vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
6661 commits 2 branches 62 tags 205 MiB
Commit graph

591 commits

Author SHA1 Message Date
Joseph Schorr
73cb3c00ec Remove unused import 2016-06-03 13:33:22 -04:00
Joseph Schorr
53538f9001 Optimize get_tag_image query 
No caller uses the image placements or locations, so no need to load them.
 2016-06-02 16:36:38 -04:00
Jimmy Zelinskie
2317938bfa Merge pull request #1496 from jzelinskie/ripRMS 
dockerfile: add check for GPL pip packages
 2016-06-02 12:28:18 -04:00
Joseph Schorr
04df2410ec Add better errors if Redis is down 
Fixes #1497
 2016-05-31 15:24:36 -04:00
Jimmy Zelinskie
70f794b0af replace rfc3987 library with urlparse 
The former is GPL licensed.
 2016-05-26 13:29:48 -04:00
Joseph Schorr
60bbca2185 Fix setup tool when binding to external auth 
We now query the external auth provider for the external service's identifier before adding the linking row into the database. This fixes the case where the external service resolves a different identifier for the same username.

Fixes #1477
 2016-05-23 17:11:36 -04:00
Joseph Schorr
73fa593d02 Various small fixes in prep for QE release 2016-05-04 15:20:27 -04:00
josephschorr
550b9cb2b3 Merge pull request #1428 from coreos-inc/clair-setup-new 
Implement setup tool support for Clair
 2016-05-04 13:52:54 -04:00
Joseph Schorr
2cbdecb043 Implement setup tool support for Clair 
Fixes #1387
 2016-05-04 13:40:50 -04:00
Joseph Schorr
6e2df3b339 Fix key server to not list expired keys 
Fixes the key server to not list expire keys and by default not return expired or unapproved keys unless explicitly requested.

Fixes #1430
 2016-05-03 17:58:47 -04:00
Evan Cordell
2242c6773d Add 'Automatic' ServiceKeyApprovalType 2016-04-29 14:10:33 -04:00
Evan Cordell
668ce2c7cd Generate private key on startup 2016-04-29 14:10:33 -04:00
Joseph Schorr
4f63a50a17 Change account-less logs to use a user and not null 
This allows us to skip the migration
 2016-04-29 14:09:37 -04:00
Joseph Schorr
522cf68c5d Lots of smaller fixes: 
- Add the rotation_duration to the keys API
- Have the key service UI use the new rotation_duration field
- Fix notification deletion lookup path
- Add proper support for the new notification in the UI
- Only delete expired keys after 7 days (configurable)
- Fix angular digest loop
- Fix unit tests
- Regenerate initdb
 2016-04-29 14:05:16 -04:00
Joseph Schorr
08017c5111 Further UI updates 2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
d19eb16b45 keyserver: add generate key function 
The superuser API, initdb, and tests will all need this functionality.
