docker/quay
1
0
Fork 0
mirror of https://github.com/quay/quay.git synced 2026-01-26 06:21:37 +03:00
Code Activity

config: Add feature flag for user events (PROJQUAY-8839) (#3830)

Browse Source 
* config: Add feature flag for user events (PROJQUAY-8839)
This commit is contained in:
Syed Ahmed
2025-04-29 09:33:49 -04:00
committed by GitHub
parent d80f1ffc20
commit f3edf96030
5 changed files with 26 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
config.py
View File

@@ -366,6 +366,9 @@ class DefaultConfig(ImmutableConfig):
# Feature Flag: Whether the v2/ endpoint is visible
FEATURE_ADVERTISE_V2 = True
# Allow realtime user events to be sent to redis
FEATURE_USER_EVENTS = True
# Semver spec for which Docker versions we will blacklist
# Documentation: http://pythonhosted.org/semantic_version/reference.html#semantic_version.Spec
BLACKLIST_V2_SPEC = "<1.6.0"

13
endpoints/v1/index.py
View File

@@ -129,8 +129,9 @@ def create_user():
if kind == CredentialKind.user:
# Mark that the login failed.
event = userevents.get_event(username)
event.publish_event_data("docker-cli", {"action": "loginfailure"})
if app.config.get("FEATURE_USER_EVENTS", True):
event = userevents.get_event(username)
event.publish_event_data("docker-cli", {"action": "loginfailure"})
abort(400, result.error_message, issue="login-failure")
# Default case: Just fail.
@@ -144,8 +145,10 @@ def create_user():
result.authed_user.username,
{"type": "quayauth", "useragent": request.user_agent.string},
)
event = userevents.get_event(username)
event.publish_event_data("docker-cli", {"action": "login"})
if app.config.get("FEATURE_USER_EVENTS", True):
event = userevents.get_event(username)
event.publish_event_data("docker-cli", {"action": "login"})
return success
@@ -254,7 +257,7 @@ def create_repository(namespace_name, repo_name):
namespace_name, repo_name, get_authenticated_user()
)
if get_authenticated_user():
if get_authenticated_user() and app.config.get("FEATURE_USER_EVENTS", True):
user_event_data = {
"action": "push_start",
"repository": repo_name,

6
endpoints/v2/v2auth.py
View File

@@ -158,8 +158,10 @@ def generate_registry_jwt(auth_result):
user.username if not user.robot else parse_robot_username(user.username)[0],
metadata=metadata,
)
event = userevents.get_event(user.username)
event.publish_event_data("docker-cli", user_event_data)
if app.config.get("FEATURE_USER_EVENTS", False):
event = userevents.get_event(user.username)
event.publish_event_data("docker-cli", user_event_data)
# Build the signed JWT.
tuf_roots = {

8
util/audit.py
View File

@@ -5,7 +5,7 @@ from urllib.parse import urlparse
from flask import request
from app import analytics, ip_resolver, userevents
from app import analytics, app, ip_resolver, userevents
from auth.auth_context import get_authenticated_context, get_authenticated_user
from data.logs_model import logs_model
from data.readreplica import ReadOnlyModeException
@@ -48,7 +48,11 @@ def track_and_log(event_name, repo_obj, analytics_name=None, analytics_sample=1,
# Publish the user event (if applicable)
logger.debug("Checking publishing %s to the user events system", event_name)
if auth_context and auth_context.has_nonrobot_user:
if (
auth_context
and auth_context.has_nonrobot_user
and app.config.get("FEATURE_USER_EVENTS", True)
):
logger.debug("Publishing %s to the user events system", event_name)
user_event_data = {
"action": event_name,

5
util/config/schema.py
View File

@@ -428,6 +428,11 @@ CONFIG_SCHEMA = {
},
},
},
"FEATURE_USER_EVENTS": {
"type": "boolean",
"description": "Whether user events are enabled. Defaults to True",
"x-example": True,
},
"USER_EVENTS_REDIS": {
"type": "object",
"description": "Connection information for Redis for user event handling",