Commit graph

1662 commits

Author SHA1 Message Date
Joseph Schorr
d0dc8fe45d Add endpoint security tests for the V2 endpoints
Fixes #581
2015-10-02 14:01:12 -04:00
Joseph Schorr
35c35d9913 Load images and storage references in bulk during V1 synthesize
Currently, we perform multiple queries for each layer, making it much slower (especially cross-region)

Fixes #413
2015-09-29 17:53:39 -04:00
Joseph Schorr
f44ca79391 Add _catalog endpoint as specified by V2 API
Fixes #391
2015-09-29 16:02:19 -04:00
Joseph Schorr
decdaa4c79 New tests and small fixes while comparing against the V2 spec
Fixes #391
2015-09-29 15:18:48 -04:00
Silas Sewell
9000169b53 Revert "Merge pull request #491 from jakedt/migratebackp2"
This reverts commit 7ad2522dbe, reversing
changes made to a0b191ffa1.
2015-09-28 16:09:22 -04:00
Joseph Schorr
2e694dd3f0 Move Docker V2 key to be loaded from file or generated on server load
Fixes #394
2015-09-28 15:43:51 -04:00
Joseph Schorr
09f8ad695b Fix resumable upload support and add another test 2015-09-28 12:17:17 -04:00
josephschorr
7ad2522dbe Merge pull request #491 from jakedt/migratebackp2
Migrate image data back phase 2
2015-09-26 15:11:46 -04:00
Joseph Schorr
4dc30d6321 Remove yaml and switch to JSON because yaml is so slow 2015-09-24 16:17:42 -04:00
Joseph Schorr
a283c8d8ec Add a check to ensure repository names are valid according to an extended set of rules.
Fixes #534
2015-09-24 11:55:08 -04:00
Joseph Schorr
49b575afb6 Start refactoring of the trigger system:
- Move each trigger handler into its own file
- Add dictionary helper classes for easier reading and writing of dict-based data
- Extract the web hook payload -> internal representation building for each trigger system
- Add tests for this transformation
- Remove support for Github archived-based building
2015-09-21 16:36:48 -04:00
Jake Moshenko
26cea9a07c Merge remote-tracking branch 'upstream/master' into python-registry-v2 2015-09-17 16:16:27 -04:00
Jake Moshenko
8baacd2741 Migrate old data to new locations, read only new. 2015-09-17 15:47:13 -04:00
josephschorr
c801965626 Merge pull request #492 from coreos-inc/nofreelunch
UI and API fixes for disallowing private repo count abuse
2015-09-16 17:53:11 -04:00
Silas Sewell
a8183ed87b Sample pull_repo events 2015-09-15 18:41:48 -04:00
Joseph Schorr
fbfe7fdb54 Make change repo visibility and create repo raise a 402 when applicable
We now check the user or org's subscription plan and raise a 402 if the user attempts to create/make a repo private over their limit
2015-09-15 14:33:35 -04:00
Jake Moshenko
b56de3355c Migrate data back to Image in preparation for v2 2015-09-15 11:53:31 -04:00
Jake Moshenko
9c3ddf846f Some fixes and tests for v2 auth
Fixes #395
2015-09-10 15:38:57 -04:00
Joseph Schorr
fd3a21fba9 Add Kubernetes configuration provider which writes config to a secret
Fixes #145
2015-09-10 12:19:59 -04:00
Joseph Schorr
88a04441de Extract the config provider into its own sub-module 2015-09-10 12:19:59 -04:00
josephschorr
edef283697 Merge pull request #447 from coreos-inc/ronon
Add support for Dex to Quay
2015-09-10 11:42:01 -04:00
Jimmy Zelinskie
d55ab78fbe fix pagination of tags in API
Fixes #461.
2015-09-09 15:52:21 -04:00
Joseph Schorr
c0286d1ac3 Add support for Dex to Quay
Fixes #306

- Adds support for Dex as an OAuth external login provider
- Adds support for OIDC in general
- Extract out external logins on the JS side into a service
- Add a feature flag for disabling direct login
- Add support for directing to the single external login service
- Does *not* yet support the config in the superuser tool
2015-09-04 17:05:06 -04:00
Joseph Schorr
48cf33a8c1 Add missing superuser aggregate logs endpoint
Reference: d47d28ea4e/Screen-Shot-2015-09-04-at-11-04-41.png
2015-09-04 16:48:32 -04:00
Jake Moshenko
210ed7cf02 Merge remote-tracking branch 'upstream/master' into python-registry-v2 2015-09-04 16:32:01 -04:00
Jake Moshenko
8269d4ac90 Checkpoint implementing PATCH according to Docker 2015-09-03 16:26:02 -04:00
Joseph Schorr
42dba8655c Fix auth and add V2 tests! 2015-09-03 12:21:21 -04:00
Matt Jibson
a821ad2b01 Return an error on failed S3 uploads
The previous change to this file didn't raise the error up to stream_write,
and so the complete_upload function still ran because the loop was only
broken. It errored because the data was already canceled. This is better
than what we had before, which was to silently fail but report success
(even internally to ourselves!) on bad image upload.

This means we discovered a bug where a user could have failed during image
upload, but quay would write that image to the repository, potentially
writing broken images to S3.
2015-09-01 15:53:32 -04:00
josephschorr
62ea4a6cf4 Merge pull request #191 from coreos-inc/carmen
Add automatic storage replication
2015-09-01 15:04:36 -04:00
Joseph Schorr
724b1607d7 Add automatic storage replication
Adds a worker to automatically replicate data between storages and update the database accordingly
2015-09-01 14:53:32 -04:00
Joseph Schorr
51c507d02d Add back the ability to retrieve information for an org member directly
Fixes #427
2015-08-31 16:45:24 -04:00
Jake Moshenko
398202e6fc Implement some new methods on the storage engines. 2015-08-27 11:29:19 -04:00
josephschorr
4fa37a46d1 Merge pull request #408 from coreos-inc/python-registry-v2-notfun
Change to return a proper manifest URL
2015-08-26 16:17:25 -04:00
josephschorr
9d1296da38 Merge pull request #407 from coreos-inc/python-registry-v2-pushevent
Spawn the repo_push event in V2
2015-08-26 16:13:02 -04:00
Joseph Schorr
9842857b89 Change to return a proper manifest URL 2015-08-26 14:14:59 -04:00
Joseph Schorr
aa90caa97e Spawn the repo_push event in V2
Fixes #403
2015-08-25 16:02:21 -04:00
Joseph Schorr
84458811d5 Rename wrap_with_hash to a more generic wrap_with_handler 2015-08-25 15:53:13 -04:00
Joseph Schorr
767be0798f Fix V1 tests due to a typo
Fixes #397
2015-08-25 14:31:25 -04:00
Joseph Schorr
31fdb94436 Enable rate limiting of V2 requests 2015-08-25 14:18:34 -04:00
Joseph Schorr
f2252f0726 Add a temporary multiplier for the Docker size -> uncompressed size 2015-08-25 13:49:36 -04:00
Joseph Schorr
1450b7e84c Fix verbs support in V2 2015-08-24 12:05:09 -04:00
Joseph Schorr
cf030e2a98 Save the compressed image size on blob upload completion 2015-08-24 12:05:09 -04:00
Joseph Schorr
d246e68e68 Move shared V1/V2 code into common methods and fix verbs 2015-08-24 12:05:09 -04:00
Joseph Schorr
0e93dbb832 Fix image API for V2 images 2015-08-24 12:05:09 -04:00
Jake Moshenko
b998eca8e5 Fix the tests for registry v2 changes. 2015-08-24 11:59:12 -04:00
josephschorr
b8bfed915d Merge pull request #382 from coreos-inc/manytags
Limit the number of branches and tags loaded to 30
2015-08-21 14:36:43 -04:00
Joseph Schorr
b6502d9302 Limit the number of branches and tags loaded to 30
Fixes #380
2015-08-21 14:07:20 -04:00
Matt Jibson
2ea784cd6d Send SSL client certs on webhook notifications
This allows clients that provide a HTTPS webook endpoint a way to verify
that the source of the notification came from quay.io. Needed for the
kubernetes auto deployer so it can verify the request. And apparently
others have also wanted this.
2015-08-19 13:53:34 -04:00
Joseph Schorr
dead054b43 Fix image API for V2 images 2015-08-19 13:35:47 -04:00
Jimmy Zelinskie
523dc912f7 Merge pull request #372 from coreos-inc/notifyui
Better notifications UI
2015-08-17 17:13:24 -04:00
Jimmy Zelinskie
239f76d39f Merge pull request #368 from coreos-inc/buildarchive
Allow builds to be started with an external archive URL
2015-08-17 17:09:14 -04:00
Joseph Schorr
84276ee945 Better notifications UI
Fixes #369
2015-08-17 17:08:58 -04:00
Joseph Schorr
f092c00621 Allow builds to be started with an external archive URL
Fixes #114
2015-08-17 17:01:49 -04:00
Jake Moshenko
2fd1d5969e Merge pull request #351 from mjibson/more-metrics
More metrics
2015-08-17 13:09:08 -04:00
Joseph Schorr
bc4e07343e Fix PATCH semantics due to recent API changes 2015-08-13 15:35:37 -04:00
Joseph Schorr
f50ea3329a Fix URL scheme on the authenticate header 2015-08-13 14:44:42 -04:00
Joseph Schorr
17d3bed835 Fix small NPE in BB trigger code 2015-08-13 12:28:48 -04:00
Jake Moshenko
e1b3e9e6ae Another huge batch of registry v2 changes
Add patch support and resumeable sha
Implement all actual registry methods
Add a simple database generation option
2015-08-12 16:41:12 -04:00
Matt Jibson
b483209862 Wrap API and registry requests with common metric timings
Record response times, codes, and rollup non-2XX responses.
2015-08-12 12:16:00 -04:00
Joseph Schorr
09bb98f161 Really fix the build trigger schema and add a test for it 2015-08-11 17:17:18 -04:00
Jimmy Zelinskie
7d6c6ba8e8 Merge pull request #316 from jzelinskie/read-tags
tag history requires READ instead of WRITE
2015-08-07 13:26:04 -04:00
Joseph Schorr
7ea4c7d17e Add missing JSON schema for 'refs' and 'branch_name'
Fixes #325
2015-08-07 13:01:49 -04:00
Joseph Schorr
aab8866345 Fix accidental rename of key 2015-08-06 13:21:52 -04:00
Joseph Schorr
ea25538646 MySQL and Postgres complain about the group by, so calculate dates ourselves 2015-08-06 12:52:55 -04:00
Joseph Schorr
d34afde954 Fix logs view and API
- We needed to use an engine-agnostic way to extract the days
- Joining with the LogEntryKind table has *horrible* performance in MySQL, so do it ourselves
- Limit to 50 logs per page
2015-08-05 17:47:03 -04:00
Jimmy Zelinskie
411d4e7abb tag history requires READ instead of WRITE
Fixes #315.
2015-08-05 17:09:34 -04:00
Jake Moshenko
65f982577d Merge pull request #289 from coreos-inc/swaggerfix
Fix swagger errors
2015-08-04 10:23:05 -04:00
Jimmy Zelinskie
b5b6076b4a Merge pull request #303 from coreos-inc/docsearch
Add documentation search to the main search bar
2015-08-03 17:19:48 -04:00
Joseph Schorr
8a8955d234 Add documentation search to the main search bar 2015-08-03 17:15:53 -04:00
josephschorr
f772bd0c9e Merge pull request #300 from coreos-inc/toomanyutils
Refactor the util directory to use subpackages.
2015-08-03 16:18:55 -04:00
Jake Moshenko
18100be481 Refactor the util directory to use subpackages. 2015-08-03 16:04:19 -04:00
Jimmy Zelinskie
8e6a0fbbee Merge pull request #294 from coreos-inc/logsload
Switch to using an aggregated logs query and infinite scrolling
2015-08-03 14:52:04 -04:00
Joseph Schorr
5c1d195a19 Fix swagger errors
Fixes #287
2015-08-03 14:10:15 -04:00
Joseph Schorr
3d6c92901c Switch to using an aggregated logs query and infinite scrolling
This should allow users to work with large logs set.

