No description
This repository has been archived on 2020-03-24. You can view files and clone it, but cannot push or open issues or pull requests.
Find a file
2018-01-10 11:10:57 -05:00
.github feat(.github): add PR template 2017-02-01 15:59:32 -05:00
.gitlab-ci Add docker-cli e2e tests 2017-07-28 19:35:34 +02:00
auth Add a banner to the Quay UI when an app specific token is about to expire 2018-01-04 15:27:42 -05:00
avatars fix(136521333): Handle None email_or_id in avatar code 2016-12-21 15:00:55 -05:00
buildman Fix permissions on disable-aws-metadata script 2018-01-05 13:26:59 -05:00
buildstatus Adding in UI for cancel anytime. 2016-11-21 10:58:32 -05:00
buildtrigger Fix bug in Github trigger set up flow 2017-10-23 19:57:53 -07:00
ci Fix Concourse full db test config 2017-04-24 16:55:54 -04:00
conf Change worker processes to be auto set based on CPU count 2018-01-10 11:10:57 -05:00
data Merge pull request #2968 from coreos-inc/joseph.schorr/QS-110/user-login-lock 2018-01-09 12:41:00 -05:00
deploy Add delete preview-env / auto-deploy a staging 2017-07-20 14:07:06 +02:00
digest Merge branch 'newchanges' into python-registry-v2 2015-11-06 18:24:32 -05:00
emails emails: add missing periods to sentences in emails 2016-08-09 15:36:47 -07:00
endpoints Change superuser API errors to be more descriptive 2018-01-05 17:09:26 -05:00
events Add missing build event template 2017-07-25 17:00:07 -04:00
features Disable federated login for new users if user creation is disabled 2017-05-15 15:07:08 -04:00
health Hide extended health check information behind superuser permission or a session property 2017-07-19 16:17:02 +03:00
image Add validation of Docker V2_1 schemas and add a test for PUTing an invalid schema 2017-12-20 11:43:03 -05:00
notifications Fix build links in notifications 2017-10-20 14:03:51 -04:00
oauth Allow admins to configure the login scopes for OIDC login 2017-12-06 15:54:26 -05:00
static Change LDAP password field to be a password field 2018-01-09 16:31:52 -05:00
storage Pad out the segment identifier for Swift segments and change test back to string comparison 2017-11-28 09:46:40 +02:00
templates Fix XSS in access token display page 2017-12-06 13:40:31 -05:00
test Change superuser API errors to be more descriptive 2018-01-05 17:09:26 -05:00
tools Build job does not have a request context when calling get_file_url 2017-10-06 12:57:02 -04:00
util Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password 2018-01-04 15:27:41 -05:00
workers Add worker to update ipresolver data files every few hours 2017-09-28 14:40:59 -04:00
.coverage.dockerfile add coverage report 2017-07-27 12:12:56 +02:00
.dockerignore Add quay-kubernetes package / Add quay CD to k8s 2017-07-20 13:50:22 +02:00
.gitignore Add quay-kubernetes package / Add quay CD to k8s 2017-07-20 13:50:22 +02:00
.gitlab-ci.jsonnet Add docker-cli e2e tests 2017-07-28 19:35:34 +02:00
.gitlab-ci.yml Revert "Merge pull request #2844 from coreos-inc/alegrand/use_latest_appr_server_code" 2017-08-09 20:45:46 -04:00
.style.yapf Update yapf 2017-04-08 09:25:09 +02:00
_init.py Use $QUAYPATH and $QUAYDIR in conf and init files 2017-07-05 16:23:54 +02:00
alembic.ini Print the time when logging from migrations 2015-11-09 22:29:17 -05:00
app.py Remove request-start and request-end info logs 2018-01-04 12:58:30 -05:00
application.py Add log JSON formatter 2017-06-07 00:02:52 +02:00
