josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								e58e04b0e9 
								
							 
						 
						
							
							
								
								Merge pull request  #2242  from coreos-inc/clair-exceptions  
							
							... 
							
							
							
							Security scanner flow changes and auto-retry 
							
						 
						
							2016-12-16 15:54:52 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								405eca074c 
								
							 
						 
						
							
							
								
								Security scanner flow changes and auto-retry  
							
							... 
							
							
							
							Changes the security scanner code to raise exceptions now for non-successful operations. One of the new exceptions raised is MissingParentLayerException, which, when raised, will cause the security worker to perform a full rescan of all parent images for the current layer, before trying once more to scan the current layer. This should allow the system to be "self-healing" in the case where the security scanner engine somehow loses or corrupts a parent layer. 
							
						 
						
							2016-12-16 15:38:09 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								d4b7738a87 
								
							 
						 
						
							
							
								
								Merge pull request  #2243  from coreos-inc/entity-autocomplete  
							
							... 
							
							
							
							Make sure robot accounts always show up first in entity search 
							
						 
						
							2016-12-16 15:09:37 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								58b7481a63 
								
							 
						 
						
							
							
								
								Make sure robot accounts always show up first in entity search  
							
							... 
							
							
							
							Fixes https://www.pivotaltracker.com/story/show/136277321 
Fixes  #2241  
							
						 
						
							2016-12-16 15:04:30 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								f72185f527 
								
							 
						 
						
							
							
								
								Merge pull request  #2240  from coreos-inc/wrong-email-invite-accept  
							
							... 
							
							
							
							Fix attempts to confirm team invite for mismatched email address 
							
						 
						
							2016-12-16 14:30:37 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								9fa16679f8 
								
							 
						 
						
							
							
								
								Merge pull request  #2238  from coreos-inc/fake-clair  
							
							... 
							
							
							
							Add a fake security scanner class for easier testing 
							
						 
						
							2016-12-15 20:51:24 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								785c74de52 
								
							 
						 
						
							
							
								
								Fix attempts to confirm team invite for mismatched email address  
							
							... 
							
							
							
							Currently, if a user tries to confirm an invite sent to them on an account with a mismatching email address, we simply redirect to the org (where they get a 403). This change ensures they get the proper error response message, and restyles the error page to be nicer.
Fixes  #2227 
Fixes https://www.pivotaltracker.com/story/show/136088507  
							
						 
						
							2016-12-15 17:15:11 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ian Minoso 
								
							 
						 
						
							
							
							
							
								
							
							
								1eff25f459 
								
							 
						 
						
							
							
								
								Merge pull request  #2239  from iminoso/loading  
							
							... 
							
							
							
							Add throbber while waiting for builds to load 
							
						 
						
							2016-12-15 13:27:48 -08:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ian Minoso 
								
							 
						 
						
							
							
							
							
								
							
							
								149dd46076 
								
							 
						 
						
							
							
								
								Add throbber while waiting for builds to load  
							
							
							
						 
						
							2016-12-15 13:01:33 -08:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Brad Ison 
								
							 
						 
						
							
							
							
							
								
							
							
								2730c26b2e 
								
							 
						 
						
							
							
								
								Merge pull request  #2237  from coreos-inc/metrics-labels  
							
							... 
							
							
							
							Don't record size in chunk upload metrics 
							
						 
						
							2016-12-15 14:20:34 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Brad Ison 
								
							 
						 
						
							
							
							
							
								
							
							
								df7366eace 
								
							 
						 
						
							
							
								
								Add chunk size metric  
							
							
							
						 
						
							2016-12-15 13:20:16 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ian Minoso 
								
							 
						 
						
							
							
							
							
								
							
							
								77215b7de4 
								
							 
						 
						
							
							
								
								Merge pull request  #2232  from iminoso/services  
							
							... 
							
							
							
							Basic builds table for new repo view 
							
						 
						
							2016-12-14 15:52:39 -08:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ian Minoso 
								
							 
						 
						
							
							
							
							
								
							
							
								f0be3013ac 
								
							 
						 
						
							
							
								
								clear setinterval after unmounting component  
							
							
							
						 
						
							2016-12-14 15:04:56 -08:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Erica 
								
							 
						 
						
							
							
							
							
								
							
							
								135f4dae0c 
								
							 
						 
						
							
							
								
								Merge pull request  #2213  from coreos-inc/ISSUE-2026-204-response  
							
							... 
							
							
							
							fix(endpoints/api): return empty 204 resp 
							
						 
						
							2016-12-14 17:13:57 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								15041ac5ed 
								
							 
						 
						
							
							
								
								Add a fake security scanner class for easier testing  
							
							... 
							
							
							
							The FakeSecurityScanner mocks out all calls that Quay is expected to make to the security scanner API, and returns faked data that can be adjusted by the calling test case 
							
						 
						
							2016-12-14 17:11:45 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								d0ec5afa9c 
								
							 
						 
						
							
							
								
								Merge pull request  #2235  from coreos-inc/clair-load-error-message  
							
							... 
							