Fixes #294
2015-07-31 16:38:02 -04:00
Joseph Schorr
4160b720f9 UI and API improvements for working with large repositories
- Change the tag check bar to only select the current page (by default), but allow for selecting ALL tags
- Limit the number of tags compared in the visualization view to 10
- Fix the multiselect dropdown to limit itself to 10 items selected
- Remove saving the selected tags in the URL, as it is too slow and overloads the URLs in Chrome when there are 1000+ tags selected
- Change the images API to not return locations: By skipping the extra join and looping, it made the /images API call 10x faster (in hand tests)

Fixes #292
Fixes #293
2015-07-31 16:31:29 -04:00
Joseph Schorr
a916177c16 Fix broken imports 2015-07-29 18:28:58 -04:00
Joseph Schorr
572d6ba53c Fix broken tests 2015-07-29 14:21:29 -04:00
Joseph Schorr
11c7994398 Fix 500 on logout 2015-07-28 15:47:04 -04:00
Joseph Schorr
80e2739b41 Manually load GHE org repos if none returned by default
Fixes #276
2015-07-28 14:01:22 -04:00
Joseph Schorr
5d243bb45f Fix potential NPE 2015-07-24 12:12:30 -04:00
Joseph Schorr
c3f269ee23 Add migration for BitBucket web hooks
This needs to added only *after* we roll out #255
2015-07-23 14:45:12 -04:00
Joseph Schorr
f6311b09fe Fix NPE in BitBucket V2 handling code 2015-07-23 14:06:35 -04:00
Jimmy Zelinskie
fee8bf8607 Merge pull request #255 from coreos-inc/betterbb
Change to use the new BitBucket webhooks
2015-07-23 13:36:07 -04:00
Joseph Schorr
3c6f13da56 Change to use the new BitBucket webhooks
BitBucket has deprecated services (which will be removed in approx 6 months), and they don't even really work all that well anyway.

Fixes #251
2015-07-23 12:09:17 -04:00
Jimmy Zelinskie
2c29dc048d Merge pull request #260 from coreos-inc/githubfix
GitHub api now returns ALL the visible repositories for user
2015-07-22 13:53:58 -04:00
Joseph Schorr
69ca34161c GitHub api now returns ALL the visible repositories for user
Change the code to simply filter the single list returned, rather than reloading the org repos again
2015-07-22 13:50:46 -04:00
Joseph Schorr
687bab1c05 Support invite codes for verification of email
Also changes the system so we don't apply the invite until it is called explicitly from the frontend

Fixes #241
2015-07-22 13:41:27 -04:00
Jake Moshenko
5d86fa80e7 Merge pull request #197 from coreos-inc/keystone
Add Keystone Auth
2015-07-22 13:38:47 -04:00
Joseph Schorr
38a6b3621c Automatically link the superuser account to federated service for auth
When the user commits the configuration, if they have chosen a non-DB auth system, we now auto-link the superuser account to that auth system, to ensure they can login again after restart.
2015-07-22 13:37:23 -04:00
Joseph Schorr
a0c4e72f13 Clean up the repository list API and loads stars with it
We load stars with the same list API now so that we get the extra metadata needed in the repo list (popularity and last modified)
2015-07-22 13:05:02 -04:00
Joseph Schorr
a397bb7af6 Update to new-style format 2015-07-21 15:39:23 -04:00
Joseph Schorr
60b05a0493 Fix string concats
Issue found here: https://app.getsentry.com/quayio/production/group/72831901/
2015-07-21 15:04:50 -04:00
Joseph Schorr
5f2729f41f Fix logic bug in param check 2015-07-20 17:04:06 -04:00
Jake Moshenko
679044574a Merge pull request #231 from coreos-inc/smallfix
Small API fixes
2015-07-20 13:45:24 -04:00
Joseph Schorr
33b54218cc Refactor the users class into their own files, add a common base class for federated users and add a verify_credentials method which only does the verification, without the linking. We use this in the superuser verification pass 2015-07-20 11:39:59 -04:00
Jake Moshenko
f2508fb48a Have the auth realm url computed based on the request url. 2015-07-17 11:56:15 -04:00
Jake Moshenko
bc29561f8f Fix and templatize the logic for external JWT AuthN and registry v2 Auth.
Make it explicit that the registry-v2 stuff is not ready for prime time.
2015-07-17 11:56:15 -04:00
Jake Moshenko
3efaa255e8 Accidental refactor, split out legacy.py into separate sumodules and update all call sites. 2015-07-17 11:56:15 -04:00
Jake Moshenko
bea8b9ac53 More changes for registry-v2 in python.
Implement the minimal changes to the local filesystem storage driver and feed them through the distributed storage driver.
Create a digest package which contains digest_tools and checksums.
Fix the tests to use the new v1 endpoint locations.
Fix repository.delete_instance to properly filter the generated queries to avoid most subquery deletes, but still generate them when not explicitly filtered.
2015-07-17 11:50:41 -04:00
Jake Moshenko
acbcc2e206 Start of a v2 API. 2015-07-17 11:50:41 -04:00
Joseph Schorr
7a548ea101 Fix queries for repository list popularity and action count
Before this change, we used extremely inefficient outer joins as part of a single query of lookup, which was spiking our CPU usage to nearly 100% on the query. We now issue two separate queries for popularity and action account, by doing a lookup of the previously found IDs. Interestingly enough, because of the way the queries are now written, MySQL can actually do both queries *directly from the indicies*, which means they each occur in approx 20ms!

Verified by local tests, postgres tests, and testing on staging with monitoring of our CPU usage during lookup
2015-07-17 00:08:27 +03:00
Jake Moshenko
c64e490059 Merge pull request #136 from coreos-inc/syslogviewfix
Fix logs view in superuser panel
2015-07-15 18:22:23 -04:00
Jake Moshenko
f5ee7a6697 Make the scopes dynamic based on app config. 2015-07-15 18:13:15 -04:00
Joseph Schorr
f6a9afce90 Change abort to NotFound so it is properly formatted into JSON 2015-07-14 11:34:45 +03:00
Joseph Schorr
e04c22867c Switch logs to use a single comprehension 2015-07-13 12:45:08 +03:00
Joseph Schorr
3a59c99b08 Add a secondary tab to Teams for managing org members
Also adds the ability to completely remove a user from an organization (repo permissions and teams), in a single click

Fixes #212
2015-07-02 17:06:36 +03:00
josephschorr
cb238f8764 Merge pull request #207 from coreos-inc/squashperm
Have the fetch tag dialog show a warning for robot accounts without access
2015-07-02 10:23:14 +03:00
Jake Moshenko
ba067048d8 Merge pull request #203 from coreos-inc/encpass
Add encrypted password output in the superuser API
2015-07-01 12:40:05 -04:00
Joseph Schorr
b535e222b8 Have the fetch tag dialog show a warning for robot accounts without access
Before this change, we'd show the squash pulling command with the proper credentials, but it then 403s on the end user.
2015-07-01 19:37:52 +03:00
Joseph Schorr
b91b60e83d Add encrypted password output in the superuser API
When creating a user or changing their password, we now also return an encrypted form of the password, so API callers can pass it along
2015-07-01 19:29:42 +03:00
Joseph Schorr
f06fed32b8 Fix build ID key on build queued event 2015-07-01 17:48:43 +03:00
josephschorr
7aeaf2344e Merge pull request #200 from coreos-inc/tagapilimit
Add pagination support to tag history API
2015-06-30 22:09:09 +03:00
Jake Moshenko
411ddceee0 Merge pull request #195 from coreos-inc/tidy
Delete all the old UI code and branches for new UI
2015-06-30 14:34:43 -04:00
Joseph Schorr
f7f10f4a6d Add pagination support to tag history API
Fixes #198
2015-06-30 19:44:43 +03:00
Joseph Schorr
87efcb9e3d Delegated superuser API access
Add a new scope for SUPERUSER that allows delegated access to the superuser endpoints. CA needs this so they can programmatically create and remove users.
2015-06-30 11:08:26 +03:00
Joseph Schorr
81bb76d3df Fix spelling mistakes 2015-06-29 21:38:01 +03:00
Joseph Schorr
2b1bbcb579 Add a table view to the repos list page
Fixes #104
2015-06-29 21:12:53 +03:00
Jimmy Zelinskie
756d6784ca Merge pull request #192 from coreos-inc/sqlssl
Allow SSL cert for the database to be configured
2015-06-29 13:33:31 -04:00
Jake Moshenko
6e6b3c675f Merge pull request #28 from coreos-inc/swagger2
Switch to Swagger v2
2015-06-29 12:18:10 -04:00
Joseph Schorr
dc5af7496c Allow superusers to disable user accounts 2015-06-29 18:40:52 +03:00
Jimmy Zelinskie
442cbed087 Merge pull request #186 from coreos-inc/changelog
Remove container usage tab and replace with changlog view
2015-06-29 10:06:07 -04:00
Joseph Schorr
33039e9bc4 New layout cleanup: Remove second GH trigger path 2015-06-29 12:18:21 +03:00
Joseph Schorr
b8c74bbb17 Remove container usage tab and replace with changlog view
Fixes #179
2015-06-29 11:07:46 +03:00
Joseph Schorr
bb07d0965f Allow SSL cert for the database to be configured
This change adds a field for the SSL cert for the database in the setup tool. Fixes #89
2015-06-29 08:08:10 +03:00
Joseph Schorr
cd5cb4b767 NPE fix 2015-06-28 10:44:58 +03:00
Joseph Schorr
07439328a4 Remove user_exists endpoint from all auth systems 2015-06-23 17:33:51 -04:00
Jake Moshenko
ccebba8f51 Clean up headers and whitespace. 2015-06-23 17:10:03 -04:00
Joseph Schorr
9887c9c163 Remove ability to create Quay users from the Docker CLI 2015-06-22 17:12:05 -04:00
Jimmy Zelinskie
66450d4810 Merge pull request #152 from coreos-inc/branchtag
Allow manual triggering of both branches and tags
2015-06-22 15:37:03 -04:00
Joseph Schorr
ce6474c6b5 Robots API for users should not be internal-only 2015-06-22 15:14:10 -04:00
Joseph Schorr
3fb2a33ee7 Fix the API service to use the new Swagger description form 2015-06-22 15:13:26 -04:00
Joseph Schorr
143036be9c Allow manual triggering of both branches and tags
Fixes #100
2015-06-19 14:38:26 -04:00
Joseph Schorr
2c46665415 Optimize the generate_headers check to skip the permissions load when we don't need it 2015-06-19 14:02:51 -04:00
Joseph Schorr
ec22bc0662 Raise a proper deactivation exception on bad credentials 2015-06-19 13:05:42 -04:00
Jimmy Zelinskie
82287926ab Merge pull request #140 from coreos-inc/eventinfo
Add more build information to the events and have better messaging
2015-06-17 16:49:59 -04:00
Jake Moshenko
34c06b0932 Merge pull request #133 from coreos-inc/alembichealth
Add health check endpoint to verify that the locally running DB revis…
2015-06-17 15:04:19 -04:00
Joseph Schorr
fe70139daa Allow GitHub triggers to be removed if OAuth token is invalid 2015-06-17 13:25:01 -04:00
Joseph Schorr
9b974f6b80 Add more build information to the events and have better messaging
Fixes #79
2015-06-16 23:16:36 -04:00
Joseph Schorr
7b94e37c95 Clarify why we use features.BILLING as the feature flag on the route 2015-06-16 17:43:02 -04:00
Joseph Schorr
48ee4671a7 Some additional fixes when testing this branch 2015-06-16 15:46:58 -04:00
Joseph Schorr
91c829bd14 Merge branch 'master' into gitfix 2015-06-16 15:18:24 -04:00
Joseph Schorr
33b31a2451 Fix logs view in superuser panel
This seems to have been broken ever since we moved to syslog
2015-06-15 20:55:23 -04:00
Joseph Schorr
6e0dc1df08 Add health check endpoint to verify that the locally running DB revision matches that of the database
Fixes #132
2015-06-15 15:55:30 -04:00
Jake Moshenko
860c7faf61 Merge pull request #127 from coreos-inc/vatotax
Add support for custom fields in billing invoices
2015-06-12 16:51:46 -04:00
Joseph Schorr
e7fa560787 Add support for custom fields in billing invoices
Customers (especially in Europe) need the ability to add Tax IDs, VAT IDs, and other custom fields to their invoices.