 2016-04-29 14:05:16 -04:00
Joseph Schorr
fb1dca4e94 Add API usage tests 2016-04-29 14:05:16 -04:00
Joseph Schorr
11ff3e9b59 keys ui WIP 2016-04-29 14:05:16 -04:00
Jimmy Zelinskie
885a41e6f5 key server: misc fixes to make jwtproxy work 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
93720bd0f4 superuser: proper view for approvals/keys 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
c6b8b3ce8c service_keys: s/get_keys/list_keys 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
97ae800e6c canonicalize json 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
f406942984 converging on proper rotation 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
aaf9e83278 basically finish superuser key api 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
35ed73e195 rework superuser api 2016-04-29 13:38:25 -04:00
Jimmy Zelinskie
4079dba167 service keys: do all the right stuff 2016-04-29 13:38:25 -04:00
Evan Cordell
9a1d97216b Switch error mimetype back to application/json 2016-04-18 17:42:08 -05:00
Evan Cordell
4d7843580f Fix superuser page 2016-04-15 16:50:01 -04:00
Evan Cordell
09064853ac Merge pull request #1364 from ecordell/error-json-fixes 
Fix error-related issues
 2016-04-13 13:32:00 -04:00
Evan Cordell
eb3e7eba88 Merge pull request #1351 from ecordell/document-201-swagger 
Swagger: document 201 responses for POST requests
 2016-04-13 09:50:34 -04:00
Evan Cordell
e1b3312495 Add back error_message and error_type for backwards-compatibility 2016-04-13 09:11:40 -04:00
Evan Cordell
7b44beb1fd Fix WWW-Authenticate header on 401 2016-04-13 09:01:42 -04:00
Evan Cordell
d67c4ba46c Fix formatting in endpoints/api/error.py 2016-04-12 16:53:50 -04:00
Evan Cordell
1cdbd89120 Fix test (response validation in debug mode) 2016-04-12 07:56:58 -04:00
Evan Cordell
7c361c07f9 Use ApiService to get error message 2016-04-11 17:31:30 -04:00
Evan Cordell
b5db41920f Address review comments 2016-04-11 16:34:40 -04:00
Evan Cordell
eba75494d9 Use new error format for auth errors (factor exceptions into module) 2016-04-11 16:22:26 -04:00
Evan Cordell
9c08717173 Return application/problem+json format errors and provide error endpoint 
to dereference error codes.
 2016-04-11 14:57:24 -04:00
Evan Cordell
d69d79d302 swagger: document 201 responses for POST requests 2016-04-07 09:26:28 -04:00
Joseph Schorr
42e934d84f Make notification lookup faster and fix repo pagination on Postgres 2016-03-30 14:46:31 -04:00
josephschorr
4aa079e743 Merge pull request #1247 from coreos-inc/useradminscopes 
Remove internal_only from some APIs now that we expose a user admin scope
 2016-03-23 14:16:02 -04:00
Jimmy Zelinskie
bb46cc933d use kwargs for parse_repository_name 2016-03-09 16:20:28 -05:00
Jake Moshenko
fe2cd240bc Revert "Remove old search API which is no longer in use" 2016-03-07 10:07:41 -05:00
josephschorr
57430a18b4 Merge pull request #1224 from coreos-inc/removeoldsearch 
Remove old search API which is no longer in use
 2016-03-04 12:05:07 -05:00
Joseph Schorr
85919cbc39 Fix error when constructing DownstreamIssue exception 2016-02-25 17:45:49 -05:00
Joseph Schorr
c0374d71c9 Refactor the security worker and API calls and add a bunch of tests 2016-02-25 12:29:41 -05:00
Quentin Machu
0183c519f7 Merge pull request #1253 from Quentin-M/clair2 
Adapt securityworker, secscan API and Quay UI for Clair 1.0
 2016-02-19 18:21:25 -05:00
Quentin Machu
4bd5996bbf Adapt secscan API for Clair v1.0 
Squash /vulnerabilities and /packages as it basically does the same
action on Clair and we don't need both for Quay
 2016-02-19 17:44:23 -05:00
Joseph Schorr
8d9f3309aa Remove internal_only from some APIs now that we expose a user admin scope 
Fixes #1246
 2016-02-16 16:50:33 -05:00
josephschorr
e8faa9f843 Merge pull request #939 from coreos-inc/user-admin 
Add user admin scope
 2016-02-16 16:42:29 -05:00
josephschorr
81a36ee3b8 Merge pull request #1217 from coreos-inc/v2pagination 
Fix V2 catalog and tag pagination
 2016-02-16 15:34:49 -05:00
Joseph Schorr
ecaa051791 Fix schema for invoice email updating 
Fixes #1209
 2016-02-16 11:52:57 -05:00
Joseph Schorr
1887dc879c Remove old search API which is no longer in use 2016-02-10 15:02:27 +02:00
Joseph Schorr
db0eab0461 Fix V2 catalog and tag pagination 2016-02-10 00:25:33 +02:00
Joseph Schorr
534ec9cb2b Add pagination to the repository list API to make it better for public 
Fixes #1166
 2016-02-01 22:42:44 +02:00
Jake Moshenko
018bf8c5ad Refactor how parsed_args are passed to methods 2016-01-26 16:27:36 -05:00
Joseph Schorr
335c8eb3a9 Add 2 day TTL to page tokens 2016-01-26 14:04:03 -05:00
Joseph Schorr
b4bddacedb Switch to Fernet crypto as per gtank's recommendation 2016-01-26 12:50:48 -05:00
Joseph Schorr
bd0a098282 Add ID-based pagination to logs using new decorators and an encrypted token 
Fixes #599
 2016-01-26 12:50:48 -05:00
Joseph Schorr
e4ffaff869 Fix Docker Auth and our V2 registry paths to support library (i.e. namespace-less) repositories. 
