Commit graph

7279 commits

Author SHA1 Message Date
Joseph Schorr
ef9cb3757d Check for missing repository on GC call
Fixes https://sentry.io/coreos/backend-production/issues/192273882/
2017-02-22 13:18:23 -05:00
Joseph Schorr
89b7c13da5 Catch team member invite missing exception
Fixes https://sentry.io/coreos/backend-production/issues/195926082/
2017-02-22 13:18:22 -05:00
Joseph Schorr
fd4a31d3c3 Make pop on realm work even if the realm isn't present
This is cleanup code and, occasionally, we get a cleanup without the realm having been added, leading to a KeyError
2017-02-22 13:18:22 -05:00
Jimmy Zelinskie
b145ed7ad8 Merge pull request #2374 from jzelinskie/df-upgrade
dockerfile: -y for apt-get upgrade
2017-02-22 13:03:28 -05:00
Jimmy Zelinskie
4538d11c95 dockerfile: -y for apt-get upgrade 2017-02-22 13:01:00 -05:00
Jimmy Zelinskie
1a6d05531d Merge pull request #2373 from jzelinskie/df-upgrade
dockerfile: upgrade base OS packages
2017-02-22 11:49:20 -05:00
Jimmy Zelinskie
cc56ce79a8 dockerfile: upgrade base OS packages 2017-02-22 11:48:11 -05:00
Jake Moshenko
a32d329b17 Merge pull request #2372 from jakedt/clairunscanned
Move the images count stat back to the prom stat worker
2017-02-22 11:45:51 -05:00
Jake Moshenko
27f5f14f90 Linter fixes 2017-02-22 11:45:38 -05:00
Jake Moshenko
add6b654ae Move the total image count stat back to the prom stat worker 2017-02-22 11:45:38 -05:00
Joseph Schorr
6133b01d4d Fix transparent icons in entity autocomplete
This is not a *complete* solution, as it still won't show the nice CSS-based avatars, but that can be done in a followup
2017-02-21 21:16:15 -05:00
Jimmy Zelinskie
deb2b1b003 Merge pull request #2370 from jakedt/clairunscanned
Read the number of unscanned clair images from the block allocator
2017-02-21 19:18:05 -05:00
Jake Moshenko
b03e03c389 Read the number of unscanned clair images from the block allocator 2017-02-21 19:13:51 -05:00
Jimmy Zelinskie
8957541844 Merge pull request #2369 from jzelinskie/optim-qss
data.model.image: fake QSS progress metric
2017-02-21 17:50:22 -05:00
Jimmy Zelinskie
3d21af59fd data.model.image: fake QSS progress metric 2017-02-21 17:48:40 -05:00
josephschorr
0214b1ba9f Merge pull request #2368 from coreos-inc/entity-search-avatar
Display avatars in entity search autocomplete
2017-02-21 16:49:45 -05:00
Joseph Schorr
fcff867bfd Display avatars in entity search autocomplete
Fixes https://github.com/coreos/bugs/issues/1819
2017-02-21 16:29:13 -05:00
josephschorr
2ef55a5842 Merge pull request #2363 from coreos-inc/opt-search
Small search query optimizations
2017-02-18 13:51:12 -05:00
josephschorr
ecf11d4504 Merge pull request #2364 from coreos-inc/cut-2.1.0
CHANGELOG for v2.1.0
2017-02-17 13:47:53 -05:00
Joseph Schorr
c35691a746 CHANGELOG for v2.1.0 2017-02-17 13:46:29 -05:00
Joseph Schorr
a319c55616 Don't make permissions request in search for public callers
They are unnecessary, so we can skip them
2017-02-17 12:22:21 -05:00
Joseph Schorr
eece782038 Prevent peewee from loading the visibility every time
By calling `visibility` instead of `visibility_id`, peewee was issuing a SQL Select statement for the repository, which removes the benefit of the optimization
2017-02-17 12:09:48 -05:00
josephschorr
7cb2da4cea Merge pull request #2348 from coreos-inc/oidc-bind
Add support for binding OIDC and external login auth to the backing internal login auth
2017-02-16 16:29:00 -05:00
Joseph Schorr
198bdf88bc Move OAuth login into its own endpoints module 2017-02-16 16:27:54 -05:00
Joseph Schorr
0167e1e7bf Style fixes 2017-02-16 16:27:54 -05:00
Joseph Schorr
cc4258c015 Blacklist any OIDC service ids that may conflict with our own 2017-02-16 16:27:53 -05:00
Joseph Schorr
421c5d6012 Fix bug where the login service ID doesn't exist 2017-02-16 16:27:53 -05:00
Joseph Schorr
6736e69ebd Add end-to-end OIDC binding test 2017-02-16 16:27:53 -05:00
Joseph Schorr
d47696b69c Add support for sub binding field 2017-02-16 16:27:53 -05:00
Joseph Schorr
7b386e9d63 Move endpoint test fixtures to a non-conftest file 2017-02-16 16:27:53 -05:00
Joseph Schorr
2c35383724 Allow OAuth and OIDC login engines to bind to fields in internal auth
This feature is subtle but very important: Currently, when a user logs in via an "external" auth system (such as Github), they are either logged into an existing bound account or a new account is created for them in the database. While this normally works jut fine, it hits a roadblock when the *internal* auth system configured is not the database, but instead something like LDAP. In that case, *most* Enterprise customers will prefer that logging in via external auth (like OIDC) will also *automatically* bind the newly created account to the backing *internal* auth account. For example, login via PingFederate OIDC (backed by LDAP) should also bind the new QE account to the associated LDAP account, via either username or email. This change allows for this binding field to be specified, and thereafter will perform the proper lookups and bindings.
2017-02-16 16:27:53 -05:00
Joseph Schorr
c6b0376d61 Remove unnecessary email generation in OAuth login
Handled by the `emaIl_required` flag already
2017-02-16 16:27:53 -05:00
josephschorr
c8e5eb5ad1 Merge pull request #2359 from coreos-inc/fix-gitlab-tag
Fix handling of gitlab web hooks when tagging
2017-02-16 15:56:56 -05:00
Joseph Schorr
a34d18b9ea Fix handling of gitlab web hooks when tagging
Gitlab doesn't send any commit information for tagging events (because... reasons), and so we have to perform the lookup ourselves to have full metadata.