Fixes #106
2015-06-12 16:45:01 -04:00
Joseph Schorr
da120a1ef2 Handle the case where GH auth fails on a trigger request
Fixes #124
2015-06-12 16:34:13 -04:00
Joseph Schorr
88aa5a0830 Switch BitBucket code to always use the latest commit
Before this change, we'd use the first commit, which could be incorrect if there are multiple commits in a single push

Fixes #99
2015-06-11 14:12:01 -04:00
Joseph Schorr
44f49a43dd Fix creation of repositories when having a creator permission
This fixes the grants on a user's session when creating a repository with only the creator permission

Fixes #117
2015-06-10 16:12:42 -04:00
Jake Moshenko
e09d84b3c8 Merge pull request #55 from coreos-inc/oauthdeny
Fix OAuth redirect for denial action when generating for internal tokens
2015-06-05 14:00:16 -04:00
Jake Moshenko
2a2414d6af Merge pull request #60 from coreos-inc/jwtauthentication
Add support for an external JWT-based authentication system
2015-06-05 13:37:42 -04:00
Joseph Schorr
8aac3fd86e Add support for an external JWT-based authentication system
This authentication system hits two HTTP endpoints to check and verify the existence of users:

Existance endpoint:
GET http://endpoint/ with Authorization: Basic (username:) =>
    Returns 200 if the username/email exists, 4** otherwise

Verification endpoint:
GET http://endpoint/ with Authorization: Basic (username:password) =>
    Returns 200 and a signed JWT with the user's username and email address if the username+password validates, 4** otherwise with the body containing an optional error message

