instead of the join, we just iteratively lookup any images found to be directly referenced by a tag or found as a parent of another image, both of which should be indexed lookups. Once done, we only remove those images and then iterate until the working set stops changing.
2017-06-27 17:33:58 +03:00
Joseph Schorr
e9a95874ee
Move GC tests into pytest
2017-06-27 17:33:58 +03:00
Joseph Schorr
11659f73bf
Fix log for reenabling a notification
...
We forgot to log the event and method names
2017-06-27 15:26:40 +03:00
Jimmy Zelinskie
0e26a03f7e
endpoints.v2: new fs layout for data interface
...
Fixes QUAY-658
2017-06-26 18:21:35 -04:00
Charlton Austin
5e6aa6648b
fix(endpoints): added in proper error handling
...
before we would return a 400 without a message because the errors were not being caught
Issue: https://www.pivotaltracker.com/story/show/145459707
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-06-21 16:59:48 -04:00
josephschorr
b269cb84a3
Merge pull request #2688 from coreos-inc/build-badge-query
...
Remove expensive call in build badge
2017-06-12 15:06:13 -04:00
Joseph Schorr
a949a44cb2
Remove expensive call in build badge
...
We don't need to list all the tags to determine if any exist, and showing the repo is ready when it is empty is probably correct behavior anyway
2017-06-12 14:53:54 -04:00
Joseph Schorr
d68b65d90c
Optimize GC query join a bit by reducing the surface
...
We remove the directly referenced images from the join across ancestors, as they will be covered by the first part of the union clause. For some large repositories, this will result in a significantly reduced set of images that have to be joined NxM.
2017-06-12 12:55:32 -04:00
Antoine Legrand
9c68cbd6e8
Fix no search result for apps
2017-06-05 23:03:47 +02:00
Charlton Austin
52750e74ee
fix(add notification number): add explicit default
...
there is a possibility that this will not work with postgres
Issue: https://www.pivotaltracker.com/story/show/144646649
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-05-22 09:55:40 -04:00
Charlton Austin
a71f60a9c1
Merge pull request #2652 from charltonaustin/failing_repository_notifications_to_be_disabled_after_n_failures_in_a_row_144646649
...
Failing repository notifications to be disabled after n failures in a row 144646649
2017-05-22 09:30:53 -04:00
Charlton Austin
993f2a174c
feat(full-stack): disable notifications after 3 failures
...
This stops notifications from firing over and over again if they are repeatedly failing.
[TESTING -> locally with docker compose, DATABASE MIGRATION -> there is a single migration]
Issue: https://www.pivotaltracker.com/story/show/b144646649n
- [ ] It works!
- [ ] Comments provide sufficient explanations for the next contributor
- [ ] Tests cover changes and corner cases
- [ ] Follows Quay syntax patterns and format
2017-05-19 16:58:46 -04:00
Joseph Schorr
065e327190
Make sure catalog always returns public repositories
2017-05-19 16:24:08 -04:00
Jimmy Zelinskie
702cdf59ff
Merge pull request #2637 from jzelinskie/audit-apps
...
Audit Logs for Apps
2017-05-16 17:06:25 -04:00
Jimmy Zelinskie
4db789b656
add audit logging to app registry endpoints
2017-05-16 15:54:02 -04:00
josephschorr
1dafddd7bf
Merge pull request #2623 from coreos-inc/ldap-user-creation
...
Disable federated login for new users if user creation is disabled
2017-05-15 15:07:52 -04:00
Joseph Schorr
b3d7577473
Disable federated login for new users if user creation is disabled
...
Fixes https://www.pivotaltracker.com/story/show/144821585
2017-05-15 15:07:08 -04:00
Joseph Schorr
db767b3610
Optimize lookup of org membership on prototype and perms APIs
...
Fixes a major slowdown when working with permissions under organizations with a lot of members
Fixes https://www.pivotaltracker.com/story/show/144076113
2017-05-08 14:03:59 -04:00
Joseph Schorr
9d97e053b3
Make sure to re-sort the filtered repositories in search
...
The filtering breaks the ordered we expected, so we need to re-sort
2017-05-03 18:38:46 -04:00
Joseph Schorr
0164b48a24
Switch repository search to order matches in repo names higher
...
Helps push better results to the top of the results list
2017-05-03 17:02:24 -04:00
josephschorr
19f67bfa1b
Merge pull request #2607 from coreos-inc/faster-security-notify
...
Batch the tag lookups in the security notification worker in an attempt to significant reduce load
2017-05-03 13:49:13 -04:00
Joseph Schorr
68d473bff4
Clarify comment and make pairs code a little nicer
2017-05-03 11:41:39 -04:00
Joseph Schorr
977bbc20a2
Add filtering onto the images query in get_matching_tags_for_images
...
Should make the query even faster in the security notification case
2017-05-02 18:29:14 -04:00
josephschorr
5a9a231754
Merge pull request #2529 from coreos-inc/search-ui
...
Implement new search UI
2017-05-02 15:56:59 -04:00
Joseph Schorr
d77463cc8b
Add sharing to the images lookup in get_matching_tags_for_images
...
Should prevent an issue if we ever get a request with thousands and thousands of images where we would exceed the DB's max packet size
2017-05-02 15:50:31 -04:00
Joseph Schorr
74dd0ef8e8
Add a batch get_matching_tags_for_images
method
...
This will be used in the security notification worker to retrieving the tags needed in a set of batch calls, rather than multiple calls per image
2017-05-02 15:38:25 -04:00
Joseph Schorr
b67113e848
Move LDAP controls init into the inner loop
...
