adds two new static information pages to the React UI:
- /about page with company info cards and bill-of-materials table
- /security page with security practices and features documentation
implementation includes:
- PatternFly components for consistent UI design
- sortable/filterable packages table with pagination
- actual CoreOS and Red Hat logos
- nginx routing configuration for new paths
- webpack config updates to handle image assets from src/assets
Signed-off-by: Brady Pratt <bpratt@redhat.com>
Co-authored-by: Claude <noreply@anthropic.com>
* Add missing nginx routes for assign user oauth flow for react
* Add Oauth flow for assinged user token generation
* Add cypress test for assigned user oauth flow
* Show Authorized app section even when external login isnt available
* ui: removing default ui check
* ui: add option to disable angular UI
* Creating explicit angular and react cookies with config default
* Fixing "current ui" display text to respond to light theme
* Fix missing axios import
* Rewrite OAuth error for react to show a new error component
* Rewrite tests for OAuth flow
* Fix navigating to /signin from Headertoolbar
* replace url_for() with urlencode + add config setting for test suite
* Add checks before embedding redirect url + redesign OAUTH error screen
* Add ngnix routing logic to default to react UI for downstream
* Remove defaulting from env, update Makefile to build react by default for local
* Add cypress test for signin and create account workflow
* Add missing routes + fallback to backend server
* Hide UI toggle when defaulting to new UI
* Adds forgot password + recovery email, recaptcha, missing login checks
* Add external login screen + support for other login types for new UI
* Add new screen for update user after external login
* Add authorized apps section under external logins tab
* Implement updateuser react component + fix cypress test
* Fix external login OAuth flow for react
* switch logic to default to new ui
* Add DEFAULT_UI: angular to config for cypress CI
* Fix cypress tests for oauth-callback
* Rebase and fix merge conflicts
---------
Signed-off-by: harishsurf <hgovinda@redhat.com>
According to HCP support, the Ingress Load Balancer rejects requests
with a `host=...;` in the `forwarded` Header.
The PR changes that only the originating Client ($remote_addr) is
injected in the request as
```
Host: ....
Forwarded: for=127.0.0.1;
...
```
* nginx: Increase the number and size of proxy buffers (PROJQUAY-6950)
From [nginx documentation](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffering):
> When buffering is enabled, nginx receives a response from the proxied server as soon as possible, saving it into the buffers set by the proxy_buffer_size and proxy_buffers directives.
> If the whole response does not fit into memory, a part of it can be saved to a temporary file on the disk.
> Writing to temporary files is controlled by the proxy_max_temp_file_size and proxy_temp_file_write_size directives.
>
> When buffering is disabled, the response is passed to a client synchronously, immediately as it is received. nginx will not try to read the whole response from the proxied server.
> The maximum size of the data that nginx can receive from the server at a time is set by the proxy_buffer_size directive.
By default, the value of `proxy_buffer_size` directive, if not set in the nginx configuration, is equal to one memory page which on most platforms equals 4 KiB of memory. When `FEATURE_PROXY_STORAGE` is turned on and STS driver is used, the size of headers reaches that limit of 4 KiB and, if it surpasses it, nginx will error out and will not process the request. With this PR we set the buffers to an adequate size so that proxy requests are properly processed by nginx.
* Add additional nginx directive to make buffers work
Removes read support for Clair V2, along with the need to package
jwtproxy with Quay.
TODO: Drop deprecate image api + image table, remove image data model.
Nginx currently kills body reads that last longer than 60s. Bi-directional RPC calls like streaming logs requires longer reads. This change extends that timeout.