The JWT produced by the endpoint must be issued with an issuer matching that configured in the config.yaml, and the audience must be "quay.io/jwtauthn". The JWT is signed using a private key and then validated on the Quay.io side with the associated public key, found as "jwt-authn.cert" in the conf/stack directory.
2015-06-05 13:20:10 -04:00
josephschorr
63f289a8cb Merge pull request #59 from jzelinskie/custom-git-fix
triggers: metadata.commit_sha -> metadata.commit
2015-06-02 16:10:26 -04:00
Joseph Schorr
477a3fdcdc Add a test to verify that all important blueprints have all their methods decorated
This ensures that we don't accidentally add a blueprint method without either explicitly blacklisting or whitelisting anonymous access
2015-06-02 15:56:44 -04:00
Jimmy Zelinskie
e01bdd4ab0 triggers: metadata.commit_sha -> metadata.commit
This resolves an issue where the custom-git trigger's public facing
schema was not the same as the internal metadata schema. Instead of
breaking users, we rework the internal metadata schema to be the same as
the custom-git JSON schema. This commit also updates everything that
used `metadata.commit_sha` including the test database.
2015-06-02 15:32:28 -04:00
Joseph Schorr
075c75d031 Change to always granting a signed token if there is a valid user OR if there is valid permissions on a repository
This fixes the issue whereby attempting to pull a public repository as an authenticated user with anonymous access disabled caused an unexpected 401. This change also adds tests for a few other use cases to verify we haven't broken anything.
2015-06-02 15:16:22 -04:00
Joseph Schorr
c0e995c1d4 Merge branch 'master' into nolurk 2015-06-02 13:55:16 -04:00
Jake Moshenko
42da017d69 Merge pull request #48 from coreos-inc/nobots
Change API calls that expect non-robots to explicitly filter
2015-06-02 12:31:19 -04:00
Joseph Schorr
5516911de9 Fix OAuth redirect for denial action when generating for internal tokens 2015-06-02 12:25:59 -04:00
Joseph Schorr
25ee46f5a2 Fix bitbucket triggers when the branch tag filter removes all branches 2015-06-01 15:35:59 -04:00
Joseph Schorr
fdd43e2490 Change API calls that expect non-robots to explicitly filter
Before this change, we'd filter in the UI but calls to the API could allow robots accounts where we only expect real users
2015-05-26 17:47:33 -04:00
Joseph Schorr
b3ea4ecaa2 Remove unneeded mime type set; jsonify does this for us 2015-05-26 17:30:10 -04:00
Joseph Schorr
9888c3ad9b Add an endpoint for downloading the logs of a build. 2015-05-26 17:24:18 -04:00
Joseph Schorr
ecabf086ea Add missing newline at end of decorators.py 2015-05-26 16:48:59 -04:00
Joseph Schorr
374d1d7e89 Fix case where the auth token was not written properly for BitBucket 2015-05-26 13:40:21 -04:00
Joseph Schorr
855f3a3e4d Have the verifyUser endpoint use the same confirm_existing_user method
This will prevent us from encountering the same problem as the generated encrypted password issue when using LDAP
2015-05-22 16:26:26 -04:00
Joseph Schorr
b0d763b5ff Fix encrypted password generator to use the LDAP username, not the Quay username.
Currently, we use the Quay username via `verify_user` when we go to create the encrypted password. This is only correct if Quay has not generated its own different username for the LDAP user, and fails if it has. We therefore add a new method `confirm_existing_user`, which looks up the federated login for the LDAP user and then runs the auth flow using that username.
2015-05-20 16:37:09 -04:00
Jimmy Zelinskie
7bed404302 Merge pull request #33 from coreos-inc/branchregex
Add some more debug logging around bitbucket triggers and add some te…
2015-05-20 14:22:33 -04:00
Joseph Schorr
eb773e40a2 Add some more debug logging around bitbucket triggers and add some tests to verify we properly handle trigger branch filters 2015-05-20 14:18:12 -04:00
Jimmy Zelinskie
fe3f0dc10b custom-git: accept commit SHAs 7+ chars in length 2015-05-20 12:53:43 -04:00
Joseph Schorr
54992c23b7 Add a feature flag for disabling unauthenticated access to the registry in its entirety. 2015-05-19 17:52:44 -04:00
Joseph Schorr
2379af71f8 Parse the client secret properly 2015-05-18 15:01:37 -04:00
Joseph Schorr
fb8e718c44 Fix OAuth 2 handler to support retrieving parameters from other places; various OAuth client (such as the Go library) send the values in the request body or even the Auth header 2015-05-18 12:38:39 -04:00
Joseph Schorr
0bc1c29dff Switch the Python side to Swagger v2 2015-05-14 16:47:38 -04:00
Joseph Schorr
28bd9af4ff Fix tutorial 2015-05-13 14:55:39 -04:00
Joseph Schorr
0e86fc80ca Fix bitbucket trigger to use the specified branch name before the default branch 2015-05-13 13:55:44 -04:00
Joseph Schorr
3e1abba284 Add ability for super users to rename and delete organizations 2015-05-11 18:03:25 -04:00
Joseph Schorr
1c41d34b7c Add ability for superusers to change user emails 2015-05-11 14:38:10 -04:00
Joseph Schorr
de6267700e Fix bugs with the custom git trigger and make error reporting better 2015-05-10 13:38:47 -04:00
Joseph Schorr
f858caf6cd Only return the team and repo permissions when listing robots when we absolutely need them. 2015-05-08 16:43:07 -04:00
Joseph Schorr
c767aafcd6 Make the repository API faster by only checking the log entries table once for each kind of entry, rather than twice. We make use of a special subquery-like syntax, which allows us to count those entries that are both 30 days only and 1 day old in the same query. This was tested successfully on MySQL, Postgres and Sqlite. 2015-05-07 22:49:11 -04:00
Joseph Schorr
3627de103c Minimize the queries used when retrieve builds. Previously, we'd call out to SQL extra times per build. 2015-05-07 21:11:15 -04:00
Joseph Schorr
8eb9c376cd Add constructors for the QuayDeferredPermissionUser so that we can avoid extraneous DB lookups of the user whenever we already have the object 2015-05-07 15:04:12 -04:00
Joseph Schorr
a46d367276 Remove unneeded repo filter 2015-05-06 20:55:17 -04:00
Joseph Schorr
e647d91e8b Switch the repos page to use a single API call, rather than one per namespace + one for star repos 2015-05-06 19:15:03 -04:00
Joseph Schorr
2d83e5c7e7 Change to using the SSH url; git urls cannot be used with private repos on GitHub 2015-05-06 12:23:46 -07:00
Joseph Schorr
65d0332176 Skip bitbucket trigger if there is no commit branch and no commit tag 2015-05-05 09:40:23 -07:00
Joseph Schorr
df2883bfb6 Fix variable access error 2015-05-03 18:15:11 -07:00
Joseph Schorr
ff89cc9f1d Fix key issue in gitlab 2015-05-03 18:08:14 -07:00
Jimmy Zelinskie
b3bf947af5 gitlab: consistent commit for _prepare_build 2015-05-03 17:58:30 -07:00
Joseph Schorr
0b990677a0 More code cleanup and fix bug around can_admin in the trigger_view 2015-05-03 11:02:05 -07:00
Joseph Schorr
d07f9f04e9 UI and code improvements to make working with the multiple SCMs easier 2015-05-03 10:38:11 -07:00
Joseph Schorr
f091aaa07e Get basic support for GitLab working in the UI 2015-05-03 09:58:48 -07:00
Joseph Schorr
e3aededcbc Merge branch 'master' into gitlab 2015-05-03 12:13:09 -04:00
Jimmy Zelinskie
3ac884beb4 gitlab oauth 2015-05-02 17:54:48 -04:00
Jimmy Zelinskie
7426a540dd initial gitlab angular stuff 2015-05-02 13:31:54 -04:00
Jimmy Zelinskie
d21fbb1204 endpoints.trigger: address gitlab PR comments 2015-05-01 23:35:54 -04:00
Jimmy Zelinskie
ae83da75ce endpoints.trigger: initial gitlab handler 2015-05-01 20:30:55 -04:00
Joseph Schorr
b8785dfc04 Fix github login to use the github auth endpoint 2015-05-01 12:58:50 -04:00
Joseph Schorr
c14368fc66 Fix typo 2015-04-30 16:47:16 -04:00
Joseph Schorr
b96e35b28c Merge master into bitbucket 2015-04-30 15:52:08 -04:00
Joseph Schorr
b7317f894b UI fixes for all the new trigger stuff 2015-04-30 15:33:19 -04:00
Jimmy Zelinskie
ded28f6b30 redirect ac-discovery=1 to the index
This is a temp fix because rkt doesn't follow redirects.
2015-04-30 13:03:50 -04:00
Joseph Schorr
60036927c9 Really disallow usage of the same account for an org as the one being converted. Before, you could do so via email. 2015-04-29 20:30:37 -04:00
Joseph Schorr
d5c70878c5 Get build preparation working for bitbucket and do a lot of code cleanup around this process across all the triggers. Note: tests are not yet updated. 2015-04-29 17:04:52 -04:00
Jimmy Zelinskie
edd0ba4cdb endpoints.verbs: 202 for unfinished aci sigs 2015-04-29 15:33:20 -04:00
Joseph Schorr
6479f8ddc9 Work In Progress!
Get the full activation and deactivation cycle working for bitbucket.
2015-04-28 18:15:12 -04:00
Joseph Schorr
5cc91ed202 Work in progress: bitbucket support 2015-04-24 18:36:48 -04:00
Joseph Schorr
01698e8d16 Fix OAuth 500 error 2015-04-24 16:42:31 -04:00
Joseph Schorr
c480fb2105 Work in progress: bitbucket support 2015-04-24 15:13:08 -04:00
Jimmy Zelinskie
852aa33101 endpoints.trigger: activate: ret private config 2015-04-23 18:16:09 -04:00
Jimmy Zelinskie
2a13eade80 Merge pull request #22 from coreos-inc/git
git's a pretty cool guy
2015-04-23 17:33:36 -04:00
Jimmy Zelinskie
aa1658f0c7 endpoints.trigger: more logical comment blocks 2015-04-23 14:02:05 -04:00
Jimmy Zelinskie
07b730c7ad generic trigger credentials 2015-04-22 17:07:16 -04:00
Joseph Schorr
d6a1493d52 Fix build logs on Safari by having the client JS handle the redirect manually, rather than the browser itself; Safari doesn't support 302 redirects to another domain inside an XHR. 2015-04-22 15:16:59 -04:00
Jimmy Zelinskie
cfcd636cc0 only send build config to admins 2015-04-22 14:30:06 -04:00
Jimmy Zelinskie
9703850e8f enforce short SHAs throughout build pipeline 2015-04-22 13:22:04 -04:00
Jimmy Zelinskie
133ed7190e trigger: validate that the commit is a short SHA 2015-04-22 11:24:04 -04:00
Jimmy Zelinskie
02498d72ba almost all PR discussion fixes 2015-04-21 18:04:25 -04:00
Joseph Schorr
f1ea20315a Finish mobilification of org view 2015-04-20 14:00:10 -04:00
Joseph Schorr
62770674d4 Switch to a 0.5 modifier 2015-04-20 13:00:56 -04:00
Joseph Schorr
ae55b8dd0e Make the search action not return scores of zero if there is no character matching 2015-04-20 13:00:38 -04:00
Joseph Schorr
16e05e83b1 Score based on the robot short name 2015-04-20 12:51:47 -04:00
Jimmy Zelinskie
93cd459460 Merge branch 'master' into git 2015-04-20 10:58:49 -04:00
Joseph Schorr
d1e2d072ea Add unit tests and a stronger restriction on the revert API call 2015-04-19 15:43:16 -04:00
josephschorr
56b5d7ddfb Merge pull request #21 from coreos-inc/greatscott
Working time machine
2015-04-19 15:16:09 -04:00
Jimmy Zelinskie
ba2cb08904 Merge branch 'master' into git 2015-04-16 17:38:35 -04:00
