josephschorr
fd1237cff9
Merge pull request #2974 from coreos-inc/joseph.schorr/QS-118/manifest-write-query
...
Audit the number of SQL queries we make in writing manifests, and significantly reduce in the common case
2018-01-31 11:08:33 -05:00
Joseph Schorr
182c4594e7
Remove unsupported DB connection arguments for non-pooled DB handler
2018-01-26 13:37:08 -05:00
Joseph Schorr
9e16a989f5
Audit the number of SQL queries we make in writing manifests, and significantly reduce in the common case
...
Instead of 41 queries now for the simple manifest, we are down to 14.
The biggest changes:
- Only synthesize the V1 image rows if we haven't already found them in the database
- Thread the repository object through to the other model method calls, and use it instead of loading again and again
2018-01-25 11:10:43 -05:00
Joseph Schorr
208dc38d25
Allow expired app specific tokens to be deleted
2018-01-23 11:40:51 -05:00
Joseph Schorr
3bc5840496
Extend our logs about whether we are using connection pooling for a DB
2018-01-11 16:43:46 -05:00
josephschorr
b17c05fbd5
Merge pull request #2968 from coreos-inc/joseph.schorr/QS-110/user-login-lock
...
Reduce lock contention on invalid user login calls
2018-01-09 12:41:00 -05:00
Joseph Schorr
81be47486c
Reduce lock contention on invalid user login calls
...
Fixes https://jira.coreos.com/browse/QS-110
2018-01-08 16:57:50 -05:00
josephschorr
13b738c43c
Merge pull request #2954 from coreos-inc/joseph.schorr/QS-102/user-api-filter
...
Add ability to filter users list to enabled users
2018-01-05 15:40:50 -05:00
josephschorr
d8fde005d8
Merge pull request #2961 from coreos-inc/joseph.schorr/QS-107/create-repo-opt
...
Small optimizations around create repository code
2018-01-05 15:40:30 -05:00
Joseph Schorr
6a876a6b73
Change title to be UTF8
2018-01-04 15:27:42 -05:00
Joseph Schorr
888b564a9b
Add a banner to the Quay UI when an app specific token is about to expire
2018-01-04 15:27:42 -05:00
Joseph Schorr
2214a2c7ad
Disable fresh login check in auth engines that won't support it
2018-01-04 15:27:41 -05:00
Joseph Schorr
524d77f527
Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password
2018-01-04 15:27:41 -05:00
Joseph Schorr
3f99e864e1
Reduce the number of DB queries for creating a repo
2018-01-04 14:32:39 -05:00
Joseph Schorr
1e1bec0afe
Remove extra update call on create repo
2018-01-04 13:42:05 -05:00
Joseph Schorr
8e473b9779
Add filter for disabled users to superuser user list API
...
Fixes https://jira.coreos.com/browse/QS-102
2017-12-22 16:45:49 -05:00
josephschorr
024c183f67
Merge pull request #2944 from coreos-inc/joseph.schorr/QS-91/v2-caching
...
V2 registry blob caching
2017-12-18 14:42:02 -05:00
Joseph Schorr
9e16596854
Add a bunch of logging to the data model caching mechanism
...
Should help us debug any potential issues
2017-12-18 14:18:37 -05:00
Joseph Schorr
097cbbeaae
Add new Quay pricing plans
2017-12-18 13:12:16 -05:00
Joseph Schorr
60bc655695
Fix flakiness in a test when comparing date times
2017-12-14 14:00:20 -05:00
Joseph Schorr
3c72e9878d
Add the concept of a data model cache, for caching of Namedtuple objects from the data model
...
Will be used to cache blobs, thus removing the need to hit the database in most blob requests
2017-12-14 13:36:51 -05:00
Joseph Schorr
51e67ab7f5
Fix get_blob_path to not make any database calls and add a test
...
This will be supported by caching, hopefully removing the need to hit the database when the blob object is cached
2017-12-13 16:27:46 -05:00
josephschorr
b2db266747
Merge pull request #2935 from coreos-inc/joseph.schorr/QS-80/password-reset-expire
...
Add maximum lifetime of 30m on password recovery tokens
2017-12-07 14:21:32 -05:00
josephschorr
1861d7dee9
Merge pull request #2938 from coreos-inc/joseph.schorr/QS-85/signout-all
...
Invalidate all session tokens when a user signs out
2017-12-07 13:25:00 -05:00
Joseph Schorr
1d1c6f0606
Invalidate all session tokens when a user signs out
...