bill-of-materials.json *: convert csv into bill of materials JSON 2017-04-08 16:42:56 -04:00
boot.py Use $QUAYPATH and $QUAYDIR in conf and init files 2017-07-05 16:23:54 +02:00
build.sh Update build.sh to work with GIT_HEAD 2015-11-04 16:55:34 -05:00
CHANGELOG.md CHANGELOG for v2.7.0 2018-01-09 12:47:16 -05:00
config.py Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password 2018-01-04 15:27:41 -05:00
dev.df Refactor prometheus integration 2016-07-01 14:16:50 -04:00
Dockerfile Add worker to update ipresolver data files every few hours 2017-09-28 14:40:59 -04:00
Dockerfile.old Use splited Dockerfile 2017-07-07 11:46:47 +02:00
external_libraries.py fix(external_libraries): pull woff2 format of fontawesome 2017-08-07 18:57:22 -04:00
initdb.py Add an AppSpecificAuthToken data model for app-specific auth tokens. These will be used for the Docker CLI in place of username+password 2018-01-04 15:27:41 -05:00
karma.conf.js Add --no-sandbox flag to Karma test 2017-11-30 11:57:51 -05:00
local-docker.sh local-docker.sh now accepts env vars 2016-07-08 15:50:51 -04:00
local-run.sh improvements to startup logo 2017-02-13 00:48:17 -08:00
loghandler.py Add log JSON formatter 2017-06-07 00:02:52 +02:00
MAINTAINERS MAINTAINERS: init owners to subpkgs 2017-01-23 17:46:34 -05:00
Makefile add coverage report 2017-07-27 12:12:56 +02:00
package.json Add --no-sandbox flag to Karma test 2017-11-30 11:57:51 -05:00
path_converters.py update(security_test.py): moving tests to new framework 2017-02-02 13:40:00 -05:00
Procfile Run gunicorn and webpack through Procfile 2016-10-20 13:50:57 -04:00
pylintrc database: initial manifestlist schema changes 2016-09-26 14:47:06 -04:00
quay-base.dockerfile Revise our base image again 2017-12-13 12:01:22 -05:00
quay-entrypoint.sh feat(adding in a way to run interactive processes): 2017-07-27 14:30:45 -04:00
README.md update the README to include setting PYTHONPATH environment variable 2017-07-11 10:25:05 -04:00
registry.py Use $QUAYPATH and $QUAYDIR in conf and init files 2017-07-05 16:23:54 +02:00
release.py superuser: add storage replication config 2015-11-09 17:34:22 -05:00
requirements-dev.txt Generate .gitlab.yaml via .gitlab.jsonnet 2017-06-15 14:16:00 +02:00
requirements-nover.txt Add missing lib to remove warning 2017-10-10 14:36:07 -04:00
requirements-tests.txt Add gitlab-ci docker-build 2017-06-06 05:31:28 +02:00
requirements.txt Fix the custom cert install process to install to the new certifi location, in addition to the old location 2017-12-15 17:26:44 -05:00
ROADMAP.md Update the roadmap for current sprint and strip from QE 2016-03-04 11:29:51 -05:00
secscan.py Use $QUAYPATH and $QUAYDIR in conf and init files 2017-07-05 16:23:54 +02:00
setup.cfg add coverage report 2017-07-27 12:12:56 +02:00
tox.ini Fix tox definition file for registry tests 2017-01-18 14:31:43 -05:00
tsconfig.json added TSLint for TypeScript code style checking, fixed associated errors 2017-06-27 11:37:13 -07:00
tslint.json added TSLint for TypeScript code style checking, fixed associated errors 2017-06-27 11:37:13 -07:00
verbs.py Use $QUAYPATH and $QUAYDIR in conf and init files 2017-07-05 16:23:54 +02:00
web.py Use $QUAYPATH and $QUAYDIR in conf and init files 2017-07-05 16:23:54 +02:00
webpack.config.js whitelisted moment.js locales to reduce bundle size 2017-08-02 15:46:14 -04:00
yarn.lock refactored Markdown components to reduce bundle size 2017-08-01 10:55:05 -04:00