Joseph Schorr
f19d2f684e Add ability to revert tags via time machine 2015-04-16 17:18:00 -04:00
Joseph Schorr
3cd11c8f45 GitHub login fixes:
- Allow for case insensitivity in the org name list
  - Remove the check for verified email addresses when under Enterprise; it isn't supported there.
2015-04-16 12:17:39 -04:00
Jimmy Zelinskie
2236270741 add webhook URL to custom trigger dialog 2015-04-16 12:06:48 -04:00
Jimmy Zelinskie
0c3becd204 endpoints.api.trigger: clarify token->write_token 2015-04-16 12:06:05 -04:00
Jimmy Zelinskie
3798c5f377 trigger: return non-json metadata 2015-04-15 17:02:53 -04:00
Jimmy Zelinskie
bd57c6a8fb trigger: custom git payload JSON schema 2015-04-15 16:52:46 -04:00
Joseph Schorr
f8c80f7d11 Add a history view to the tags page. Next step will add the ability to revert back in time 2015-04-15 15:21:09 -04:00
Joseph Schorr
703f48f194 Add auto-redirect to user and org pages for the new layout 2015-04-10 15:35:23 -04:00
Joseph Schorr
1df025b57e Change search to use a set of queries for repo lookup rather than a single monolithic query, in the hopes that this will make things significantly faster and actually useable. The individual queries have been tested by hand on MySQL, but the real test will be staging 2015-04-10 15:27:37 -04:00
Joseph Schorr
0be0aed17d Move the repo sorting by pull count into the main matching query, to both make it more accurate and make the search faster 2015-04-09 14:41:59 -04:00
Joseph Schorr
396cba64e6 Fix search to return better results by searching for robots and namespaces in different queries. 2015-04-09 12:57:20 -04:00
Joseph Schorr
4f4bb05621 Fix search SQL issues 2015-04-08 17:41:08 -04:00
Jimmy Zelinskie
ed88e76843 custom trigger: tag with git sha 2015-04-08 16:56:47 -04:00
Joseph Schorr
19e25ac340 Merge branch 'master' into bing 2015-04-08 15:23:36 -04:00
Joseph Schorr
d09f2f6e22 Get the new context-sensitive new menu working 2015-04-07 18:33:43 -04:00
Joseph Schorr
40a6892a49 Add search tests 2015-04-07 14:05:12 -04:00
Joseph Schorr
1b56567268 Make sure also include teams from organizations that the user admins 2015-04-07 13:45:49 -04:00
Joseph Schorr
a34d56045f Add scoring based on the string distance 2015-04-07 12:32:23 -04:00
Joseph Schorr
951b0cbab8 Start on new interactive search 2015-04-06 19:17:18 -04:00
Jimmy Zelinskie
c8b931609e unsupported alert for robot selection 2015-04-06 14:53:54 -04:00
Jimmy Zelinskie
d0f5808a62 trigger: fix custom tags 2015-04-03 17:20:30 -04:00
Jimmy Zelinskie
f782764ba5 trigger: add commit_sha to json schema 2015-04-03 17:20:30 -04:00
Joseph Schorr
4cb7921c3a Make sure to show public repos on the user and orgs pages 2015-04-03 14:55:09 -04:00
Joseph Schorr
094f91fb8b Fix the tutorial's user events 2015-04-03 12:13:33 -04:00
Joseph Schorr
036c8e56e0 Add proper error handling when the config volume is mounted in a read-only state. 2015-04-02 18:54:09 -04:00
Joseph Schorr
f67eeee8c8 Start conversion of the user admin/view 2015-04-02 16:34:41 -04:00
Joseph Schorr
5fc8e632d6 Redo the permissions table to have different sections for users and robot accounts 2015-04-01 14:23:39 -04:00
Joseph Schorr
5cd500257d Merge branch 'master' into orgview 2015-04-01 13:56:49 -04:00
Joseph Schorr
fde9666647 Add the team membership to the robots view 2015-04-01 13:56:30 -04:00
Joseph Schorr
1f5e6df678 - Fix tests
- Add new endpoints for retrieving the repo permissions for a robot account
- Have the robots list return the number of repositories for which there are permissions
- Other UI fixes
2015-03-31 18:50:43 -04:00
Joseph Schorr
9018cf14eb Better UI for the permissions table in the repository, as well as fix some other avatar issues 2015-03-31 14:36:09 -04:00
Joseph Schorr
27a9b84587 Switch avatars to be built out of CSS and only overlayed with the gravatar when a non-default exists 2015-03-30 17:55:04 -04:00
Jimmy Zelinskie
7d1d53ebcb custom trigger: initial setup wizard 2015-03-27 17:07:06 -04:00
Jimmy Zelinskie
fba61d96dc callbacks: add proper custom git callback 2015-03-27 11:22:07 -04:00
Joseph Schorr
384d6083c4 Make sure to conduct login after the password change now that the session will be invalidated for the user 2015-03-26 20:04:32 -04:00
Jimmy Zelinskie
998c6007cd trigger: initial custom git trigger 2015-03-26 16:20:53 -04:00
Joseph Schorr
aaf1b23e98 Address CL concerns and switch to a real encryption system 2015-03-26 15:10:58 -04:00
Joseph Schorr
e4b659f107 Add support for encrypted client tokens via basic auth (for the docker CLI) and a feature flag to disable normal passwords 2015-03-25 18:43:12 -04:00
Joseph Schorr
2459b6b467 Start on new org view 2015-03-25 15:31:05 -04:00
Jimmy Zelinskie
cd1b003ca6 buildcomponent: handle builds without resource_key 2015-03-23 15:46:23 -04:00
Joseph Schorr
85d6500daa Merge resistanceisfutile into master 2015-03-23 15:39:08 -04:00
Jimmy Zelinskie
d29c8d60c7 trigger: pass trigger into manual_start & handle_trigger_request 2015-03-23 12:14:47 -04:00
Joseph Schorr
049148cb87 Work in progress: new image view 2015-03-20 17:46:02 -04:00
Jimmy Zelinskie
b851986cf5 add git_url to metadata, add git to buildargs 2015-03-19 18:09:27 -04:00
Jimmy Zelinskie
f6f93e9079 consolidate everything into one GitHub trigger 2015-03-19 17:12:27 -04:00
Jimmy Zelinskie
80ae3fd310 trigger-service: specific callback URLs for GH-git 2015-03-19 15:13:03 -04:00
Jimmy Zelinskie
e1def540da endpoints.callbacks: add github-git service URL 2015-03-19 15:07:02 -04:00
Jimmy Zelinskie
89efb9f62c endpoints.trigger: rm unused import 2015-03-19 14:37:09 -04:00
Jimmy Zelinskie
e6a7156657 triggers: gen ssh keypair outside of activate()
This keeps the private key from ever being exposed to the client.
2015-03-19 14:31:01 -04:00
Jimmy Zelinskie
5a29218c5c Merge branch 'master' into git 2015-03-19 12:10:34 -04:00
Jimmy Zelinskie
e4ebfc95bb endpoints.trigger: reminder to rm keys from config 2015-03-19 12:05:49 -04:00
Jimmy Zelinskie
1594b92f71 endpoints: initial github trigger that uses keys 2015-03-18 17:33:43 -04:00
Joseph Schorr
ab2331a486 Performance improvements for the repo API and the new repo UI 2015-03-18 14:47:53 -04:00
Joseph Schorr
56be893d7e Fix Github Trigger handling when there is no committer 2015-03-17 16:54:18 -04:00
Joseph Schorr
699cb9a5da Fix last modified date time handling for tags with no date times, and fix the sort ordering 2015-03-17 16:49:22 -04:00
Joseph Schorr
3c305beeea Merge branch 'tagview' 2015-03-16 17:14:43 -04:00
Joseph Schorr
333e0acd6d Add the builds tab 2015-03-13 15:34:28 -07:00
Joseph Schorr
81c4513ec1 Add support for the new ACI signature extension 2015-03-10 17:26:00 -07:00
Joseph Schorr
002dc083f2 Get the main repo page design working 2015-03-10 17:22:46 -07:00
Joseph Schorr
afc8e95e19 Start on new tag view 2015-03-09 22:03:39 -07:00
Jimmy Zelinskie
2355ad8d74 trackhelper: add user-agent to analytics 2015-03-06 12:02:40 -05:00
Joseph Schorr
43ab838998 Merge branch 'newbuildview' 2015-03-05 16:17:29 -05:00
Joseph Schorr
86447c0a99 Merge branch 'master' into pagesnew 2015-03-05 14:22:10 -05:00
Joseph Schorr
2e840654d3 PR changes 2015-03-05 12:07:39 -05:00
Joseph Schorr
c47c9d6cb4 Don't send the full image list on the /images call, as Docker doesn't seem to be using it anyway 2015-03-04 16:36:32 -05:00
Joseph Schorr
4ca5d9b04b Add support for filtering github login by org 2015-03-03 19:58:42 -05:00
Jimmy Zelinskie
15e76d11f1 remove all pylint comments 2015-03-03 16:53:05 -05:00
Joseph Schorr
edafa26e6e Fix email confirmation for users created through the superuser API 2015-03-03 14:26:48 -05:00
Jake Moshenko
a37978c971 Move the user creation feature flag check to the user creation path of the user login post method. 2015-03-02 15:38:03 -05:00
Jimmy Zelinskie
9dd6e8e639 api/user: remove log_action comments for stars
It is not necessary to log the starring of repositories.
2015-03-02 13:25:58 -05:00
Joseph Schorr
e227d7e526 Start on the new build view 2015-02-26 17:45:28 -05:00
Jimmy Zelinskie
fb0d3d69c2 changes to reflect PR comments (not finished) 2015-02-24 17:50:54 -05:00
Joseph Schorr
b7901d2adb Add trigger metadata (which includes the SHA) and the built image_id to the event data 2015-02-24 15:13:51 -05:00
Jake Moshenko
204f58d95b Switch temporary token to grants now that the production stack supports both. 2015-02-24 13:22:19 -05:00
Jake Moshenko
6601e98770 Temporarily switch back to the old type of access tokens. 2015-02-24 12:09:14 -05:00
Jimmy Zelinskie
a9fe26fb56 api: fix bug in showing starred logic 2015-02-23 15:36:05 -05:00
Jimmy Zelinskie
3dbaafbd60 Merge branch 'pagesnew' into star 2015-02-23 15:07:49 -05:00
Jake Moshenko
450b112f2c Propagate the grant user context to the signed grant to fix image sharing. 2015-02-23 15:07:38 -05:00
Joseph Schorr
83d25d8c2b Add a page for toggling the cookie used for the new layout experiment 2015-02-23 14:48:33 -05:00
Jimmy Zelinskie
35a2414d85 tests: star security tests 2015-02-23 14:23:32 -05:00
Joseph Schorr
5f605b7cc8 Fix queue handling to remove the dependency from repobuild, and have a cancel method 2015-02-23 13:38:01 -05:00
Jimmy Zelinskie
3780434279 endpoints.api.user: require useradmin for star ops 2015-02-19 17:03:36 -05:00
Jake Moshenko
78c8354174 Switch our temporary token lookups for signed grants which will not require DB access. 2015-02-19 16:54:23 -05:00
Jake Moshenko
4e5d671349 Fix a bug in the concurrent push code which prevented failed pushes from being resumed. 2015-02-19 16:46:01 -05:00
Jimmy Zelinskie
917dd6b674 Merge branch 'master' into star 2015-02-18 17:36:58 -05:00
Jake Moshenko
ec01373240 Rename the config variable for temp tag expiration per the pull request feedback. 2015-02-18 17:06:41 -05:00
Jake Moshenko
41108a0856 Allow tags to be marked as hidden. Create a hidden tag on every image during a push to prevent them from getting GCed. 2015-02-18 17:05:16 -05:00
Jake Moshenko
59b794dd61 Move the creation of images to when the JSON is uploaded. 2015-02-18 17:04:25 -05:00
Joseph Schorr
89eb5bdcc5 Merge branch 'quark' 2015-02-18 15:59:36 -05:00
Joseph Schorr
a5ff765f3b Validate that we have a valid JSON body 2015-02-18 15:57:05 -05:00
Joseph Schorr
7c81d90cda Start recording the commit sha and other metadata about github triggered builds. We'll eventually show this information in the UI 2015-02-18 14:12:59 -05:00
Jake Moshenko
2dd03f1bed Merge remote-tracking branch 'origin/master' into rockyhorror
Conflicts:
	test/data/test.db
2015-02-18 10:56:01 -05:00
Joseph Schorr
854c6e8ba3 Add a try-catch around the realtime logs stuff 2015-02-17 19:18:56 -05:00
Joseph Schorr