Fixes https://jira.coreos.com/browse/QS-85
2017-12-07 13:03:11 -05:00
Joseph Schorr
d38a1fc851
Ensure user files are always sent with the Content-Disposition header
...
This prevents them from being executed in the browser directly
Fixes https://jira.coreos.com/browse/QS-84
2017-12-06 17:12:00 -05:00
Joseph Schorr
5dd95038cf
Add maximum lifetime of 30m on password recovery tokens
...
Fixes https://jira.coreos.com/browse/QS-80
2017-12-06 17:06:03 -05:00
josephschorr
8d7381336a
Merge pull request #2910 from coreos-inc/joseph.schorr/QS-58/oidc-auth-bug
...
Don't add a "password required" notification for non-database auth via OIDC
2017-12-06 14:19:49 -05:00
Joseph Schorr
32255f122b
Simplify and further optimize handling of unfiltered search results
...
Using the DB-side limit is much faster
2017-11-30 16:56:01 -05:00
Joseph Schorr
eea026be52
Fix bug around search pagination with non-filtered searches
...
Also further optimizes the queries
2017-11-30 16:13:42 -05:00
Joseph Schorr
0440cca3ef
Fix typo in how we order search results
...
`.desc()` needs to be on the field
2017-11-30 14:53:23 -05:00
Joseph Schorr
c767c88b82
Optimize searching of repositories when there is no query
2017-11-30 14:10:22 -05:00
Joseph Schorr
2ced523313
Add Explore tab and query-less searching
...
Allows for exploration of all visible repositories, in paginated form.
This change also fixes the layout of the header on different viewport sizes to be consistently a single line in height.
Fixes https://jira.coreos.com/browse/QS-63
2017-11-28 16:50:23 +02:00
Joseph Schorr
503cff8f0c
Don't add a "password required" notification for non-database auth via OIDC
2017-11-13 16:17:36 -05:00
Joseph Schorr
2e28976d7c
Change exception to debug on expected RAC integrity error
...
Fixes https://jira.prod.coreos.systems/browse/QS-44
2017-10-30 12:55:24 -04:00
Joseph Schorr
9f804de23d
Fix bug in deletion of repos with OCI-style linked tags
...
MySQL does not allow rows in the same table referencing other rows to be deleted in a single statement. We now do a two-pass deletion, and add a test to make sure.
Fixes https://jira.prod.coreos.systems/browse/QS-18
2017-10-18 17:03:27 -04:00
Joseph Schorr
c2a56ae828
Add a test for ping in OIDC auth
2017-10-12 16:49:06 -04:00
Joseph Schorr
c1ce84822d
Fix tuple for health check
2017-10-12 16:25:31 -04:00
Joseph Schorr
7e63184ab4
Add missing ping method
2017-10-12 16:25:21 -04:00
Joseph Schorr
2ce4e49711
Build job does not have a request context when calling get_file_url
...
We therefore need to specify some sort of IP or get_file_url will attempt to get it from context
2017-10-06 12:57:02 -04:00
josephschorr
3bef21253d
Merge pull request #2695 from coreos-inc/oidc-internal-auth
...
OIDC internal auth support
2017-10-02 16:51:17 -04:00
Joseph Schorr
f51a863158
Remove access_token from user_info
2017-10-02 16:51:09 -04:00
Joseph Schorr
56fbbcf7cf
Add request IP to get_direct_download_url method
2017-09-25 17:14:28 -04:00
Joseph Schorr
804d3c46c3
Add feature flag to allow users to be created only if invited to join a team
...
Allows for open user creation, but only if extended an invitation by someone who already has access
2017-09-14 16:28:39 -04:00
Joseph Schorr
c6aad5fef0
Add option to disable partial autocompletion of users
2017-09-12 15:55:37 -04:00
Evan Cordell
1d246784dd
Include invalid oidc token in the error message for debugging
2017-09-12 12:26:42 -04:00
Joseph Schorr
ed897c7cb0
Change OIDC engine to not be federated
...
We don't need linking, just the ability to perform lookup
2017-09-12 12:26:41 -04:00
Joseph Schorr
bc82edb2d1
Add ability to configure OIDC internal auth engine via superuser panel
2017-09-12 12:23:52 -04:00
Joseph Schorr
e724125459
Add support for using OIDC tokens via the Docker CLI
2017-09-12 12:23:22 -04:00
Jimmy Zelinskie
9e09612851
Revert "Merge pull request #2844 from coreos-inc/alegrand/use_latest_appr_server_code"
...
This reverts commit 646fafb2fd
, reversing
changes made to 5c1b635439
.
2017-08-09 20:45:46 -04:00