Joseph Schorr
b87427aefb
Add missing pyjwkest dependency
2015-08-25 14:18:07 -04:00
Joseph Schorr
f092c00621
Allow builds to be started with an external archive URL
...
Fixes #114
2015-08-17 17:01:49 -04:00
Jake Moshenko
e1b3e9e6ae
Another huge batch of registry v2 changes
...
Add patch support and resumeable sha
Implement all actual registry methods
Add a simple database generation option
2015-08-12 16:41:12 -04:00
Jake Moshenko
2109d24483
Add the toposort dependency.
2015-07-17 11:50:41 -04:00
Jake Moshenko
1fb676d1f6
Refresh the dependencies and switch back to upstream peewee now that coleifer has added a fix.
2015-07-06 15:02:52 -04:00
Jimmy Zelinskie
3fb052be3c
reqs: fallback to vendored python-etcd
...
We need to figure out why this is a problem, but it can't block our
deployment for now.
2015-06-24 16:20:07 -04:00
Jimmy Zelinskie
a88144543a
reqs: remove unused dependencies
2015-06-24 15:05:32 -04:00
Jimmy Zelinskie
d9111fb51d
reqs: use packaged python-etcd
...
After updating our apt-get cache, using the fix in our vendored version
is no longer necessary.
2015-06-24 14:02:13 -04:00
Jake Moshenko
5f1d23c6e8
Use a UNION query instead of a multitude of left outer joins for performance reasons.
...
Fixes #159
2015-06-23 17:18:37 -04:00
Jake Moshenko
2a2414d6af
Merge pull request #60 from coreos-inc/jwtauthentication
...
Add support for an external JWT-based authentication system
2015-06-05 13:37:42 -04:00
Joseph Schorr
8aac3fd86e
Add support for an external JWT-based authentication system
...
This authentication system hits two HTTP endpoints to check and verify the existence of users:
Existance endpoint:
GET http://endpoint/ with Authorization: Basic (username:) =>
Returns 200 if the username/email exists, 4** otherwise
Verification endpoint:
GET http://endpoint/ with Authorization: Basic (username:password) =>
Returns 200 and a signed JWT with the user's username and email address if the username+password validates, 4** otherwise with the body containing an optional error message
The JWT produced by the endpoint must be issued with an issuer matching that configured in the config.yaml, and the audience must be "quay.io/jwtauthn". The JWT is signed using a private key and then validated on the Quay.io side with the associated public key, found as "jwt-authn.cert" in the conf/stack directory.
2015-06-05 13:20:10 -04:00
Joseph Schorr
698f62388e
Switch the python-etcd client to the sslfix branch
...
This fixes an issue with urllib3 and SSL
2015-06-03 14:32:32 -04:00
Jake Moshenko
7bc5f7a1ca
Merge pull request #53 from coreos-inc/v1test
...
Add tests for the registry that mimic Docker's calls
2015-06-02 12:24:42 -04:00
Joseph Schorr
9585e2a765
End-to-end registry tests
2015-06-01 16:35:30 -04:00
josephschorr
491de200f6
Merge pull request #45 from coreos-inc/ldapreferfix
...
Fix LDAP referral and multiple pair handling
2015-06-01 14:11:00 -04:00
Joseph Schorr
e4e82790ca
Remove unneeded avatar library
2015-06-01 13:32:57 -04:00
Joseph Schorr
386b1710ed
Merge branch 'master' into ldapreferfix
2015-05-27 15:15:47 -04:00
Joseph Schorr
1aff701bc7
Fix LDAP referral and multiple pair handling
...
Fixes two issues found with our LDAP handling code. First, we now follow referrals in both LDAP calls, as some LDAP systems will return a referral instead of the original record. Second, we now make sure to handle multiple search result pairs properly by further filtering based on the presence of the 'mail' attribute when we have multiple valid pairs. This CL also adds tests for all of the above cases.
2015-05-27 15:04:34 -04:00
Joseph Schorr
5845e37e32
Add Swift storage library
2015-05-26 16:05:21 -04:00
Joseph Schorr
efab02ae47
LDAP improvements:
...
- Better logging
- Better error messages
- Add unit tests
- Clean up the setup tool for LDAP
2015-05-11 21:23:18 -04:00
Jimmy Zelinskie
eb3d88bd92
requirements.txt: add gitlab library
2015-05-01 20:31:15 -04:00
Joseph Schorr
6479f8ddc9
Work In Progress!
...
Get the full activation and deactivation cycle working for bitbucket.