ff7e97faf7 Merge branch 'master' into quark 2015-02-17 19:16:12 -05:00
Joseph Schorr
524705b88c Get dashboard working and upgrade bootstrap. Note: the bootstrap fixes will be coming in the followup CL 2015-02-17 19:15:54 -05:00
Joseph Schorr
83e05d2342 Add tracking of the kind of temporary access tokens, so we can display if a pull/push by token is for a build worker 2015-02-17 12:35:16 -05:00
Joseph Schorr
79f39697fe - Fix superuser panel for debugging
- Start work on the gauges panel
2015-02-17 11:31:50 -05:00
Joseph Schorr
fbdbc21eb1 Merge branch 'master' into quark 2015-02-13 16:24:53 -05:00
Joseph Schorr
81ce4c771e Add ability to cancel builds that are in the waiting state 2015-02-13 15:54:01 -05:00
Jake Moshenko
4a921a49b9 Merge remote-tracking branch 'origin/master' into rockyhorror 2015-02-12 16:24:30 -05:00
Joseph Schorr
f84d1bad45 Handle internal errors in a better fashion: If a build would be marked as internal error, only do so if there are retries remaining. Otherwise, we mark it as failed (since it won't be rebuilt anyway) 2015-02-12 16:19:44 -05:00
Jake Moshenko
b154e7acef Merge remote-tracking branch 'origin/master' into rockyhorror 2015-02-12 15:27:28 -05:00
Jake Moshenko
990739b1e5 Add the APIs required to change the time machine policy for users and organizations. 2015-02-12 14:37:11 -05:00
Joseph Schorr
f107b50a46 Merge branch 'master' into ackbar 2015-02-12 12:04:45 -05:00
Jake Moshenko
90c0a9c1e0 First stab at time machine using fixed two week expiration policy. 2015-02-11 14:15:40 -05:00
Jake Moshenko
0f3d87466e Unify the logging infrastructure and turn the prod logging level to INFO in preparation for picking up a new cloud logger. 2015-02-11 14:15:18 -05:00
Joseph Schorr
045614c6c8 Merge branch 'master' into ackbar 2015-02-09 17:16:42 -05:00
Joseph Schorr
09a10b6153 Have cache busting hashes be generated as part of the build process. 2015-02-06 17:52:09 -05:00
Joseph Schorr
5f431e966e Add x86_64 compatibility check 2015-02-06 12:22:27 -05:00
Joseph Schorr
cf774e23df Merge branch 'master' into v2 2015-02-05 15:37:14 -05:00
Joseph Schorr
bc119aed22 Clarify why we need database.UserThenDisconnect 2015-02-05 15:00:19 -05:00
Joseph Schorr
9dfe523615 Merge master changes 2015-02-05 13:11:16 -05:00
Joseph Schorr
bfb0784abc Add signing to the ACI converter 2015-02-04 15:29:24 -05:00
Joseph Schorr
a1938593a9 Better handling of retries on build errors 2015-02-03 16:29:47 -05:00
Jimmy Zelinskie
844a960608 linter: rm unused imports, shut the linter up 2015-02-02 16:38:58 -05:00
Jake Moshenko
432da28b42 Reduce the retry count to 2. 2015-02-02 15:28:51 -05:00
Joseph Schorr
84e5c0644e Address comments 2015-02-02 14:07:32 -05:00
Jake Moshenko
64750e31fc Add the ability to select for update within transactions to fix some write after read hazards. Fix a bug in extend_processing. 2015-01-30 16:32:13 -05:00
Joseph Schorr
1022355bb1 Revert changes accidentally checked in 2015-01-29 15:00:44 -05:00
Joseph Schorr
9583023749 Start cleanup in prep for merge 2015-01-29 14:25:42 -05:00
Jake Moshenko
84f5780c1d Up the number of retries available for builds. 2015-01-29 11:52:42 -05:00
Jake Moshenko
b12c56f227 Merge remote-tracking branch 'origin/master' into ephemeral 2015-01-29 11:04:13 -05:00
Joseph Schorr
d359c849cd Add the build worker and job count information to the charts 2015-01-28 17:12:33 -05:00
Joseph Schorr
2eceb01e63 Add a bit better exception logging in the layer handling 2015-01-28 12:39:00 -05:00
Joseph Schorr
63cd6ffcc3 Start on adding usage charts 2015-01-28 12:35:01 -05:00
Joseph Schorr
30b895b795 Merge branch 'grunt-js-folder' of https://github.com/coreos-inc/quay into ackbar 2015-01-23 17:26:14 -05:00
Joseph Schorr
c8229b9c8a Implement new step-by-step setup 2015-01-23 17:19:15 -05:00
Jake Moshenko
44f7ab53a2 Merge remote-tracking branch 'origin/master' into ephemeral 2015-01-21 13:39:27 -05:00
Joseph Schorr
1cce87b136 Add is_testing info and mirror the moved endpoints so we can migrate safely. 2015-01-20 16:58:29 -05:00
Joseph Schorr
b74b7de197 Clean up the health checking code and move the endpoints to /health/instance and /health/endtoend. 2015-01-20 16:53:05 -05:00
Joseph Schorr
92d32bc636 Make the DB health check first attempt a simple DB connection. If the database is in the middle of a failover, this will fail after 3 seconds (the connection timeout specified), rather than hanging and causing the ELB health checks to timeout and fail. 2015-01-20 14:46:22 -05:00
Joseph Schorr
28d319ad26 Add an in-memory superusermanager, which stores the current list of superusers in a process-shared Value. We do this because in the ER, when we add a new superuser, we need to ensure that ALL workers have their lists updated (otherwise we get the behavior that some workers validate the new permission and others do not). 2015-01-20 12:43:11 -05:00
Joseph Schorr
2a89accc49 Fix exception handling in the registry health check and make sure the user_loader is registered before the process is forked 2015-01-16 22:41:54 -05:00
Jimmy Zelinskie
296fc938a2 Merge pull request #5 from coreos-inc/regcheck
Have the health check also ping the registry endpoint to make sure it is...
2015-01-16 16:08:10 -05:00
Joseph Schorr
b89ba61286 Change to only run the cloud watch reporter in the gunicorn_web 2015-01-16 13:44:29 -05:00
Joseph Schorr
2bae008bb1 Add a timeout to the health check on the registry workers 2015-01-16 13:22:54 -05:00
Joseph Schorr
99bd16a69c Fix github names for private orgs 2015-01-15 15:02:20 -05:00
Joseph Schorr
a4de476a85 Have the health check also ping the registry endpoint to make sure it is functional. 2015-01-14 23:39:58 -05:00
Joseph Schorr
5bbf1d0c14 Make sure the ac-discovery URL is generated properly from config values 2015-01-13 18:00:01 -05:00
Joseph Schorr
6ed28930b2 Work in progress: Docker -> ACI conversion 2015-01-13 17:46:11 -05:00
Joseph Schorr
6d604a656a Move config handling into a provider class to make testing much easier 2015-01-09 16:23:31 -05:00
Joseph Schorr
47fb10b79f Merge branch 'master' into ackbar 2015-01-08 13:57:39 -05:00
Joseph Schorr
5e0ce4eea9 Add validation of github to the config tool 2015-01-08 13:26:24 -05:00
Joseph Schorr
7933bd44fd Add tests for the new super user config API and make sure both super user API endpoint sets are all guarded against being used in production 2015-01-08 12:53:36 -05:00
Joseph Schorr
f125efa8ca Fix broken check 2015-01-07 16:42:09 -05:00
Joseph Schorr
63504c87fb Get end-to-end configuration setup working, including verification (except for Github, which is in progress) 2015-01-07 16:20:51 -05:00
Joseph Schorr
219730c341 Better config defaults and remove some unneeded code 2015-01-05 13:01:32 -05:00
Joseph Schorr
40d2b1748f Fix handling of secret key: We now generate it on app startup if it doesn't exist in the config (which it doesn't anymore in the base config.py). 2015-01-05 12:31:02 -05:00
Joseph Schorr
27e7447569 Fix spacing 2015-01-05 12:12:00 -05:00
Joseph Schorr
8085ff81a8 Only call get_authenticated_* once in the track_and_log, and add better logging to it 2015-01-04 14:50:08 -05:00
Joseph Schorr
1bf25f25c1 WIP 2015-01-04 14:38:41 -05:00
Jimmy Zelinskie
8464b54ad9 star status shown in normal repo listings 2014-12-30 15:07:14 -05:00
Jimmy Zelinskie
e8cd24781a remove 'include_starred' option on repo listings 2014-12-29 14:11:46 -05:00
Joseph Schorr
30c7cbb80b Merge branch 'master' of https://github.com/coreos-inc/quay 2014-12-29 12:29:03 -05:00
Joseph Schorr
cac19cac57 Add back in the ability to create users 2014-12-23 14:25:04 -05:00
Joseph Schorr
4ca877c1d4 Add ability to download system logs 2014-12-23 14:01:00 -05:00
Joseph Schorr
5c7a9d0daf Add the ability to view the system logs in the superuser endpoint 2014-12-23 11:40:51 -05:00
Jake Moshenko
e53b6b0e21 Merge remote-tracking branch 'origin/master' into ephemeral 2014-12-22 12:14:59 -05:00
Jake Moshenko
12ee8e0fc0 Switch a few of the buildman methods to coroutines in order to support network calls in methods. Add a test for the ephemeral build manager. 2014-12-22 12:14:16 -05:00
Jimmy Zelinskie
6968c148f7 Allow redirects to specific tags 2014-12-18 16:01:59 -05:00
Joseph Schorr
914df9af1a Merge branch 'master' of https://github.com/coreos-inc/quay 2014-12-18 18:08:59 +02:00
Joseph Schorr
5168f47321 Only lookup if the repo is public if necessary 2014-12-18 18:08:50 +02:00
Jimmy Zelinskie
a6762531e8 remove unused imports 2014-12-16 12:16:49 -05:00
Joseph Schorr
107847a4bb Fix Slack notification setup to support the new slack web hook format and convert all existing data to use the new format (so we only have one code path) 2014-12-16 14:34:43 +02:00
Jimmy Zelinskie
5a484cfe11 Initial redesigned UI for repo listings w/ stars. 2014-12-11 15:07:41 -05:00
Joseph Schorr
73ebcd45e3 Only perform the heartbeat check if the build is actually running. If it has completed, or has an error, then we know it is done. 2014-12-11 21:10:54 +02:00
Jimmy Zelinskie
4f5a78ca2c Add missing args param. 2014-12-02 17:32:43 -08:00
Jimmy Zelinskie
aa4903c3cd add docs for star repo api 2014-12-02 17:31:21 -08:00
Jimmy Zelinskie
eb956e5b7d initial work on adding models for starring repos.
I'm sick of using `git stash`.
2014-12-02 17:31:21 -08:00
Jimmy Zelinskie
f3259c862b Merge branch 'koh'
Conflicts:
	auth/scopes.py
	requirements-nover.txt
	requirements.txt
	static/css/quay.css
	static/directives/namespace-selector.html
	static/js/app.js
	static/partials/manage-application.html
	templates/oauthorize.html
2014-12-01 12:30:09 -08:00
Joseph Schorr
72d613614d Merge branch 'bagger' 2014-12-01 12:48:59 -05:00
Jimmy Zelinskie
8591889c62 Generate PNG avatars. 2014-11-26 16:52:24 -05:00
Joseph Schorr
b7a489813a Fix build system to work with Github Enterprise 2014-11-26 12:37:20 -05:00
Jimmy Zelinskie
eab79ff1ad Add caching headers to avatar endpoint. 2014-11-26 10:54:16 -05:00
Jimmy Zelinskie
182c87b983 Remove unused imports. 2014-11-26 10:53:51 -05:00
Joseph Schorr
b3240de1f8 Rename gravatar field after the bees merge. 2014-11-25 19:59:24 -05:00
Jimmy Zelinskie
d9f0d36dfe Add missing InvalidResponse class. 2014-11-25 16:08:01 -05:00
Joseph Schorr
3a935822fc Fix PhantomJS by always using the local copy of CDN files, and making sure to specify TLS (instead of the default SSLv3, which is now deprecated) 2014-11-25 15:32:10 -05:00
Joseph Schorr
0e13ef3ff8 Fix various bugs and styling issues 2014-11-24 19:40:03 -05:00
Joseph Schorr
7bf96c506f Merge branch 'bees' into koh 2014-11-24 19:25:53 -05:00
Joseph Schorr
e9cac407df Add a configurable avatar system and add an internal avatar system for enterprise 2014-11-24 19:25:13 -05:00
