vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
9054 commits 2 branches 62 tags 205 MiB
Commit graph

232 commits

Author SHA1 Message Date
Joseph Schorr
e78b5c5516 Add an additional short circuit to avoid parsing the manifest when not necessary for older Docker clients 
We also add tests for this case
 2019-01-11 16:37:23 -05:00
Joseph Schorr
7f068c3fc3 Skip parsing the manifest where applicable 
Instead of always parsing (like we did previously), we now only parse the manifest if conversion is necessary. This should save significant CPU.
 2019-01-11 15:24:21 -05:00
Joseph Schorr
eb9ca8e8a8 Fix handling of four byte utf8 manifests 
- Adds the charset: utf-8 to all the manifest responses
- Makes sure we connect to MySQL in utf8mb4 mode, to ensure we can properly read and write 4-byte utf8 strings
- Adds tests for all of the above
 2019-01-10 16:34:56 -05:00
Joseph Schorr
171c7e5238 Further fixes for unicode handling in manifests 
We were occasionally trying to compute schema 2 version 1 signatures on the *unicode* representation, which was failing the signature check. This PR adds a new wrapper type called `Bytes`, which all manifests must take in, and which handles the unicodes vs encoded utf-8 stuff in a central location. This PR also adds a test for the manifest that was breaking in production.
 2019-01-09 15:14:41 -05:00
Joseph Schorr
e309508776 Change lookup of blobs to not use a subquery, which is murder on MySQL 2019-01-03 15:41:21 -05:00
Joseph Schorr
3c2e050593 Support pulling of schema2 manifests directly via a manifest list tag 
This change ensures that if a manifest list is requested with an accepts header for a *schema 2* manifest, the legacy manifest (if any) is returned as schema 2 if it was pushed as a schema 2 manifest (rather than being auto-converted to schema 1)
 2018-12-07 11:57:13 -05:00
Joseph Schorr
c3710a6a5e Add ability for specific geographic regions to be blocked from pulling images within a namespace 2018-12-06 17:14:45 -05:00
Joseph Schorr
63f9043312 Code review small fixes 2018-11-28 12:56:16 +02:00
Joseph Schorr
180d8847db Fix image replication for images with remote layers 2018-11-26 16:15:48 +02:00
Joseph Schorr
e6c2ddfa93 Add support for direct pushing of schema 2 manifests without tags 
This is required for manifest lists
 2018-11-19 14:01:41 +02:00
Joseph Schorr
d97055e2ba Code review fixes 2018-11-14 09:15:58 +02:00
Joseph Schorr
7a794e29c0 Add tests for manifest lists and fix some issues encountered while testing 2018-11-13 21:03:20 +02:00
Joseph Schorr
7b9f56eff3 Fixes to ensuring existing code can process schema 2 manifests 2018-11-13 17:13:51 +02:00
Joseph Schorr
849e613386 Implement support for schema 2 manifests 2018-11-13 11:49:12 +02:00
Joseph Schorr
30f072aeff Add support for creating schema 2 manifests and manifest lists via the OCI model 2018-11-12 23:27:49 +02:00
Joseph Schorr
fdcb8bad23 Implement the new OCI-based registry data model 
Note that this change does *not* enable the new data model by default, but does allow it to be used when a special environment variable is specified.
 2018-11-07 22:07:58 -05:00
Joseph Schorr
114e2c3bf2 Have all tag code add, modify and delete both old and new style tags 
This preps us for being able to use the new data model with existing repositories
 2018-11-01 17:59:10 -04:00
Joseph Schorr
88f19ee0b9 Make blob upload errors more specific 2018-10-29 12:21:18 -04:00
Joseph Schorr
4a7b4ad06a Fix disabled namespace check 2018-10-18 14:25:40 -04:00
Joseph Schorr
cbf0edb164 Address remaining usage of the old data interface 2018-10-18 14:25:40 -04:00
Joseph Schorr
3a8a913ad3 Convert V2's catalog endpoint to use the new data model interface 2018-10-18 14:25:40 -04:00
Joseph Schorr
e91ba98e1b Convert V2's tag endpoints to use the new data model interface 2018-10-18 14:25:40 -04:00
Joseph Schorr
6b5064aba4 Convert V2's manifest endpoints to use the new data model interface 2018-10-18 14:25:40 -04:00
Joseph Schorr
a172de4fdc Reimplement cache support for blobs in the registry data model 2018-10-18 14:25:40 -04:00
Joseph Schorr
7a68c41f1c Convert V2 to use the blob uploader interface 2018-10-18 14:25:40 -04:00
Joseph Schorr
f297249100 Move manifest backfill for V1 tags into the new registry model interface 2018-08-27 15:01:27 -04:00
Jimmy Zelinskie
b7573a8c88 endpoints/v2: fail clients not accepting schema v1 2018-08-15 14:49:26 -04:00
Jimmy Zelinskie
568ca1d7ba delete trailing whitespace 2018-08-15 13:21:26 -04:00
Joseph Schorr
56222f95dc Change manifest creation to take in the map of blobs that form the manifest 
We need to lookup the blobs *specific to the images in that manifest*, so we now pass them in from the locations in which we know that information
 2018-08-07 16:28:50 -04:00
Joseph Schorr
e33ccff8cb Fix query count in test 2018-08-07 14:52:33 -04:00
Joseph Schorr
a46660a06f Add new Manifest, ManifestLabel, ManifestLegacyImage and ManifestBlob tables and start writing and GCing to/from them 
This change also starts passing in the manifest interface, rather than the raw data, to the model for writing.