quay

Docker Repository on Quay

⚠️ The master branch may be in an unstable or even broken state during development. Please use releases instead of the master branch in order to get stable binaries.

Quay Logo

Quay is project to build, store, and distribute container images.

High-level features include:

Table of Contents

  1. Getting Started
  2. macOS
  3. Linux
  4. Development
  5. PivotalTracker Integration
  6. Running and Testing
  7. Test Data
  8. Local Scripts
  9. Development inside Docker
  10. Adding a Python Dependency
  11. Adding a Yarn Dependency
  12. Running the Build System
  13. To run individual tests 1. Pytest 2. Tox
  14. Running Migrations
  15. How to run a build with tests for a push or merge
  16. Documentation
  17. Architecture at a Glance
  18. Terminology 1. Organizations 2. Concepts 3. Software

Getting Started

macOS

macOS developers will need:

# Download the code
git clone git@github.com:coreos-inc/quay.git && cd quay

# Install the system dependencies
brew install libevent libmagic postgresql gpgme pyenv pyenv-virtualenv pyenv-pip-rehash docker docker-machine node yarn

# Create a default virtualmachine for docker
docker-machine create -d virtualbox default

# Add these to ~/.bashrc or ~/.zshrc
eval "$(pyenv virtualenv-init -)"
eval "$(pyenv init -)"
eval $(/usr/local/bin/docker-machine env default)
export PYTHONPATH="."

# Some installs don't have /usr/include, required for finding SASL header files
# This command might fail because of the rootfs is read-only. Refer to the following:
# http://apple.stackexchange.com/questions/196224/unix-ln-s-command-not-permitted-in-osx-el-capitan-beta3
if [ ! -e /usr/include ]; then sudo ln -s `xcrun --show-sdk-path`/usr/include /usr/include; fi

# Install the Python dependencies
pyenv install 2.7.12
pyenv virtualenv 2.7.12 quay
pyenv activate quay
pyenv local quay

# Some packages may fail to build with clang (which now defaults to C11).
# If you're getting errors trying running again with CFLAGS='std=c99'.
pip install -r requirements.txt
pip install -r requirements-dev.txt
pip install -r requirements-test.txt

# Setup a local config
git clone git@github.com:coreos-inc/quay-config.git ../quay-config
ln -s ../../quay-config/local conf/stack

# Install Node Dependencies
yarn install

# Link Typescript
yarn link typescript

Third Party Docs

Linux

Do you use Linux? Send us a PR!

Development

PivotalTracker Integration

Tag a commit with the Tracker Story ID and GitHub automatically comments on your story with the commit message.

Add the following at the end of your commit message:

[(Finishes|Fixes|Delivers) #TRACKER_STORY_ID]

When you push to GitHub, the post-receive hook will then call back to Tracker and put a comment on the story with a link to the commit on GitHub. When tagged with "Finishes", the trigger will also click Finish on the story.

Reference: PivotalTracker blog - A Guide to GitHubs Service Hook for Tracker

Running and Testing

Test Data

A SQLite database full of test data is committed to this git repository at test/data/test.db. This database is generated by executing python initdb.py. The username and password of the admin test account is devtable and password, respectively.

Local Scripts

Running the web server locally requires goreman:

go get github.com/mattn/goreman
  • local-run runs the web server for testing
  • local-test runs the unit test suite
  • yarn run build builds front-end dependencies
  • yarn run watch builds and watches front-end dependencies
  • yarn test runs front-end test suite

Development inside Docker

To build and run a development container, pass one argument to local-docker.sh:

  • buildman: run the buildmanager
  • dev: run web server on port 5000
  • initdb: clear and initialize the test database
  • notifications: run the notification worker
  • test: run the unit test suite

Adding a Python Dependency

# Create a new virtualenv and activate it
pyenv virtualenv 2.7.12 quay-deps
pyenv activate quay-deps

# Install unversioned dependencies with your changes
pip install -r requirements-nover.txt

# Run the unit test suite
./local-test.sh

# Freeze the versions of all of the dependencies
pip freeze > requirements.txt

# Delete the virtualenv
pyenv uninstall quay-deps

Adding a Yarn Dependency

We use Yarn for frontend dependency management. The yarn.lock file ensures that we get consistant version installs using the yarn install command. However, new dependencies should be added using yarn add <npm package>. This will add an entry to package.json and yarn.lock.