Jimmy Zelinskie
716d7a737b Strip whitespace from ALL the things. 2014-11-24 16:07:38 -05:00
Joseph Schorr
b8e873b00b Add support to the build system for tracking if/when the build manager crashes and make sure builds are restarted within a few minutes 2014-11-21 14:27:06 -05:00
Jimmy Zelinskie
dee4c389a8 Base sessions on UUIDs.
Now that a backfill has been applied, sessions can now be based on UUIDs
because all users will have one.
2014-11-20 18:44:36 -05:00
Jake Moshenko
2b8c246476 Temporarily put user rename behind a feature flag. Switch queue names back to using the username for namespace while we figure out a real migration strategy. 2014-11-20 15:36:39 -05:00
Jake Moshenko
768a60b414 Redirect to repository pages if the repository exists, and it's public or the user has read access, and the route doesn't match any other route. 2014-11-20 15:12:37 -05:00
Jimmy Zelinskie
12ff4b107c Undo sessions being driven by UUID.
Basing sessions on UUIDs must be done in phases. First all users
must obtain an UUID. Once a backfill has given all previous users
UUIDs and new users are being generated with UUIDs, then we can
actually change the session to be based on that value.
2014-11-20 12:57:17 -05:00
Joseph Schorr
8fab3b6d34 Make sure to switch the context back to LogEntry and make sure to only include the performer if actually present 2014-11-20 12:04:53 -05:00
Jimmy Zelinskie
9d677b8eb3 Add UUID to User model and use in cookie. 2014-11-19 13:28:16 -05:00
Jake Moshenko
3815e9a293 Switch to installing paths in github which do not include repository information. 2014-11-18 10:29:59 -05:00
Jake Moshenko
a7bae6c1d9 Fix robot renaming. Allow for trigger URLs to contain or omit the repository in the path. Fix calls to get_trigger to remove the namespace and repository. 2014-11-18 10:24:48 -05:00
Jake Moshenko
f4681f2c18 Merge branch 'master' into nomenclature
Conflicts:
	test/data/test.db
2014-11-17 17:59:59 -05:00
Joseph Schorr
58ca76239b Add ability to one-click generate an authorization access token in the applications panel 2014-11-17 14:54:07 -05:00
Joseph Schorr
ccc16fd6f4 Merge branch 'master' into bees 2014-11-17 13:14:27 -05:00
Joseph Schorr
003afc0c25 Add back the accidentally removed user event code. This fixes the tutorial. 2014-11-14 19:55:31 -05:00
Joseph Schorr
3e550b4b71 Make sure to sort the images for the squashed image system 2014-11-13 15:13:44 -05:00
Joseph Schorr
e7cbda86f7 Merge branch 'perf' 2014-11-10 21:52:27 -05:00
Joseph Schorr
091f821a6a - Rename get_repo_image to get_repo_image_extended and get_repo_image_directly to get_repo_image
- Remove the configure call from CloseForLongOperation
- Other small fixes
2014-11-10 13:44:36 -05:00
Joseph Schorr
a1147236ea Fix OAuth login to try usernames until it finds a valid username 2014-11-10 11:30:47 -05:00
Jake Moshenko
ca435fc7a6 Rename robots when we rename a user. Do not use the namespace from the path to check permissions from the incoming webhooks since the namespace may have changed and we cannot recreate them in remote services easily. 2014-11-09 17:50:57 -05:00
Joseph Schorr
691be49817 Fix issues with the perf updated code 2014-11-07 14:36:32 -05:00
Joseph Schorr
9d1b6d829a Make sure the external login link for GHE links to the enterprise GitHub and not the hosted version 2014-11-06 20:35:52 -05:00
Joseph Schorr
d5bbb57481 Change registry code to disconnect from the DB before long I/O operations 2014-11-06 18:00:52 -05:00
Joseph Schorr
23d9bd2b42 Change verbs to use short lived database connections 2014-11-06 17:50:48 -05:00
Joseph Schorr
c569299e5c Database optimizations around image creation and logs lookup 2014-11-06 14:48:16 -05:00
Joseph Schorr
3e79379942 - Make the OAuth config system centralized
- Add support for Github Enterprise login
2014-11-05 16:43:37 -05:00
Joseph Schorr
a35bc11912 Add perf comments 2014-11-05 12:27:38 -05:00
Joseph Schorr
6adf4644b4 Remove unneeded extra logging call 2014-11-03 17:17:05 -05:00
Joseph Schorr
98602a2d0c Add a new configurable health check, to make sure production instances are not taken down by Redis or non-local DB issues 2014-11-02 15:06:17 -05:00
Joseph Schorr
4eedd54b66 - Make usage language more accurate by stating "repositories"
- Have usage counter be based on a 4 weeks TTL
- Add a simple usage counter breakage test
2014-10-30 13:26:02 -04:00
Joseph Schorr
79e4864eb2 Move the the track_and_log code into its own module. This breaks a dependency chain between index -> common -> api -> subscribe -> common again. 2014-10-30 12:49:51 -04:00
Joseph Schorr
c1398c6d2b - Add a log entry for repo verb handling and make the container usage calculation take it into account
- Move all the repo push/pull/verb logging into a central track_and_log method
- Readd images accidentally deleted in the last CL
- Make the uncompressed size migration script better handle exceptions
2014-10-29 15:42:44 -04:00
Joseph Schorr
dfe143270c Add is_testing value to the status endpoint 2014-10-29 13:51:05 -04:00
Joseph Schorr
e7f98d991f Fix bug which caused manual builds to always build the master branch 2014-10-29 12:04:34 -04:00
Joseph Schorr
109850b428 Add a basic usage counter for enterprise 2014-10-28 16:33:13 -04:00
Joseph Schorr
93cd7de0e0 Handle email errors in a better manner 2014-10-28 12:10:44 -04:00
Joseph Schorr
fb2470615b Add support for filtering based on tags, in addition to branches 2014-10-23 16:39:10 -04:00
Jake Moshenko
1461310ab8 Merge remote-tracking branch 'origin/master' into nomenclature
Conflicts:
	endpoints/common.py
	endpoints/notificationhelper.py
	test/data/test.db
	workers/dockerfilebuild.py
2014-10-23 13:25:37 -04:00
Joseph Schorr
5db9cd948b Add better (jinja-based) messaging to the notifications and add some fixes for the email templates 2014-10-22 19:01:56 -04:00
Joseph Schorr
ea96dbb2ad Remove the pushed_image_count since we aren't getting the data anyway 2014-10-22 15:26:29 -04:00
Joseph Schorr
208c97776f Make sure builds are queued under a transaction. This should prevent a queue item from existing without its repository build object (or vice versa). 2014-10-22 15:20:53 -04:00
Joseph Schorr
8b331b453e Make the contact page dynamic so that enterprise customers can configure it however they like 2014-10-22 14:49:33 -04:00
Joseph Schorr
612a5e5102 Fix the updated_tags information by storing it in the session 2014-10-22 14:14:56 -04:00
Joseph Schorr
0ef17b082b Make sure to disconnect from the database when finished with the processes 2014-10-21 17:40:57 -04:00
Joseph Schorr
47be7cab7a Compute the tarsum only when required. Newer versions of Docker only require the simple SHA256 checksum, so this should save us from writing to a temp file. 2014-10-20 13:11:33 -04:00
Joseph Schorr
5e74edc116 Add extra image check for put_image_checksum 2014-10-17 17:57:10 -04:00
Joseph Schorr
346b594b66 Make the external login error messaging nicer when an email address conflict occurs 2014-10-17 11:44:31 -04:00
Joseph Schorr
a423032e80 - Make sure we log when an exception occurs in the squashing code
- Have queue file always try to return any remaining data in the buffer
- Remove the raise of the exception when we get an empty tar file
2014-10-16 12:54:16 -04:00
Joseph Schorr
d43109d7cb - Merge branch 'master' into sha-lom
- Extract out the tar handling from streamlayerformat into tarlayerformat
- Add a new tarfileappender class to make it easy to append data to gzipped tars
- Fix the gzipwrap to properly close
- Have the .git injection use the new appender
2014-10-15 15:51:34 -04:00
Joseph Schorr
da28bc4ce9 - Handle missing images properly
- Add support for deleting directories
- Add a slew of tests for deletion of directories and other kinds of deletion and layering
2014-10-14 21:40:02 -04:00
Joseph Schorr
c3171a2690 Redo the UI for the trigger setup dialog and add the ability for github triggers to be filtered using a regex on their branch name. 2014-10-14 15:46:35 -04:00
Joseph Schorr
37aa70c28e Notifications must check for the user OR an organization with the namespace name 2014-10-10 19:05:20 -04:00
Joseph Schorr
07f3bd6f8c Add a synthetic .git directory containing the commit sha so that 'git rev-parse HEAD' works from inside builds 2014-10-10 17:20:07 -04:00
Joseph Schorr
adc915a5eb Fix the subprocesses to also use their own storage classes; this fixes a socket error when talking to S3 2014-10-08 16:54:03 -04:00
Joseph Schorr
d16fdde528 Fix bug in dockerloadformat and make sure we handle exceptions properly in the verb call 2014-10-08 13:43:12 -04:00
Jake Moshenko
a0d94f9d59 Merge remote-tracking branch 'origin/laffa' into nomenclature
Conflicts:
	test/data/test.db
2014-10-07 15:56:28 -04:00
Joseph Schorr
f38ce51943 Merge master into laffa 2014-10-07 14:03:17 -04:00
Jake Moshenko
ed8bcff39e Merge remote-tracking branch 'origin/master' into nomenclature
Conflicts:
	test/data/test.db
	workers/dockerfilebuild.py
2014-10-06 10:29:39 -04:00
Jake Moshenko
6bc982b77b Add a note about updating nginx config when updating the _ping endpoint. 2014-10-06 10:24:40 -04:00
Joseph Schorr
e0993b26af Make query params only read from query params, not JSON as well 2014-10-03 15:05:34 -04:00
Joseph Schorr
e654b2b608 Branch.name has to use a dot accessor, not a dict lookup 2014-10-03 12:35:58 -04:00
Joseph Schorr
1d8ec59362 Merge branch master into bees 2014-10-02 15:08:32 -04:00
Joseph Schorr
c682899861 Add a feature flag to disable user creation 2014-10-02 14:49:18 -04:00
Jake Moshenko
5c18ffe67d Allow the namespace column to be null, and also non-unique. Fix the uncompressed size clobbering the size on the wire field. Add metadata constraints so that foreign key constraints get predictable names. Fix all downgrade migrations. 2014-10-02 10:46:20 -04:00
Jake Moshenko
e8b3d1cc4a Phase 4 of the namespace to user migration: actually remove the column from the db and remove the dependence on serialized namespaces in the workers and queues 2014-10-01 14:23:46 -04:00
Joseph Schorr
d9c7e92637 Add superuser abilities: create user, show logs. Also fix the super users UI to show the user drop down and make all superuser API calls require fresh login 2014-10-01 13:55:09 -04:00
Joseph Schorr
039d53ea6c - Fix initdb
- Add ability to specific custom fields for manual running of build triggers and add a "branch name" selector for running github builds
2014-09-30 16:29:32 -04:00
Joseph Schorr
474add0fb1 Have the layer PUT method calculate the uncompressed size in realtime, as trusting the JSON is fraught with complications 2014-09-29 17:00:47 -04:00
Joseph Schorr