This support is placed behind a feature flag.
 2016-01-22 15:54:06 -05:00
Jake Moshenko
b9821290f6 Merge remote-tracking branch 'upstream/master' into torrent 2016-01-08 15:43:12 -05:00
josephschorr
269bd80f53 Merge pull request #1121 from coreos-inc/typofix2 
Fix typo
 2016-01-08 14:30:42 -05:00
Joseph Schorr
161475baaa Break circular dependencies introduced by importing common in verbs 2016-01-08 13:54:40 -05:00
Jimmy Zelinskie
e8c0a8355f only check repo usage when billing enabled 2016-01-07 14:34:19 -05:00
Joseph Schorr
cd204d8940 Fix typo 2016-01-06 15:00:36 -05:00
josephschorr
f748d4348d Merge pull request #1106 from coreos-inc/billingemail 
Add support for custom billing invoice email address
 2016-01-04 14:34:30 -05:00
Jimmy Zelinskie
a967340aad update format_date to handle December 2016-01-01 18:59:27 -05:00
josephschorr
28eb31ed36 Merge pull request #1102 from coreos-inc/deleteimagediff 
Delete the image diff feature
 2015-12-29 14:47:38 -05:00
Joseph Schorr
31a8a0fba4 Better UX when recovering organization emails 
Fixes #291
 2015-12-28 15:25:31 -05:00
Joseph Schorr
10efa96009 Add support for custom billing invoice email address 
Fixes #782
 2015-12-28 13:59:50 -05:00
Joseph Schorr
ab166c4448 Delete the image diff feature 
Fixes #1077
 2015-12-23 13:08:01 -05:00
Silas Sewell
d28768f792 Make eventConfig required in create notification 2015-12-03 18:28:07 -05:00
Matt Jibson
f02bb3caee Add user admin scope 
Also remove unused scope decorator.

fixes #890
 2015-11-18 12:01:40 -05:00
Jake Moshenko
7205bf5e7f Merge pull request #885 from jakedt/python-registry-v2 
Python registry v2 mega merge
 2015-11-16 16:15:40 -05:00
Matt Jibson
d5fb8cafd4 Don't expose unnamed API operations 
fixes #861
 2015-11-16 15:40:33 -05:00
Jake Moshenko
0459c3bc54 Merge remote-tracking branch 'upstream/master' into python-registry-v2 2015-11-16 14:22:54 -05:00
Joseph Schorr
db1fae4cfc Fix security scan endpoint status 2015-11-13 01:06:18 -05:00
Joseph Schorr
b7206a8cfc Remove file added accidentally by merge 2015-11-12 22:03:13 -05:00
Joseph Schorr
7816b0c657 Merge master into vulnerability-tool 2015-11-12 21:52:47 -05:00
Joseph Schorr
3b3f101ea6 Vulnerability UI part 2 
Fixes #860
Fixes #855
 2015-11-12 16:59:36 -05:00
Joseph Schorr
76ce63895f New Quay Sec UI and fix some small bugs 
Fixes #855
 2015-11-11 18:15:58 -05:00
Jake Moshenko
ab340e20ea Merge remote-tracking branch 'upstream/master' into python-registry-v2 2015-11-11 16:41:40 -05:00
Joseph Schorr
ca7d736db2 Only send vulnerability events if the minimum priority is gte to that specified 
Fixes #770
 2015-11-10 16:05:55 -05:00
Joseph Schorr
888ec17538 Recover by email needs to allow anon access to its endpoints 2015-11-10 15:41:19 -05:00
Jimmy Zelinskie
8e2868737b rename secscan_endpoint and move db close to API 2015-11-10 15:22:31 -05:00
Silas Sewell
