vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
4161 commits 2 branches 62 tags 205 MiB
Commit graph

4161 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jimmy Zelinskie
f3c3e684a1 prepare branch to be merged into phase1-11-07-2015 
This removes the checksum backfill, removes the migration that runs the
backfills, and defaults the security scan feature off.
 2015-11-06 15:22:18 -05:00
Quentin Machu
af4511455f Remove .distinct() from these queries 2015-11-06 15:22:18 -05:00
Joseph Schorr
cfa03951e1 Add a SecScanEndpoint class and move all the cert and config handling in there 2015-11-06 15:22:18 -05:00
Joseph Schorr
e4508fc0d0 Add vulnerabilities and packages API to Quay 
Fixes #564
 2015-11-06 15:22:18 -05:00
Quentin Machu
a4c78ba99a Add support for Quay's vulnerability tool 2015-11-06 15:22:18 -05:00
Joseph Schorr
0f3db709ea Add a vulnerability_found event for notice when we detect a vuln 
Fixes #637

Note: This PR does *not* actually raise the event; it merely adds support for it
 2015-11-06 15:22:18 -05:00
Quentin Machu
3677947521 Add support for Quay's vulnerability tool 2015-11-06 15:22:18 -05:00
Joseph Schorr
2d1df267dd Add security config 2015-11-06 15:22:18 -05:00
Quentin Machu
1b41200e49 Fix PostgresSQL compatibility and parent omittance securityworker 2015-11-06 15:22:18 -05:00
Quentin Machu
a99b8fcfe4 Fix migration 2015-11-06 15:22:18 -05:00
Quentin Machu
f59e35cc81 Add support for Quay's vulnerability tool 2015-11-06 15:22:18 -05:00
Jake Moshenko
3d0bcbaaeb Move v1 checksums to image and track v2 separately 2015-11-06 15:17:55 -05:00
Joseph Schorr
2b3633b107 Remove the used_legacy_github column 2015-11-06 15:17:55 -05:00
Joseph Schorr
bbf4a1fac4 Remove the used_legacy_github column 2015-11-06 15:17:55 -05:00
Jake Moshenko
8edcdd94b3 Merge pull request #808 from jakedt/roadmap 
Update our roadmap.
 2015-11-06 14:00:27 -05:00
Jake Moshenko
d7720d4c67 Update our roadmap. 2015-11-06 13:59:29 -05:00
Matt Jibson
9df80d713e Merge pull request #803 from mjibson/aci-rootfs 
Allow listing of ACI rootfs by non-root
 2015-11-06 13:22:37 -05:00
Matt Jibson
86ca2d7f44 Allow listing of ACI rootfs by non-root 
Also the image ID folder for docker squash.

This method is only called in 2 places: once for the ACI rootfs, and once
for squashing docker images. The previous (0644) permissions could
theoretically have been depended on by someone, but it is doubtful.

fixes #802
 2015-11-06 13:22:04 -05:00
Matt Jibson
576fcf5325 Merge pull request #799 from mjibson/status-badge-cache 
Set and use ETag headers on status badges
 2015-11-06 12:15:35 -05:00
Matt Jibson
f4b57eff96 Set and use ETag headers 
Also set no-cache exactly as github recommends. The removed @no_cache
decorater used "Cache-Control:no-cache, no-store, must-revalidate", but
just no-cache should be sufficient, and should certainly work correctly
with github.

See: https://github.com/github/markup/issues/224#issuecomment-48532178

fixes #712
 2015-11-06 12:15:15 -05:00
Silas Sewell
4f6d81b1ec Merge pull request #794 from coreos-inc/build-sh-sha1 
Update build.sh to work with GIT_HEAD
 2015-11-04 18:31:55 -05:00
Silas Sewell
d2b0caa838 Update build.sh to work with GIT_HEAD 2015-11-04 16:55:34 -05:00
Quentin Machu
da1fe7d48b Merge pull request #790 from Quentin-M/set4O4 
Define nginx v2 vhost & properly set 404 status code
 2015-11-04 16:32:11 -05:00
josephschorr
11be448d75 Merge pull request #773 from coreos-inc/imageload 
Never load the full repo image list
 2015-11-04 16:29:20 -05:00
Matt Jibson
74d70ce3ea Merge pull request #792 from mjibson/error-notification-color 
Make error notification text white
 2015-11-04 16:26:21 -05:00
Matt Jibson
2f92b7f705 Make error notification text white 
Otherwise it's a dark color on red; unreadable.
 2015-11-04 16:13:41 -05:00
Joseph Schorr
4f41f79fa8 Never load the full repo image list 
Always make smaller queries per tag to ensure we scale better