dd4c26cb00 Only operations with nicknames can be added to the swagger doc 2014-09-28 15:40:08 -04:00
Jake Moshenko
03190efde3 Phase 2 of migrating repo namespaces to referencing user objects, backfilling the rows without a value for namespace_user, and changing all accesses to go through the namespace_user object. All tests are passing, manual testing still required. 2014-09-24 18:01:35 -04:00
Joseph Schorr
ec484e3efc Move size and checksum updates into the metadata call 2014-09-23 15:49:28 -04:00
Joseph Schorr
86dfca2e3e Add uncompressed size field to the image storage and add a backfill script (which is not yet automatically called) 2014-09-23 14:01:27 -04:00
Joseph Schorr
87bc37f6c8 Merge branch 'sunday' 2014-09-23 11:29:03 -04:00
Joseph Schorr
ba0963a81c Update the worker code to better handle exceptions, fix the utcdate issue and make sure we send the proper retry. Also updates notification workers to send JobExceptions rather than returning true or false 2014-09-23 11:01:50 -04:00
Joseph Schorr
8dd2330ce7 Switch to using straight docker IDs instead of a hashing scheme 2014-09-23 11:01:50 -04:00
Joseph Schorr
9621566d31 Instead of sending DB IDs, send "internal IDs" which are DB IDs hashed. This way, we can still calculate the ancestors without hitting the DB further, but without leaking the size of the images table 2014-09-23 11:01:50 -04:00
Joseph Schorr
f3b03ebc34 Add a feature flag for disabling all emails 2014-09-22 19:11:48 -04:00
Jake Moshenko
3259cda000 The new strategy is to do a three phase migration. This is the first phase: getting the namespace user in the db and written for all new repositories. 2014-09-22 17:27:02 -04:00
Joseph Schorr
dc685b2387 Merge branch 'huggies' 2014-09-22 13:41:29 -04:00
Joseph Schorr
f23038c6ee Update the worker code to better handle exceptions, fix the utcdate issue and make sure we send the proper retry. Also updates notification workers to send JobExceptions rather than returning true or false 2014-09-22 12:52:57 -04:00
Joseph Schorr
e5055763f6 Make the squashed path smaller and handle failure cases on the curl side 2014-09-19 12:54:52 -04:00
Joseph Schorr
e273dca4b4 Change back to using a docker load format 2014-09-19 12:22:54 -04:00
Jake Moshenko
8626d1cd70 Initial changes to move repositories from using a namespace string to referencing a user object. Also stores the user id in the cookie rather than the username, to allow users to be renamed. This commit must not be used unmodified because the database migration is too aggressive for live migration. 2014-09-19 10:17:23 -04:00
Jake Moshenko
11bb8e6448 Actually store the generated image storage in the database, and allow it to be garbage collected when the parent image storage is collected. 2014-09-18 17:26:40 -04:00
Joseph Schorr
a90aab4665 Switch to using straight docker IDs instead of a hashing scheme 2014-09-18 17:16:10 -04:00
Joseph Schorr
b212dbb2ab Merge branch 'master' into better-emails 2014-09-18 13:20:32 -04:00
Joseph Schorr
efc06b54f6 Add a TODO and some slightly better naming 2014-09-16 22:44:45 -04:00
Joseph Schorr
1cfb6fc353 Have the squashing system write the data (via a double queue system and multiprocessing) to both the client and the stack's storage. On subsequent calls, if the synthetic image exists, it will be returned directly instead of being recomputed 2014-09-16 22:43:19 -04:00
Joseph Schorr
5cca609c55 Switch back to send_file and add a bit of gzip buffering 2014-09-16 14:20:42 -04:00
Joseph Schorr
9344839295 Get squashed endpoint for docker import working 2014-09-16 11:53:54 -04:00
Joseph Schorr
e3c52fa0eb Work in progress. This is currently broken! 2014-09-16 00:18:57 -04:00
Jake Moshenko
75d2ef377e Merge remote-tracking branch 'origin/master' into comewithmeifyouwanttowork
Conflicts:
	data/model/legacy.py
2014-09-15 17:52:17 -04:00
Joseph Schorr
913b3e472f Add ability to detach external login services 2014-09-15 12:01:02 -04:00
Joseph Schorr
e8ad01cb41 Lots of small NPE and other exception fixes 2014-09-15 11:27:33 -04:00
Joseph Schorr
10faa7de84 Only allow users matching the team invite to accept, if the invite was specified for a user (rather than an email) 2014-09-12 14:29:01 -04:00
Jake Moshenko
c5ca46a14b Merge remote-tracking branch 'origin/master' into comewithmeifyouwanttowork
Conflicts:
	data/model/legacy.py
	static/js/app.js
2014-09-12 11:03:30 -04:00
Joseph Schorr
8d3ce44682 Address comments on code review 2014-09-11 15:45:41 -04:00
Jake Moshenko
8b3a3178b0 Finish the build logs archiver, add handlers for cloud and local that handle gzip encoded archived content. 2014-09-11 15:33:10 -04:00
Jake Moshenko
539fc04205 Seek the file pointer to zero since we now use multipart for upload of userfiles, which does not seek automatically. 2014-09-10 17:18:49 -04:00
Jake Moshenko
29d40db5ea Add a new RadosGW storage engine. Allow engines to distinguish not only between those that can support direct uploads and downloads, but those that support doing it through the browser. Rename resumeable->resumable. 2014-09-09 15:54:03 -04:00
Joseph Schorr
7c45aca405 Code review changes 2014-09-08 17:20:01 -04:00
Joseph Schorr
63628678b8 Instead of sending DB IDs, send "internal IDs" which are DB IDs hashed. This way, we can still calculate the ancestors without hitting the DB further, but without leaking the size of the images table 2014-09-08 15:02:26 -04:00
Joseph Schorr
3c20402b32 Add a common base email template, translate the emails over to using jinja and add emails when e-mail addresses and passwords are changed. 2014-09-05 19:57:33 -04:00
Jake Moshenko
64480fd4ed Merge remote-tracking branch 'origin/master' into yellowalert
Conflicts:
	data/migrations/versions/82297d834ad_add_us_west_location.py
	test/data/test.db
2014-09-05 11:30:30 -04:00
Jake Moshenko
3c57e612b3 Merge remote-tracking branch 'origin/zegooglesdosomething' 2014-09-04 20:10:16 -04:00
Joseph Schorr
987177fd7e Have require_fresh_login not apply if there is no password set for the user 2014-09-04 19:47:12 -04:00
Jake Moshenko
1a230f635a Use datetime.min instead of a fixed span for the last login default time. 2014-09-04 19:15:06 -04:00
Joseph Schorr
e028d4ae0a Merge master into branch 2014-09-04 18:08:18 -04:00
Joseph Schorr
1c2de35f28 Code review fixes 2014-09-04 17:54:51 -04:00
Joseph Schorr
e783df31e0 Add the concept of require_fresh_login to both the backend and frontend. Sensitive methods will now be marked with the annotation, which requires that the user has performed a login within 10 minutes or they are asked to do so in the UI before running the operation again. 2014-09-04 14:24:20 -04:00
Joseph Schorr
1e7e012b92 Add a requirement for the current password to change the user's password or email address 2014-09-03 15:41:25 -04:00
Jake Moshenko
2dcdd7ba5b Add exponential backoff of login attempts. 2014-09-02 15:27:05 -04:00
Joseph Schorr
3b72b26836 Merge branch 'master' into comewithmeifyouwanttowork 2014-08-28 20:50:13 -04:00
Joseph Schorr
ae92098b23 Add invite by email (WIP) 2014-08-28 20:49:11 -04:00
Joseph Schorr
7ca853adee Rename the method so it doesn't shadow the model method. 2014-08-28 18:53:04 -04:00
Joseph Schorr
6f1a4030b6 Add response schema validation (only when in TESTING mode) and add one schema. More will be added in a followup CL 2014-08-27 20:57:46 -04:00
Joseph Schorr
6ec89bb179 Add Slack notification support 2014-08-26 22:09:56 -04:00
Joseph Schorr
d76d4704a0 Add pagination to the notifications API and make the UI only show a maximum of 5 notifications (beyond that, it shows "5+"). 2014-08-26 15:19:39 -04:00
Joseph Schorr
a129aac94b Add ability to regenerate robot account credentials 2014-08-25 17:19:23 -04:00
Joseph Schorr
99d75bede7 Handle error cases better for external services 2014-08-25 15:30:29 -04:00
Joseph Schorr
09a1c4d2b5 Add test fix and make sure Quay ups the connection count in its container 2014-08-25 14:23:21 -04:00
Joseph Schorr
80435d9c0b Add support for docker search, now that auth is fixed 2014-08-22 19:41:22 -04:00
Joseph Schorr
d2880807b2 - Further fixes for license stuff
- Small fixes to ensure Quay works for Postgres
2014-08-21 19:21:20 -04:00
Joseph Schorr
4fd249589d Add scopes to many org admin methods and remove the internal_only on ones we can now expose 2014-08-19 19:21:41 -04:00
Joseph Schorr
53fb7f4136 Add documentation for all path parameters 2014-08-19 19:05:28 -04:00
Joseph Schorr
32ea1d194f Add support for the Hipchat room notification API 2014-08-19 17:40:36 -04:00
Joseph Schorr
35bd28a77e Add support for the Flowdock Team chat API: https://www.flowdock.com/api/push 2014-08-19 14:33:33 -04:00
Joseph Schorr
02d3b70013 Make sure to search teams as well when determining the robots which have access to a private repo 2014-08-18 19:19:01 -04:00
Joseph Schorr
43b6695f9c Get team invite confirmation working and fully tested 2014-08-18 17:24:00 -04:00
Joseph Schorr
1460879169 Change an ancestry error into a 404 2014-08-18 13:35:03 -04:00
Joseph Schorr
7d7cca39cc New team view interface 2014-08-15 20:51:31 -04:00
Joseph Schorr
56d7a3524d Work in progress: Require invite acceptance to join an org 2014-08-15 17:47:43 -04:00
Joseph Schorr
e7daca5d95 Add better messaging and UI around repos and images that are currently being pushed 2014-08-13 17:54:15 -04:00
Jake Moshenko
29f1b048a3 Add support for Google Cloud Storage. 2014-08-12 02:06:44 -04:00
Joseph Schorr
11176215e1 Commit new DB changes and make sure the metadata is always present in some form 2014-08-11 18:35:26 -04:00
Joseph Schorr
389c88a7c4 Update federated login to store metadata and have the UI pull the information from the metadata 2014-08-11 18:25:01 -04:00
Joseph Schorr
2597bcef3f Add support for login with Google. Note that this CL is not complete 2014-08-11 15:47:44 -04:00
Jake Moshenko
5d4a6fc279 Add support for GA at least for the initial page load. 2014-08-07 20:44:59 -04:00
Jake Moshenko
979f78f677 Stop clobbering the scope variable. 2014-08-06 18:51:04 -04:00
Joseph Schorr
e0bb94e439 Add path param description support 2014-08-06 17:47:32 -04:00
Joseph Schorr
05a1413153 Handle UI for dangerous scopes 2014-08-05 21:21:22 -04:00
Jake Moshenko
02e47ed572 Begin the work to allow robots and teams to be managed via API. 2014-08-05 20:53:00 -04:00
Joseph Schorr
7e8713171e - Change updated_tags into the expected dict, not a list
- Update the event code on both sides to expect the dict
- Add filter support to the string builder
2014-08-05 17:45:40 -04:00
Jake Moshenko
0372013f70 Merge remote-tracking branch 'origin/redalert'
Conflicts:
	app.py
2014-08-04 16:56:34 -04:00