Fixes #1467
2017-02-16 15:40:37 -05:00
josephschorr
c4837d87b3 Merge pull request #2362 from coreos-inc/fix-none-queries
Fix handling of None queries
2017-02-16 15:32:36 -05:00
Joseph Schorr
92c0b5ac3e Fix handling of None queries 2017-02-16 15:26:45 -05:00
josephschorr
38e079ced2 Merge pull request #2344 from coreos-inc/v1-search-fix
Implement the full spec for the old Docker V1 registry search API
2017-02-16 15:08:33 -05:00
Joseph Schorr
a0bc0e9488 Implement the full spec for the old Docker V1 registry search API
This API is still (apparently) being used by the Docker CLI for `docker search` (why?!) and we therefore have customers expecting this to work the same way as the DockerHub.
2017-02-16 14:45:33 -05:00
josephschorr
8f01cb959a Merge pull request #2354 from coreos-inc/license-sorting
Change entitlement sorting to sort *valid* entitlements by reverse expiration time
2017-02-15 16:24:51 -05:00
Joseph Schorr
d506279892 Change entitlement sorting to sort *valid* entitlements by reverse expiration time
With this change, if all entitlements are valid, we sort to show the entitlement that will expire the farthest in the future, as that defines the point at which the user must act before the license becomes invalid.
2017-02-15 14:31:24 -05:00
Erica
9dab7d3a36 feat(Makefile): add makefile to repo (#2264)
feat(Makefile): add makefile to repo

*Note* This is still very much a WIP. Please correct any issues you come across.
2017-02-15 08:39:19 -08:00
josephschorr
2a7d1fbe57 Merge pull request #2358 from coreos-inc/better-logging
Log more information to the action logs and display the namespaces for superusers
2017-02-14 16:38:35 -05:00
Charlton Austin
23dd1ccd4d Merge pull request #2355 from charltonaustin/add_queue_depths_135227117
feature(app.py): adding queue_metrics to queues
2017-02-14 16:22:49 -05:00
Charlton Austin
3fd8c8a60d feature(app.py): adding queue_metrics to queues
publishing queue metrics for SRE

[none]
2017-02-14 16:01:28 -05:00
Jimmy Zelinskie
8755706454 Merge pull request #2357 from jzelinskie/secscan-test-fix
Fix Security Scanning API Usage Tests
2017-02-14 15:41:17 -05:00
Jimmy Zelinskie
ab941607d4 test.test_api_usage: add AppConfigChange ctxmgr 2017-02-14 15:27:22 -05:00
Jimmy Zelinskie
1d6339e644 test.test_api_usage: fix secscan tests 2017-02-14 15:21:18 -05:00
Jimmy Zelinskie
3286566478 util.secscan.api: reorg try/catch 2017-02-14 15:21:17 -05:00
Joseph Schorr
11c931f781 Log more information to the action logs and display the namespaces for superusers
This helps superusers understand better what, exactly, is going on in the registry
2017-02-14 14:55:24 -05:00
Jimmy Zelinskie
d2909c0e4d failover: store result in FailoverException 2017-02-14 14:36:36 -05:00