e826b14ca4 Merge pull request #725 from coreos-inc/setup-tool-georeplication 
superuser: add storage replication config
 2015-11-09 17:43:38 -05:00
Silas Sewell
5000b1621c superuser: add storage replication config 2015-11-09 17:34:22 -05:00
Joseph Schorr
a69c9e12fd Update quay sec code to fix problems identified in previous review 
- Change get_repository_images_recursive to operate over a single docker image and storage uuid
- Move endpoints/sec to endpoints/secscan
- Change notification system to work with new Quay-sec format

Fixes #768
 2015-11-09 17:14:35 -05:00
Quentin Machu
16c364a90c Rename secscan_endpoint where required, fix index and indentation 2015-11-09 15:18:42 -05:00
Matt Jibson
5d9999d1f7 Merge pull request #791 from mjibson/clear-repo-notifications 
Remove error notification when user deletes repos
 2015-11-09 14:46:51 -05:00
Joseph Schorr
b408cfd2cc Ready for demo 2015-11-09 12:51:05 -05:00
Joseph Schorr
fb3d0fa27d Add a SecEndpoint class and move all the cert and config handling in there 2015-11-09 12:49:19 -05:00
Joseph Schorr
87c56d1caa Add vulnerabilities and packages API to Quay 
Fixes #564
 2015-11-09 12:49:19 -05:00
Jake Moshenko
7efa6265bf Merge branch 'newchanges' into python-registry-v2 2015-11-06 18:24:32 -05:00
Jake Moshenko
4314882fa0 Reverse the order of get_parent_images 2015-11-06 17:47:08 -05:00
Joseph Schorr
cfa03951e1 Add a SecScanEndpoint class and move all the cert and config handling in there 2015-11-06 15:22:18 -05:00
Joseph Schorr
e4508fc0d0 Add vulnerabilities and packages API to Quay 
Fixes #564
 2015-11-06 15:22:18 -05:00
Joseph Schorr
0f3db709ea Add a vulnerability_found event for notice when we detect a vuln 
Fixes #637

Note: This PR does *not* actually raise the event; it merely adds support for it
 2015-11-06 15:22:18 -05:00
josephschorr
11be448d75 Merge pull request #773 from coreos-inc/imageload 
Never load the full repo image list
 2015-11-04 16:29:20 -05:00
Matt Jibson
4d81567a0c Remove error notification when user deletes repos 
Also prevent duplicate notifications of that type.

fixes #493
 2015-11-04 16:11:15 -05:00
Joseph Schorr
4f41f79fa8 Never load the full repo image list 
Always make smaller queries per tag to ensure we scale better

Fixes #754
 2015-11-04 15:53:00 -05:00
Joseph Schorr
5e1cd2b2ad Move decorator for TooManyLoginAttempts into general decorated module 
Currently, this is missing in gunicorn_registry which causes 500s when user logins become throttled
 2015-11-03 12:16:01 -05:00
Joseph Schorr
f6a53f7cc5 Change all Quay.io references to Quay, fix tour and change logo 
Fixes #741
 2015-11-02 14:37:48 -05:00
josephschorr
4ae940aede Merge pull request #660 from coreos-inc/superuser 
Superuser Panel Improvements
 2015-10-30 14:32:16 -04:00
Jimmy Zelinskie
e973289397 Revert "Revert "Merge pull request #682 from jzelinskie/revertrevert"" 
This reverts commit 278bc736e3.