							
							
							Add error message if security scan not found 
							
						 
						
							2016-12-14 16:32:57 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									EvB 
								
							 
						 
						
							
							
							
							
								
							
							
								0a5d4990e6 
								
							 
						 
						
							
							
								
								test(endpoints/api): ensure empty 202 resp  
							
							
							
						 
						
							2016-12-14 16:32:06 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									EvB 
								
							 
						 
						
							
							
							
							
								
							
							
								43aed7c6f4 
								
							 
						 
						
							
							
								
								fix(endpoints/api): return empty 204 resp  
							
							... 
							
							
							
							Return an empty body on API requests with status code 204, which
means "No content". Incorrect 'Deleted' responses were being
returned after successful DELETE operations despite the "No Content"
definition of 204. 
							
						 
						
							2016-12-14 16:22:39 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Brad Ison 
								
							 
						 
						
							
							
							
							
								
							
							
								8f59ac1251 
								
							 
						 
						
							
							
								
								Don't record size in chunk upload metrics  
							
							
							
						 
						
							2016-12-14 12:16:02 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								fde81c1b58 
								
							 
						 
						
							
							
								
								Merge pull request  #2236  from coreos-inc/qss-notification  
							
							... 
							
							
							
							Send notifications for previously unscannable layers in QSS 
							
						 
						
							2016-12-14 11:56:24 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								6871eb95b1 
								
							 
						 
						
							
							
								
								Send notifications for previously unscannable layers in QSS  
							
							... 
							
							
							
							Following this change, if an image was previously indexed unsuccessfully, then we will send notifications once successfully indexed 
							
						 
						
							2016-12-14 11:25:45 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								b83784f1e1 
								
							 
						 
						
							
							
								
								Add error message if security scan not found  
							
							... 
							
							
							
							This change ensures that the user gets an error message (and not a blank tab) if the security scan information could not be successfully loaded
Fixes https://www.pivotaltracker.com/story/show/136072509  
							
						 
						
							2016-12-14 00:50:06 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								2a6632cff4 
								
							 
						 
						
							
							
								
								Merge pull request  #2234  from coreos-inc/select-image-test  
							
							... 
							
							
							
							Add a test for selecting images to be scanned 
							
						 
						
							2016-12-14 00:34:27 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								a9a75cd4cf 
								
							 
						 
						
							
							
								
								Add a test for selecting images to be scanned  
							
							
							
						 
						
							2016-12-14 00:07:48 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								3dea6f6c92 
								
							 
						 
						
							
							
								
								Merge pull request  #2233  from coreos-inc/reindex-clair  
							
							... 
							
							
							
							Have security scanner analyze only send notifications for *new* layers 
							
						 
						
							2016-12-13 23:45:48 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								624b2a8385 
								
							 
						 
						
							
							
								
								Have security scanner analyze only send notifications for *new* layers  
							
							... 
							
							
							
							Following this change, anytime a layer is indexed by the security scanner, we only send notifications out if the layer previously had a security_indexed_engine value of `-1`, thus ensuring it has *never* been indexed previously. This will allow us to change to version of the security scanner upwards, and have all the images be re-indexed, without firing off notifications in a spammy manner. 
							
						 
						
							2016-12-13 23:17:11 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ian Minoso 
								
							 
						 
						
							
							
							
							
								
							
							
								1ed3c1444d 
								
							 
						 
						
							
							
								
								Basic builds table for new repo view  
							
							
							
						 
						
							2016-12-13 16:46:35 -08:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Evan Cordell 
								
							 
						 
						
							
							
							
							
								
							
							
								5686c80af1 
								
							 
						 
						
							
							
								
								Revert "Add GC of layers in Clair"  
							
							... 
							
							
							
							This reverts 49872838ab 
							
						 
						
							2016-12-13 18:40:58 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Evan Cordell 
								
							 
						 
						
							
							
							
							
								
							
							
								dd5f7cbe6c 
								
							 
						 
						
							
							
								
								Fix the ephemeral build metrics  
							
							
							
						 
						
							2016-12-13 18:28:04 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Evan Cordell 
								
							 
						 
						
							
							
							
							
								
							
							
								808266574e 
								
							 
						 
						
							
							
								
								Update changelog for v2.0.3 ( #2226 )  
							
							... 
							
							
							
							* Update changelog for v2.0.3 
							
						 
						
							2016-12-09 16:44:41 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								648fed769b 
								
							 
						 
						
							
							
								
								Merge pull request  #2224  from coreos-inc/oauth-state  
							
							... 
							
							
							
							Have Quay always use an OAuth-specific CSRF token 
							
						 
						
							2016-12-09 15:16:01 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								fd364ccca3 
								
							 
						 
						
							
							
								
								Remove unneeded exception var  
							
							
							
						 
						
							2016-12-09 14:52:49 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								1e5b97318a 
								
							 
						 
						
							
							
								
								Fix loading of public keys for OIDC under Linux  
							
							... 
							