Note that this change does *not* backfill the existing rows in to the new tables; that will occur in a followup PR. The new columns in `tagmanifest` and `tagmanifestlabel` will be used to track the backfill, as it will occur in a worker.
 2018-08-06 13:01:11 -04:00
Joseph Schorr
58e553838c Move manifest corner case tests to pytest 2018-07-17 16:40:56 -04:00
Joseph Schorr
2caaf84f31 Add caching support to catalog 
We will now cache the results of the catalog for 60s and not hit the database at all if cached
 2018-06-20 14:58:01 -04:00
Joseph Schorr
3161b60522 Switch V2 pagination back to using IDs, which should be much faster and easier on the DB 
Also adds a test for the tags endpoint
 2018-06-18 16:11:26 -04:00
Joseph Schorr
0fa1a1d5fd Implement support for blob mounting via the mount parameter on blob uploads 
Fixes https://jira.coreos.com/browse/QUAY-893
 2018-06-06 11:31:28 -04:00
Joseph Schorr
ef167ab7e3 Rate limit the catalog endpoint by auth token and IP address 2018-06-05 18:24:31 -04:00
Joseph Schorr
2e0edf8f6e Have catalog endpoint return empty if the namespace is disabled 2018-06-05 17:31:00 -04:00
Joseph Schorr
f86c087b3b Prevent registry operations against disabled namespaces 
Allows admins to completely wall off a namespace by disabling it

Fixes https://jira.coreos.com/browse/QUAY-869
 2018-05-22 18:36:04 -04:00
Joseph Schorr
a59c951aa3 Add support for multiple scope parameters on V2 auth requests 
Fixes https://jira.coreos.com/browse/QUAY-892
 2018-04-18 20:16:49 +03:00
Joseph Schorr
86aa93aab5 Add a new test suite for the v2auth generate_registry_jwt endpoint 2018-04-18 20:16:49 +03:00
Joseph Schorr
3586955669 Remove license code in Quay 
No longer needed under Red Hat rules \o/

Fixes https://jira.coreos.com/browse/QUAY-883
 2018-03-20 17:03:35 -04:00
Joseph Schorr
24b77bbc10 Fix serialization of blobs to/from the cache 
Also makes sure the test checks that serialization
 2018-03-02 14:22:55 -05:00
Joseph Schorr
e220b50543 Refactor auth code to be cleaner and more extensible 
We move all the auth handling, serialization and deserialization into a new AuthContext interface, and then standardize a registration model for handling of specific auth context types (user, robot, token, etc).
 2018-02-14 15:35:27 -05:00
Joseph Schorr
eae9175950 Allow size of pages in V2 api to be configurable 2018-02-02 13:54:41 -05:00
Joseph Schorr
9e16a989f5 Audit the number of SQL queries we make in writing manifests, and significantly reduce in the common case 
Instead of 41 queries now for the simple manifest, we are down to 14.

The biggest changes:
  - Only synthesize the V1 image rows if we haven't already found them in the database
  - Thread the repository object through to the other model method calls, and use it instead of loading again and again
 2018-01-25 11:10:43 -05:00
Joseph Schorr
524d77f527 Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password 2018-01-04 15:27:41 -05:00
Joseph Schorr
c1cff32c1e Fix log levels in registry 2018-01-04 13:07:11 -05:00
Joseph Schorr
11e3724919 Return an http 415 (manifest version not supported) for OCI manifest content types 
This was breaking skopeo, as it first tries to send the *OCI* manifest type, which we didn't say we didn't support, thus breaking the tool
 2017-12-20 11:02:34 -05:00
Joseph Schorr
9e16596854 Add a bunch of logging to the data model caching mechanism 
Should help us debug any potential issues
 2017-12-18 14:18:37 -05:00
Joseph Schorr
b2485934ed Enable caching of blobs in V2 registry protocol, to avoid DB connections after the cache has been loaded 
This should help for bursty pull traffic, as it will avoid DB connections on a huge % of requests
 2017-12-14 13:38:24 -05:00