2015-04-28 18:15:12 -04:00
Joseph Schorr
a34d56045f
Add scoring based on the string distance
2015-04-07 12:32:23 -04:00
Jimmy Zelinskie
34ceb274c3
requirements: switch to vendored python-etcd
2015-02-23 14:31:24 -05:00
Joseph Schorr
f7615b2e96
Add missing lib requirement
2015-02-18 14:17:09 -05:00
Joseph Schorr
f107b50a46
Merge branch 'master' into ackbar
2015-02-12 12:04:45 -05:00
Joseph Schorr
98b4f62ef7
Switch to using a squashed image for the build workers
2015-02-10 15:43:01 -05:00
Joseph Schorr
045614c6c8
Merge branch 'master' into ackbar
2015-02-09 17:16:42 -05:00
Joseph Schorr
cf774e23df
Merge branch 'master' into v2
2015-02-05 15:37:14 -05:00
Joseph Schorr
9dfe523615
Merge master changes
2015-02-05 13:11:16 -05:00
Joseph Schorr
400ffa73e6
Add SSL cert and key validation
2015-02-05 13:06:56 -05:00
Joseph Schorr
bfb0784abc
Add signing to the ACI converter
2015-02-04 15:29:24 -05:00
Jake Moshenko
f2471a86f6
Fix the python requirements. Add the ability to map in etcd client certs and ca.
2015-01-22 10:53:23 -05:00
Jake Moshenko
44f7ab53a2
Merge remote-tracking branch 'origin/master' into ephemeral
2015-01-21 13:39:27 -05:00
Jimmy Zelinskie
0da9c5826b
Update MixPanel and use BufferedConsumer
2015-01-16 16:04:13 -05:00
Jimmy Zelinskie
f4d078e87a
vendor pygithub
...
It's going to be a long time before the developer decides to merge our
changes upstream.
2015-01-06 15:41:29 -05:00
Jake Moshenko
12ee8e0fc0
Switch a few of the buildman methods to coroutines in order to support network calls in methods. Add a test for the ephemeral build manager.
2014-12-22 12:14:16 -05:00
Jake Moshenko
2d7e844753
First implementation of ephemeral build lifecycle manager.
2014-12-16 13:41:30 -05:00
Jimmy Zelinskie
f3259c862b
Merge branch 'koh'
...
Conflicts:
auth/scopes.py
requirements-nover.txt
requirements.txt
static/css/quay.css
static/directives/namespace-selector.html
static/js/app.js
static/partials/manage-application.html
templates/oauthorize.html
2014-12-01 12:30:09 -08:00
Joseph Schorr
72d613614d
Merge branch 'bagger'
2014-12-01 12:48:59 -05:00
Joseph Schorr
9d675b51ed
- Change SSL to only be enabled via an environment variable. Nginx will be terminating SSL for the ER.
...
- Add the missing dependencies to the requirements.txt
- Change the builder ports to non-standard locations
- Add the /b1/socket and /b1/controller endpoints in nginx, to map to the build manager
- Have the build manager start automatically.
2014-11-25 18:08:18 -05:00
Jake Moshenko
1c32faa31d
Update the requirements-nover.txt to pull from the forked avatar lib and to use the proper forked libs in the versioned requirements.txt.
2014-11-25 16:23:49 -05:00
Jimmy Zelinskie
a1ea2f6571
Update requirements.txt
2014-11-25 16:08:29 -05:00
Jimmy Zelinskie
716d7a737b
Strip whitespace from ALL the things.
2014-11-24 16:07:38 -05:00
Jake Moshenko
a77ccee9cd
Refresh the dependencies and switch to upstream docker-py.
2014-11-21 12:39:01 -05:00
Joseph Schorr
007efb1143
Switch to using our branch of docker-py
2014-10-15 16:03:16 -04:00
Jake Moshenko
11bb8e6448
Actually store the generated image storage in the database, and allow it to be garbage collected when the parent image storage is collected.
2014-09-18 17:26:40 -04:00
Joseph Schorr
5b3514b49c
Add missing pyyaml dependency
2014-08-21 20:38:30 -04:00
Joseph Schorr
d2880807b2
- Further fixes for license stuff
...
- Small fixes to ensure Quay works for Postgres
2014-08-21 19:21:20 -04:00
Jake Moshenko
09917ff062
Switch unidecode over to the new anunidecode library and write some tests to validate results.
2014-08-01 15:50:25 -04:00
Jake Moshenko
2d21dc9293
Replace the GPLed aniso8601 library with a fake version.
2014-07-31 17:01:26 -04:00
Jake Moshenko
6b38ddb9b6
Remove the gpled loremipsum module.