We cannot use it across different DNs, so we need to move it down
2017-05-01 16:04:33 -04:00
Joseph Schorr
30a681343f
Make sure to escape LDAP queries
...
Fixes an issue in team sync around group names that contain *s
Fixes https://www.pivotaltracker.com/story/show/144628235
2017-05-01 14:00:54 -04:00
Joseph Schorr
e583be3914
Remove inner query for ancestors lookup on get_matching_tags
2017-04-28 20:10:54 -04:00
Joseph Schorr
8b2e4d3bcf
Add a test for get_matching_tags
2017-04-28 19:57:24 -04:00
Joseph Schorr
e9ffe0e27b
Implement new search UI
...
We now have both autocomplete-based searching for quick results, as well as a full search page for a full listing of results
2017-04-28 13:57:28 -04:00
Charlton Austin
f1d6a7284d
Merge pull request #2483 from charltonaustin/phase_four_config
...
feat(data): remove subdir
2017-04-28 13:24:22 -04:00
Charlton Austin
c79711b6dc
feat(data): remove subdir
...
### Description of Changes
This is the last step in the four phase migration of the config
2017-04-28 13:23:51 -04:00
josephschorr
8b148bf1d4
Merge pull request #2576 from coreos-inc/full-db-tests-tox
...
Reenable full database testing locally and in concourse
2017-04-27 18:09:15 -04:00
Joseph Schorr
dd1addee29
LDAP Team sync improvements
...
- Add a large amount of additional logging
- Handle NO_SUCH_OBJECT in AD searches
- Only check if *a* record exists when adding syncing, as opposed to loading the entire search set
2017-04-26 20:26:12 -04:00
EvB
fddcd0a395
fix(data.archivedlogs): update endpoint name
2017-04-26 17:31:44 -04:00
josephschorr
5c4f7d50c6
Merge pull request #2580 from coreos-inc/team-sync-email-fix
...
Fix handling of team sync when a user already exists with the email address
2017-04-26 14:19:23 -04:00
EvB
5e995fae20
refactor(archivedlogs): move archivelog handler to endpoints
2017-04-26 11:41:55 -04:00
Joseph Schorr
36f2272fe2
Fix handling of team sync when a user already exists with the email address
2017-04-25 17:42:35 -04:00
Joseph Schorr
d7f3ef96ce
Small fixes found by running full db tests
2017-04-24 16:45:15 -04:00
Joseph Schorr
7debd44b54
Switch fixture imports to wildcard in prep for full db test fixes
2017-04-24 16:45:14 -04:00
Jake Moshenko
a159bd3e77
Resolve race condition between multiple log archivers
2017-04-24 13:41:08 -04:00
Antoine Legrand
8499612c4c
Merge pull request #2538 from coreos-inc/enable-robot-cnr
...
Enable robot cnr
2017-04-24 17:32:46 +02:00
josephschorr
cc88cfb6ad
Merge pull request #2568 from coreos-inc/fix-postgres-search
...
Fix search in postgres
2017-04-21 17:22:59 -04:00
Joseph Schorr
e46e668cc5
Fix search in postgres
...
Stupid missing group_by again
2017-04-21 17:21:17 -04:00
Erica
fc5c255965
Merge pull request #2565 from coreos-inc/HOTFIX-2.3.1
...
fix(migration): bring hotfix from v2.3.0 into master
2017-04-21 17:12:51 -04:00
Joseph Schorr
5bba018009
Add tests for user files endpoint and add regex filter
2017-04-21 16:13:18 -04:00
Joseph Schorr
4bb725dce0
Add fix for relative paths in user files lookup and add test
2017-04-21 15:54:15 -04:00
Joseph Schorr
3413fc3d8a
Add missing logging for IOError issue in archived logs
2017-04-21 14:40:09 -04:00
EvB
c5b411b704
fix(migrations): fix column additional w/ boolean default
2017-04-21 11:56:13 -04:00
Joseph Schorr
3dcbe3c631
If enabled, allow users and orgs to set their time machine expiration
...
Fixes https://www.pivotaltracker.com/story/show/142881203
2017-04-21 11:32:45 -04:00
Joseph Schorr
c5bb9abf11
Fix deleting repos when sec scan or signing is disabled
...
Make sure we don't invoke the APIs to non-existent endpoints
2017-04-19 16:57:36 -04:00
Charlton Austin
38d4af0d8b
Merge pull request #2479 from charltonaustin/phase_three_config
...
feat(data): remove writing of old config
2017-04-18 10:25:50 -04:00
Antoine Legrand
599ce0de54
code-stye Yapf: 5 files updated
...
data/interfaces/appr.py endpoints/appr/cnr_backend.py endpoints/appr/registry.py endpoints/appr/test/test_api.py endpoints/appr/test/test_registry.py
2017-04-18 14:02:48 +02:00
Antoine Legrand
578f87f94c
Fix login with robot to quay-appr
2017-04-18 13:59:21 +02:00
Evan Cordell
2661db7485
Add flag to enable trust per repo ( #2541 )
...
* Add flag to enable trust per repo
* Add api for enabling/disabling trust
* Add new LogEntryKind for changing repo trust settings
Also add tests for repo trust api
* Add `set_trust` method to repository
* Expose new logkind to UI
* Fix registry tests
* Rebase migrations and regen test.db
* Raise downstreamissue if trust metadata can't be removed
* Refactor change_repo_trust
* Add show_if to change_repo_trust endpoint
2017-04-15 08:26:33 -04:00