vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
8351 commits 2 branches 62 tags 205 MiB
Commit graph

1476 commits

Author SHA1 Message Date
Joseph Schorr
3309daa32e Add support for reduced initial build count for new possible abusing users 
If configured, we now check the IP address of the user signing up and, if they are a possible threat, we further reduce their number of allowed maximum builds to the configured value.
 2018-04-20 18:46:32 +03:00
Joseph Schorr
4418772745 Postgres requires defaults for non-nullable cols, even integer ones 
Fixes https://jira.coreos.com/browse/QUAY-912
 2018-04-08 18:54:23 -04:00
Brad Ison
8e5c67e207
Use get_or_create in place of create_or_get 
Peewee v2.9.0 removes the create_or_get method.
 2018-04-04 14:21:16 -04:00
Joseph Schorr
82da2042fd Add tests for image model, fix a small bug and remove an unused function 2018-04-04 13:13:52 -04:00
Joseph Schorr
8146646761 Simplifying queries around images and placements 
Only verbs needs to load placements for multiple images, so we can vastly simplify and optimize most queries by making it two-step, and having the rest of the image loads not worry about placements
 2018-04-03 16:23:49 -04:00
Joseph Schorr
f6b647bd61 Default for robot account metadata should be an empty dict, not a string 2018-03-27 17:29:55 -04:00
josephschorr
b897d896d7
Merge pull request #2876 from coreos-inc/blocking-logs-fix 
Decrease redis timeouts to within the WAMP message window
 2018-03-22 21:40:47 -04:00
josephschorr
6c43b7ff0d
Merge pull request #3024 from coreos-inc/manageable-robots 
Manageable robots epic
 2018-03-21 18:50:17 -04:00
Joseph Schorr
2ea13e86a0 Add last_accessed information to User and expose for robot accounts 
Fixes https://jira.coreos.com/browse/QUAY-848
 2018-03-21 15:28:34 -04:00
Joseph Schorr
c4debe011c Fix team add/invite logic around when an invite is required 
We were accidentally skipping the invite if the user was a member of *any* organization, rather than the specific organization (as intended)

Fixes https://jira.coreos.com/browse/QUAY-880
 2018-03-16 17:13:27 -04:00
Joseph Schorr
254cdfe43a Add support for metadata on robot accounts 
Fixes https://jira.coreos.com/browse/QUAY-847
Fixes https://jira.coreos.com/browse/QUAY-816
 2018-03-12 20:32:05 -04:00
Joseph Schorr
a693771345 Add creation date information to robots API and UI 
Fixes https://jira.coreos.com/browse/QUAY-846
 2018-03-09 13:55:19 -05:00
Joseph Schorr
c4a6273e00 Add creation date to User table 2018-03-09 13:31:29 -05:00
Joseph Schorr
2d34b89203 Decrease redis timeouts to within the WAMP message window 
This ensures that if the builder sends a heartbeat, but redis is down, we don't time out the build while waiting to connect or receive. Since Redis data is ephemeral anyway, this should give us more stability in builds if/when redis is down
 2018-03-02 16:53:37 -05:00
Joseph Schorr
24b77bbc10 Fix serialization of blobs to/from the cache 
Also makes sure the test checks that serialization
 2018-03-02 14:22:55 -05:00
Joseph Schorr
ff1773bd28 Change name field back to a normal string 
Our prod MySQL does not support an index on a UTF8 field of this size; thankfully, we don't need UTF8 here
 2018-03-02 13:23:30 -05:00
Joseph Schorr
4db4a44491 Add missing server_default on enabled col in repositorybuildtrigger 
Without it, we'll default all existing triggers to disabled
 2018-03-02 13:13:32 -05:00
Joseph Schorr
ed84835d23 Changes for code review 2018-03-01 16:49:52 -05:00
Joseph Schorr
3837a7c2ed Add datetime of when a trigger was disabled 2018-03-01 16:49:51 -05:00
Joseph Schorr
93d79e777e Automatically disable build triggers with successive failures or internal errors 
We allow users to reenable them manually once disabled
 2018-03-01 16:49:51 -05:00
Joseph Schorr
c35eec0615 Add ability for triggers to be disabled 
Will be used in the followup commit to automatically disable broken triggers
 2018-03-01 16:49:28 -05:00
Joseph Schorr
ab0172d2fd Switch Quay to using an in-container memcached for data model caching 2018-02-27 16:55:22 -05:00
Joseph Schorr
8bc55a5676 Make namespace deletion asynchronous 
Instead of deleting a namespace synchronously as before, we now mark the namespace for deletion, disable it, and rename it. A worker then comes along and deletes the namespace in the background. This results in a *significantly* better user experience, as the namespace deletion operation now "completes" in under a second, where before it could take 10s of minutes at the worse.