							
							
							Python's crypto lib under Linux has issues with loading PEM-encoded keys, so we just load it as a DER here and give PyJWT the key *instance* to use directly. 
							
						 
						
							2016-12-09 14:26:56 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								1302fd2fbd 
								
							 
						 
						
							
							
								
								Switch csrf token check to use compare_digest to prevent timing attacks  
							
							... 
							
							
							
							Also adds some additional tests for CSRF tokens 
							
						 
						
							2016-12-08 23:46:31 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								dbdcb802b1 
								
							 
						 
						
							
							
								
								Add end-to-end OAuth login and attach tests  
							
							
							
						 
						
							2016-12-08 18:35:42 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								36324708db 
								
							 
						 
						
							
							
								
								Fix small pylint issues  
							
							
							
						 
						
							2016-12-08 16:21:44 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								ff52fde8a5 
								
							 
						 
						
							
							
								
								Have Quay always use an OAuth-specific CSRF token  
							
							... 
							
							
							
							This change ensures that we always store and then check the contents of the OAuth `state` argument against a session-stored CSRF token.
Fixes https://www.pivotaltracker.com/story/show/135803615  
							
						 
						
							2016-12-08 16:11:57 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Charlton Austin 
								
							 
						 
						
							
							
							
							
								
							
							
								ec6ecc02ed 
								
							 
						 
						
							
							
								
								Merge pull request  #2223  from charltonaustin/removing_unused_imports  
							
							... 
							
							
							
							Removing an unused import. 
							
						 
						
							2016-12-08 15:31:36 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Charlton Austin 
								
							 
						 
						
							
							
							
							
								
							
							
								0b8c2ef92f 
								
							 
						 
						
							
							
								
								Removing an unused import.  
							
							
							
						 
						
							2016-12-08 13:53:52 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								34f2ddce87 
								
							 
						 
						
							
							
								
								Merge pull request  #2222  from coreos-inc/bust-apt-cache  
							
							... 
							
							
							
							Bust apt cache 
							
						 
						
							2016-12-07 18:10:26 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								1fdca26632 
								
							 
						 
						
							
							
								
								Bust apt cache  
							
							
							
						 
						
							2016-12-07 18:09:33 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								410b9d74fc 
								
							 
						 
						
							
							
								
								Merge pull request  #2214  from coreos-inc/clair-gc  
							
							... 
							
							
							
							Add GC of layers in Clair 
							
						 
						
							2016-12-07 17:58:21 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								543d86ae10 
								
							 
						 
						
							
							
								
								Merge pull request  #2221  from coreos-inc/fix-error-pages  
							
							... 
							
							
							
							Have all error pages be rendered by Angular 
							
						 
						
							2016-12-07 17:53:14 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								111b7b0788 
								
							 
						 
						
							
							
								
								Merge pull request  #2206  from coreos-inc/ldap-user-search-fix  
							
							... 
							
							
							
							Fix external auth returns for query_user calls 
							
						 
						
							2016-12-07 17:53:04 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									josephschorr 
								
							 
						 
						
							
							
							
							
								
							
							
								c5111d7930 
								
							 
						 
						
							
							
								
								Merge pull request  #2144  from coreos-inc/buildlogs-improvements  
							
							... 
							
							
							
							Change the append build log method to execute the two calls via one pipelined connection 
							
						 
						
							2016-12-07 17:52:22 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								c06bba38de 
								
							 
						 
						
							
							
								
								Have all error pages be rendered by Angular  
							
							... 
							
							
							
							Fixes  #2198 
Fixes https://www.pivotaltracker.com/story/show/135724483  
						
							2016-12-07 17:49:02 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								00eafff747 
								
							 
						 
						
							
							
								
								Merge pull request  #2204  from jzelinskie/429builds  
							
							... 
							
							
							
							add rate limiting to build queues 
							
						 
						
							2016-12-07 15:03:31 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Joseph Schorr 
								
							 
						 
						
							
							
							
							
								
							
							
								3203fd6de1 
								
							 
						 
						
							
							
								
								Fix external auth returns for query_user calls  
							
							... 
							
							
							
							Adds the missing field on the query_user calls, updates the external auth tests to ensure it is returned properly, and adds new end-to-end tests which call the external auth engines via the *API*, to ensure this doesn't break again 
							
						 
						
							2016-12-07 14:28:42 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Charlton Austin 
								
							 
						 
						
							
							
							
							
								
							
							
								9720efbdb6 
								
							 
						 
						
							
							
								
								Merge pull request  #2218  from charltonaustin/fix_set_to_Set  
							
							... 
							
							
							
							Fixing api usage. 
							
						 
						
							2016-12-07 13:28:01 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Jimmy Zelinskie 
								
							 
						 
						
							
							
							
							
								
							
							
								b671ee938a 
								
							 
						 
						
							
							
								
								Merge pull request  #2174  from jzelinskie/pngcrush  
							
							... 
							
							
							
							dockerfile: optimize static images 
							
						 
						
							2016-12-07 13:04:28 -05:00