 2015-10-23 15:26:33 -04:00
Jimmy Zelinskie
278bc736e3 Revert "Merge pull request #682 from jzelinskie/revertrevert" 
This reverts commit 627ad25c9c, reversing
changes made to 31c392fecc.
 2015-10-22 16:02:07 -04:00
josephschorr
5dae970787 Merge pull request #681 from coreos-inc/userorg 
Return user orgs when making a call via OAuth
 2015-10-21 16:41:43 -04:00
Joseph Schorr
5d8121e060 Return user orgs when making a call via OAuth 
Fixes #673
 2015-10-21 16:40:31 -04:00
Jimmy Zelinskie
39cfe77d42 Revert "Merge pull request #557 from coreos-inc/revert-migration" 
This reverts commit c4f938898a, reversing
changes made to 7ad2522dbe.
 2015-10-21 15:29:57 -04:00
Joseph Schorr
147b7b26b4 Fix is_public in repo list 
Fixes #678
 2015-10-21 14:13:39 -04:00
Joseph Schorr
5941f3937c Enable async GC for all 
Fixes #569
 2015-10-19 14:22:41 -04:00
Joseph Schorr
d464af4cce Add ability to update superusers via the UI 
Fixes #634
 2015-10-16 15:41:18 -04:00
Joseph Schorr
a37b9394d9 Add org email address to orgs list 2015-10-16 15:17:51 -04:00
Joseph Schorr
ad5beab3ef Disable superuser functions around users when not using DB auth 2015-10-16 15:14:49 -04:00
josephschorr
24b54f1e34 Merge pull request #615 from coreos-inc/queriesunite 
Unionize the mega query - It needed more performance-based benefits
 2015-10-15 13:17:01 -04:00
Joseph Schorr
c9daf7d8a9 Add additional tests for repo visibility and further simplify the query for perf 2015-10-15 12:12:57 -04:00
Jimmy Zelinskie
7c1547221d raise a 520 for any GitLab timeouts 2015-10-13 17:34:08 -04:00
Jimmy Zelinskie
9818481b08 limit logs to a maximum number of pages 2015-10-06 14:13:23 -04:00
josephschorr
3e7a95407b Merge pull request #598 from coreos-inc/limitbadquery 
Prevent unlimited insane query from running and fix tests
 2015-10-05 21:29:35 -04:00
Silas Sewell
c6da322ec1 Merge pull request #597 from coreos-inc/tag-validation 
Update tag validation
 2015-10-05 21:10:55 -04:00
Silas Sewell
dd3d939b31 Update tag validation 
Fixes #536
 2015-10-05 19:32:10 -04:00
Joseph Schorr
dd804816ba Prevent unlimited insane query from running and fix tests 
Fixes #591
 2015-10-05 17:11:49 -04:00
Joseph Schorr
8ca92d6828 Remove old search API and switch V1 search to use the new search system 2015-10-05 14:36:43 -04:00
Silas Sewell
9000169b53 Revert "Merge pull request #491 from jakedt/migratebackp2" 
This reverts commit 7ad2522dbe, reversing
changes made to a0b191ffa1.
 2015-09-28 16:09:22 -04:00
josephschorr
7ad2522dbe Merge pull request #491 from jakedt/migratebackp2 
Migrate image data back phase 2
 2015-09-26 15:11:46 -04:00
Joseph Schorr
a283c8d8ec Add a check to ensure repository names are valid according to an extended set of rules. 