Fixes https://jira.coreos.com/browse/QUAY-838
 2018-02-27 13:12:51 -05:00
Brad Ison
f89a16a64d Make byte_count on BlobUpload table not nullable 
The byte_count field on the BlobUpload model is marked as not
nullable, but the migration to make the field a big integer removed
that restriction (#2388 :: 76de324) in the database.  It's still in
the model though, which means they are out of sync.  This adds a
migration to mark the field as not nullable in the database again.
 2018-02-26 11:36:56 -05:00
Brad Ison
5bd826e7b5 Drop checksum from ImageStorage table 
The checksum field was removed from the ImageStorage model in #815,
but was never dropped from the database.  This adds a migration to
drop the unused column.
 2018-02-24 17:00:07 -05:00
Joseph Schorr
e446eb5757 Switch build queue limiter query to use total number of alive jobs 
This is slightly more accurate and, not being based on time, will work better under MySQL
 2018-02-21 14:04:40 -05:00
josephschorr
d77aa9228f
Merge pull request #3002 from coreos-inc/joseph.schorr/QUAY-822/gc-app-tokens 
Add a worker to automatically GC expired app specific tokens
 2018-02-20 17:21:48 -05:00
Joseph Schorr
9a452ace11 Add configurable limits for number of builds allowed under a namespace 
We also support that limit being increased automatically once a successful billing charge has gone through
 2018-02-20 16:54:22 -05:00
Brad Ison
62971b7f20
Merge pull request #2999 from bison/user-location 
Add user location metadata filed
 2018-02-20 16:48:37 -05:00
Joseph Schorr
e220b50543 Refactor auth code to be cleaner and more extensible 
We move all the auth handling, serialization and deserialization into a new AuthContext interface, and then standardize a registration model for handling of specific auth context types (user, robot, token, etc).
 2018-02-14 15:35:27 -05:00
Joseph Schorr
e1a3857de9 Make sure to filtered already-expired tokens from the "expiring soon" tokens 2018-02-12 17:07:50 -05:00
Joseph Schorr
d45161b120 Add a worker to automatically GC expired app specific tokens 
Fixes https://jira.coreos.com/browse/QUAY-822
 2018-02-12 14:56:01 -05:00
Brad Ison
3de6b4a646 Add location metadata field for users 2018-02-06 16:06:17 -05:00
Joseph Schorr
da0fa2e0d2 Make sure to add primary repo permissions under a transaction 
Should prevent a repository from being created under a user's namespace without a corresponding admin permission

Fixes https://jira.coreos.com/browse/QUAY-826
 2018-02-06 11:20:40 -05:00
Joseph Schorr
6228ab5a51 We cannot cache the full expiration for an app specific token, as it would include the datetime when the cache is created, rather than now 
Fixes https://jira.coreos.com/browse/QUAY-819
 2018-02-02 16:11:59 -05:00
Joseph Schorr
bbdf9e074c Add metrics for tracking when instance key renewal succeeds and fails, as well as when instance key *lookup* fails 2018-02-02 11:14:42 -05:00
josephschorr
fd1237cff9
Merge pull request #2974 from coreos-inc/joseph.schorr/QS-118/manifest-write-query 
Audit the number of SQL queries we make in writing manifests, and significantly reduce in the common case
 2018-01-31 11:08:33 -05:00
Joseph Schorr
182c4594e7 Remove unsupported DB connection arguments for non-pooled DB handler 2018-01-26 13:37:08 -05:00
Joseph Schorr
9e16a989f5 Audit the number of SQL queries we make in writing manifests, and significantly reduce in the common case 
Instead of 41 queries now for the simple manifest, we are down to 14.

The biggest changes:
  - Only synthesize the V1 image rows if we haven't already found them in the database
  - Thread the repository object through to the other model method calls, and use it instead of loading again and again
 2018-01-25 11:10:43 -05:00
Joseph Schorr
208dc38d25 Allow expired app specific tokens to be deleted 2018-01-23 11:40:51 -05:00
Joseph Schorr
3bc5840496 Extend our logs about whether we are using connection pooling for a DB 2018-01-11 16:43:46 -05:00
josephschorr
b17c05fbd5
Merge pull request #2968 from coreos-inc/joseph.schorr/QS-110/user-login-lock 
Reduce lock contention on invalid user login calls
 2018-01-09 12:41:00 -05:00
Joseph Schorr
81be47486c Reduce lock contention on invalid user login calls 
Fixes https://jira.coreos.com/browse/QS-110
 2018-01-08 16:57:50 -05:00
josephschorr
13b738c43c
Merge pull request #2954 from coreos-inc/joseph.schorr/QS-102/user-api-filter 
Add ability to filter users list to enabled users
 2018-01-05 15:40:50 -05:00
josephschorr
d8fde005d8
Merge pull request #2961 from coreos-inc/joseph.schorr/QS-107/create-repo-opt 
Small optimizations around create repository code
 2018-01-05 15:40:30 -05:00
Joseph Schorr
6a876a6b73 Change title to be UTF8 2018-01-04 15:27:42 -05:00
Joseph Schorr
888b564a9b Add a banner to the Quay UI when an app specific token is about to expire 2018-01-04 15:27:42 -05:00
Joseph Schorr
2214a2c7ad Disable fresh login check in auth engines that won't support it 2018-01-04 15:27:41 -05:00
Joseph Schorr
524d77f527 Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password 2018-01-04 15:27:41 -05:00
Joseph Schorr
3f99e864e1 Reduce the number of DB queries for creating a repo 2018-01-04 14:32:39 -05:00