Fixes #754
 2015-11-04 15:53:00 -05:00
Quentin Machu
c1fa22d9b0 Define nginx v2 vhost & properly set 404 status code 
Fixes #777
 2015-11-04 14:56:18 -05:00
Matt Jibson
5f49c4da7c Merge pull request #786 from mjibson/short-sha 
Use 7 chars for git short SHAs
 2015-11-04 14:21:20 -05:00
Matt Jibson
0e68918748 Use 7 chars for git short SHAs 
fixes #713
 2015-11-04 14:08:10 -05:00
Matt Jibson
249269ad50 Merge pull request #715 from mjibson/localhost 
Use local IP instead of deprecated docker IP
 2015-11-04 13:49:42 -05:00
josephschorr
c3a4c36df7 Merge pull request #761 from coreos-inc/fixtoomanylogin 
Move decorator for TooManyLoginAttempts into general decorated module
 2015-11-04 12:29:01 -05:00
Matt Jibson
57ffb39651 Merge pull request #714 from mjibson/queue-locking 
Refactor queue locking to not use select for update
 2015-11-04 12:05:53 -05:00
Silas Sewell
cf1b0eb2fb Merge pull request #783 from coreos-inc/fix-github-exception-ref 
Fix missing GithubException ref
 2015-11-04 11:47:02 -05:00
Silas Sewell
4f9a7b3482 Fix missing GithubException ref 2015-11-04 11:19:49 -05:00
josephschorr
1520d68c80 Merge pull request #780 from coreos-inc/disable404 
Disable 404, as it is breaking V2 API checks
 2015-11-04 02:50:27 -05:00
Joseph Schorr
d4646e459e Disable 404, as it is breaking V2 API checks 2015-11-04 02:47:33 -05:00
Silas Sewell
3aaa00e3b0 Merge pull request #775 from coreos-inc/disable-diff-worker 
Disable diffsworker
 2015-11-04 00:01:53 -05:00
Silas Sewell
49b395ba4e Disable diffsworker 2015-11-03 23:59:38 -05:00
josephschorr
43720b27e7 Merge pull request #765 from coreos-inc/fixverbs2 
Fix layer ordering in verbs
 2015-11-03 15:00:09 -05:00
Joseph Schorr
95c47fe250 Fix layer ordering in verbs 2015-11-03 14:43:47 -05:00
Jimmy Zelinskie
9039026ebe Merge pull request #763 from jzelinskie/changes 
changelog: cut v1.13.2
 2015-11-03 12:31:30 -05:00
Jimmy Zelinskie
f14b874a4e changelog: cut v1.13.2 2015-11-03 12:30:14 -05:00
josephschorr
d99cf1b6fc Merge pull request #762 from coreos-inc/api404 
Do not redirect on API 404
 2015-11-03 12:24:43 -05:00
Joseph Schorr
cf8497593d Do not redirect on API 404 2015-11-03 12:23:39 -05:00
Joseph Schorr
5e1cd2b2ad Move decorator for TooManyLoginAttempts into general decorated module 
Currently, this is missing in gunicorn_registry which causes 500s when user logins become throttled
 2015-11-03 12:16:01 -05:00
Jimmy Zelinskie
c7b25a704c Merge pull request #760 from jzelinskie/changes 
changelog: cut 1.13.1
 2015-11-03 12:06:28 -05:00
Jimmy Zelinskie
914f527c8a changelog: cut 1.13.1 2015-11-03 12:04:54 -05:00
josephschorr
86a3d230cb Merge pull request #759 from coreos-inc/fixmigration 
Later migration changed one of the tables, so make local copies
 2015-11-03 12:00:50 -05:00
Matt Jibson
a994b367da Refactor queue locking to not use select for update 
The test suggests this works.

fixes #622
 2015-11-03 11:32:28 -05:00