Fixes #534
 2015-09-24 11:55:08 -04:00
Joseph Schorr
49b575afb6 Start refactoring of the trigger system: 
- Move each trigger handler into its own file
- Add dictionary helper classes for easier reading and writing of dict-based data
- Extract the web hook payload -> internal representation building for each trigger system
- Add tests for this transformation
- Remove support for Github archived-based building
 2015-09-21 16:36:48 -04:00
Jake Moshenko
8baacd2741 Migrate old data to new locations, read only new. 2015-09-17 15:47:13 -04:00
Joseph Schorr
fbfe7fdb54 Make change repo visibility and create repo raise a 402 when applicable 
We now check the user or org's subscription plan and raise a 402 if the user attempts to create/make a repo private over their limit
 2015-09-15 14:33:35 -04:00
Joseph Schorr
fd3a21fba9 Add Kubernetes configuration provider which writes config to a secret 
Fixes #145
 2015-09-10 12:19:59 -04:00
Joseph Schorr
88a04441de Extract the config provider into its own sub-module 2015-09-10 12:19:59 -04:00
josephschorr
edef283697 Merge pull request #447 from coreos-inc/ronon 
Add support for Dex to Quay
 2015-09-10 11:42:01 -04:00
Jimmy Zelinskie
d55ab78fbe fix pagination of tags in API 
Fixes #461.
 2015-09-09 15:52:21 -04:00
Joseph Schorr
c0286d1ac3 Add support for Dex to Quay 
Fixes #306

- Adds support for Dex as an OAuth external login provider
- Adds support for OIDC in general
- Extract out external logins on the JS side into a service
- Add a feature flag for disabling direct login
- Add support for directing to the single external login service
- Does *not* yet support the config in the superuser tool
 2015-09-04 17:05:06 -04:00
Joseph Schorr
48cf33a8c1 Add missing superuser aggregate logs endpoint 
Reference: d47d28ea4e/Screen-Shot-2015-09-04-at-11-04-41.png
 2015-09-04 16:48:32 -04:00
Joseph Schorr
51c507d02d Add back the ability to retrieve information for an org member directly 
Fixes #427
 2015-08-31 16:45:24 -04:00
Joseph Schorr
b6502d9302 Limit the number of branches and tags loaded to 30 
Fixes #380
 2015-08-21 14:07:20 -04:00
Jimmy Zelinskie
523dc912f7 Merge pull request #372 from coreos-inc/notifyui 
Better notifications UI
 2015-08-17 17:13:24 -04:00
Jimmy Zelinskie
239f76d39f Merge pull request #368 from coreos-inc/buildarchive 
Allow builds to be started with an external archive URL
 2015-08-17 17:09:14 -04:00
Joseph Schorr
84276ee945 Better notifications UI 
Fixes #369
 2015-08-17 17:08:58 -04:00
Joseph Schorr
f092c00621 Allow builds to be started with an external archive URL 
Fixes #114
 2015-08-17 17:01:49 -04:00
Matt Jibson
b483209862 Wrap API and registry requests with common metric timings 
Record response times, codes, and rollup non-2XX responses.
 2015-08-12 12:16:00 -04:00
Joseph Schorr
09bb98f161 Really fix the build trigger schema and add a test for it 2015-08-11 17:17:18 -04:00
Jimmy Zelinskie
7d6c6ba8e8 Merge pull request #316 from jzelinskie/read-tags 
tag history requires READ instead of WRITE
 2015-08-07 13:26:04 -04:00
Joseph Schorr
7ea4c7d17e Add missing JSON schema for 'refs' and 'branch_name' 
Fixes #325
 2015-08-07 13:01:49 -04:00
Joseph Schorr
aab8866345 Fix accidental rename of key 2015-08-06 13:21:52 -04:00
Joseph Schorr
ea25538646 MySQL and Postgres complain about the group by, so calculate dates ourselves 2015-08-06 12:52:55 -04:00
Joseph Schorr
d34afde954 Fix logs view and API 
- We needed to use an engine-agnostic way to extract the days
- Joining with the LogEntryKind table has *horrible* performance in MySQL, so do it ourselves
- Limit to 50 logs per page
 2015-08-05 17:47:03 -04:00
Jimmy Zelinskie
411d4e7abb tag history requires READ instead of WRITE 
Fixes #315.
 2015-08-05 17:09:34 -04:00
Jake Moshenko
65f982577d Merge pull request #289 from coreos-inc/swaggerfix 
Fix swagger errors
 2015-08-04 10:23:05 -04:00