Occassionally there will be merge conflicts with yarn.lock. To resolve them, use the following (taken from here).

git rebase origin/master
git checkout origin/master -- yarn.lock
yarn install
git add yarn.lock
git rebase --continue

Running the Build System

TODO

# Run an instance of redis
docker run -d -p 6379:6379 quay.io/quay/redis

To run individual tests

# To run a specific suite
TEST=true python -m test.test_api_usage -f

# To run a specific test in a suite
TEST=true python -m test.test_api_usage -f SuiteName

Pytest

# To run all tests
TEST=true PYTHONPATH="." py.test --verbose

# To run a specific test module
TEST=true PYTHONPATH="." py.test --verbose test/registry_tests.py

# To run a specific test unique test
TEST=true PYTHONPATH="." py.test --verbose test/test_api_usage.py::TestDeleteNamespace

# To retry only last failed (--lf):
TEST=true PYTHONPATH="." py.test --verbose --lf

# To start pdb on failure:
TEST=true PYTHONPATH="." py.test --verbose --pdb

# To run a coverage report (html pages in ./htmlcov):
TEST=true PYTHONPATH="." py.test --cov="." --cov-report=html --cov-report=term-missing  --cov-config=.coverage.ini --verbose

# Don't capture stdout (-s)
TEST=true PYTHONPATH="." py.test --verbose -s

Tox

To create a virtualenv to run the tests. It allows to test the code on multiple env like python2.x and python3.x or different library versions

# Test all tox env:
tox

# Add extra parameters to the pytest command:
# tox -- [pytest ARGS]
tox -- -x

# build a single env with -e:
tox -e py27-api

Running migrations

# To create a new migration with this description.
# Note there might be some errors about unique id being to long
# That's okay as long as the migration file is created
./data/migrations/migration.sh "Description goes here"

# To test the up and down of the migration
./data/migrations/migration.sh # without params

# Migrations get run when you create a docker image or you can run them
# manually with the following command.
PYTHONPATH=. alembic upgrade head

# You can also rebuild your local sqlite db image from initdb.py using
# And once you have a migration you should do this and check in the
# changes to share your migration with others.
rm test/data/test.db
python initdb.py

Running tests for migrations

Use AWS/RDS to create a test image. To create a new database from a snapshot to test against see this.

Then point the migrations to the new instance using quay-config/local/config.yaml

Remember to run this from the root of the quay directory and to set your python environment first.

PYTHONPATH=. alembic upgrade head

How to run a build with tests for a push or merge

# Inside the quay directory.
export QUAY_TAG=quay.io/quay/quay:localtest
docker build -t $QUAY_TAG --build-arg RUN_TESTS=true .

Documentation

Architecture at a Glance

Edit chart on Google Docs at Architecture at a Glance.

Terminology

Organizations

  • AppC: a standards body responsible for a Runtime and Image Format superseded by the Open Container Initiative
  • Open Container Initiative: a standards body responsible for a Runtime specification and an Image Format
  • Docker: a company that builds a platform that has its own Image Formats, Build System, Container Runtime, and Container Orchestration

Concepts

  • Image: an archive containing all of the contents necessary to execute a container
  • Image Format: a specification for the structure of an Image
  • Image Layer: an Image that may depend on being applied to other Images to generate a final Image
  • Image Squashing: the process of compressing an Image into a single Layer
  • Manifest: a text file containing metadata for a particular Image
  • Tag: a human-friendly named, mutable pointer to a particular set of Images
  • Build System: a program used to generate Images
  • Registry: a program that speaks one or more standard protocols to store and receive Images
  • Repository: a collection of related Tags organized by a Registry
  • Push: the act of uploading an Image to a Registry
  • Pull: the act of downloading an Image from a Registry
  • Container: an Image and its execution environment
  • Container Runtime: a program that can transform an Image into a Container by executing it
  • Container Orchestration: a program or set of programs that provides a framework for deploying Containers

Software

  • Quay.io: CoreOS's hosted Registry
  • Quay: CoreOS's enterprise-grade Registry product
  • quayctl: an open source program that implements alternative methods for pulling Images from Quay
  • Clair: an open source static analysis tool used to detect vulnerability in Images
  • Quay Security Scanning: the integration between Clair and Quay
  • Kubernetes: an open source program implementing Container Orchestration
  • Docker Hub: Docker's hosted Registry
  • Docker Trusted Registry: Docker's enterprise-grade Registry product
  • Notary: an open source implementation of the TUF protocol used in Docker Content Trust
  • Docker Content Trust: the integration between Notary and Docker Trusted Registry
  • Docker Engine: a program used to interact with all aspects of the Docker platform
  • Swarm: a program implementing Container Orchestration for the Docker platform