2014-07-31 16:46:02 -04:00
Jake Moshenko
db953cdc79
Temporarily downgrade the gunicorn version until the fix for this bug is available: https://github.com/benoitc/gunicorn/issues/790
2014-07-17 14:04:51 -04:00
Jake Moshenko
cceb09d4f6
Remove some unused dependencies and update the rest.
2014-07-17 12:08:07 -04:00
Jake Moshenko
0e14493edd
Fix the logentries version in requirements.txt.
2014-06-11 22:11:31 -04:00
Joseph Schorr
3b3b55cf5d
Add logging to log entries
2014-06-11 20:53:28 -04:00
Jake Moshenko
33b43b75c0
Eliminate a lot of the if cases in create_user by separating them out. Add a limit to the number of users which can be created based on the license. Add support for creating and loading licenses.
2014-05-28 13:51:52 -04:00
Jake Moshenko
5fdccfe3e6
Add an alembic migration for the full initial database with the data. Switch LDAP to using bind and creating a federated login entry. Add LDAP support to the registry and index endpoints. Add a username transliteration and suggestion mechanism. Switch the database and model to require a manual initialization call.
2014-05-13 12:17:26 -04:00
Jake Moshenko
027ada1f5c
First stab at LDAP integration.
2014-05-09 17:39:43 -04:00
Jake Moshenko
a5a61576ae
Revamp the logging a bit. Not quite done yet.
2014-05-01 19:44:28 -04:00
Jake Moshenko
fe665118bb
Add sentry exception monitoring.
2014-04-28 18:59:22 -04:00
jakedt
61a6db236f
Finish the implementation of local userfiles. Strip charsets from mimetypes in the build worker. Add canonical name ordering to the build queue. Port all queues to the canonical naming version.
2014-04-11 18:34:47 -04:00
jakedt
8fac0474b5
Get staging to run under docker on an EC2 host.
2014-04-10 18:30:09 -04:00
jakedt
126363dce9
Use our patched version of docker-py with build credentials patched in. Fix the hostname in the build credentials block to be variable.
2014-04-01 11:38:17 -04:00
jakedt
7c14190d2a
Freeze the version of docker-py to 0.3.0 and create a fancy streaming json decoder to work around the lack of newlines in push statuses.
2014-03-28 17:53:33 -04:00
jakedt
25ceb90fc6
Add some sort of oauth.
2014-03-12 12:37:06 -04:00
jakedt
de1a44f853
First attempt at using flask-restful and swagger api documentation.
2014-03-10 18:30:41 -04:00
yackob03
6b1fcefc26
Check in progress on github connection, this will not work.
2014-02-11 13:53:44 -05:00
yackob03
df389e81c7
Fix up the test endpoints with better fake data. Install them at a known location. Update the building test repository to point to the new fakes.
2014-02-05 20:01:23 -05:00
yackob03
67e0736fc6
Separate out the dockerfile build stuff to a separate class. Add a dependency on docker-py master.
2014-02-05 11:07:54 -05:00
yackob03
5270066d6d
Switch to the redis backed build logs and status.
2014-02-03 19:08:37 -05:00
yackob03
c13654bb52
First attempt at emitting logstash style logs.
2014-01-30 13:32:06 -05:00
yackob03
af4c67d7cb
Switch from eventlet to gevent, it seems to work better with flask static files.
2013-11-18 18:42:02 -05:00
yackob03
bde0a29296
Switcht the requirements and -nover files to the standard formatting.
2013-11-18 15:00:08 -05:00
yackob03
d3d593f7e1
Add some missing dependencies to for the workers.
2013-10-29 18:14:22 -04:00
yackob03
9b9a29c310
Flesh out the create API and wire everything up together. Next up, testing.
2013-10-25 01:14:38 -04:00
yackob03
607bf3ecc4
Daemonize the worker.
2013-10-18 17:52:55 -04:00
yackob03
93b856bdb3
First few changes for the image diffs feature.
2013-10-17 18:25:19 -04:00
yackob03
785995b473
First stab at trying to pre-render content for search crawlers.
2013-10-10 20:53:14 -04:00
yackob03
00b8244661
Add analytics on push and pull repo events in the backend.
2013-10-03 16:19:01 -04:00
Ubuntu
fc80616eab
Set up for running under gunicorn and nginx.
2013-10-02 20:42:12 +00:00
yackob03
7bd18c1bab
Checkpointing stripe work.
2013-10-02 00:48:03 -04:00
yackob03
52db1c8796
Try using pymysql instead of mysqldb.
2013-09-30 20:26:41 -04:00
yackob03
84adf680b9
Switch the registry and index to use real s3 and rds.
2013-09-30 19:10:27 -04:00
yackob03
b0720aac1c
Update to support running on elasticbeanstalk.
2013-09-30 16:14:48 -04:00