docker/quay
1
0
Fork 0
mirror of https://github.com/quay/quay.git synced 2026-01-26 06:21:37 +03:00
Code Activity
12,549 Commits 2,636 Branches 136 Tags
2beba31c08b4669fbd96044379e57f2bb167d6fc
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Dave O'Connor 2beba31c08 fix: allow global readonly superusers to access org logs without FULL_ACCESS (PROJQUAY-9790) (#4535) 
This fixes a bug where global readonly superusers were incorrectly blocked
from accessing organization logs when FEATURE_SUPERUSERS_FULL_ACCESS was
set to false.

Changes:
- Updated OrgLogs.get() to allow global readonly superusers
- Updated OrgAggregateLogs.get() to allow global readonly superusers
- Updated ExportOrgLogs.post() to allow global readonly superusers
- Added comprehensive tests verifying the fix

The fix ensures that:
1. Global readonly superusers can ALWAYS access organization logs for
   auditing purposes, regardless of FEATURE_SUPERUSERS_FULL_ACCESS setting
2. Regular superusers are still blocked from accessing organization logs
   when FEATURE_SUPERUSERS_FULL_ACCESS is false (correct behavior)

All three endpoints now use consistent permission logic:
  permission.can() OR
  allow_if_global_readonly_superuser() OR
  allow_if_superuser_with_full_access()

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-authored-by: Claude <noreply@anthropic.com>
2025-11-18 09:19:35 -05:00
.chglog
Fix changelog (#1390)
2022-06-16 16:52:52 +02:00
.claude
chore: add create-plan-from-issue CC command (#4531)
2025-11-17 11:44:34 -05:00
.github
chore: setup surge previews (#4485)
2025-11-07 22:34:49 +00:00
auth
feat(api v1): global readonly superuser support and app token visibility (PROJQUAY-8279) (#4276)
2025-10-21 15:00:59 -04:00
avatars
chore: drop deprecated tables and remove unused code (PROJQUAY-522) (#2089)
2023-08-25 12:17:24 -04:00
buildman
sentry: added additional filtering for sentry events (PROJQUAY-9436) (#4418)
2025-10-31 09:42:23 -04:00
buildstatus
initial import for Open Source 🎉
2019-11-12 11:09:47 -05:00
buildtrigger
documentation: Change tag template link location for build triggers (PROJQUAY-6044) (#2234)
2023-09-14 11:54:01 -04:00
conf
fix(ui): Add OAuth token authorization flow for assigned users (PROJQUAY-9632) (#4428)
2025-10-31 17:27:31 +00:00
config-tool
feat: Added Redis database and Redis flush worker (PROJQUAY-7176) (#4321)
2025-10-17 09:27:11 -04:00
data
pullstats: updated bulk upsert function to track correct pull count and timestamp in case of race condition (PROJQUAY-9684) (#4463)
2025-11-14 09:48:23 -05:00
deploy
deploy: remove GRPC service from the deployment template (PROJQUAY-0000) (#4440)
2025-11-03 11:01:16 -05:00
digest
chore: drop deprecated tables and remove unused code (PROJQUAY-522) (#2089)
2023-08-25 12:17:24 -04:00
docs
api: allow refining search with an organization (PROJQUAY-7244) (#2901)
2024-08-09 11:19:55 -04:00
emails
email: fix org recovery link in email (PROJQUAY-2589) (#903)
2021-09-28 10:06:46 -04:00
endpoints
fix: allow global readonly superusers to access org logs without FULL_ACCESS (PROJQUAY-9790) (#4535)
2025-11-18 09:19:35 -05:00
events
backend: implement basic functionality (PROJQUAY-7076) (#2984)
2024-06-27 16:48:39 -04:00
features
feat: Added Redis database and Redis flush worker (PROJQUAY-7176) (#4321)
2025-10-17 09:27:11 -04:00
hack
script: prepopulate local quay instance (#4400)
2025-10-27 09:42:18 -04:00
health
Revert "healthcheck: Make gunicorn health check timeout configurable (PROJQUAY-8757)" (#3774)
2025-04-11 10:29:50 -04:00
image
api: Disallow push of manifests with negative layer size (PROJQUAY-8560) (#3683)
2025-06-12 11:31:05 -04:00
integration_tests
ui: Upgrade to PatternFly v5 (PROJQUAY-6085) (#2281)
2023-10-06 14:11:36 +00:00
local-dev
chore: add ldap dev config (#4497)
2025-11-11 22:41:24 +00:00
mypy_stubs
chore: drop deprecated tables and remove unused code (PROJQUAY-522) (#2089)
2023-08-25 12:17:24 -04:00
notifications
notifications: fetch autoprune tags with multiple policies for image expiry notification (PROJQUAY-8117) (#3340)
2024-10-18 16:17:07 -04:00
oauth
test(oidc): add comprehensive PKCE test coverage (PROJQUAY-9281) (#4257)
2025-10-02 12:07:28 -04:00
plans
docs(oidc): add PKCE implementation and validation documentation (PROJQUAY-9281) (#4258)
2025-09-29 13:12:42 -04:00
proxy
proxy: Drop error 403 token requests for anonymous pulls (PROJQUAY-9012) (#4235)
2025-11-04 10:46:17 -05:00
rust-builddeps
build: Add rust build dependencies for cryptography (PROJQUAY-8804) (#3954)
2025-05-29 10:27:04 -04:00
scripts
scripts: clean up old container in frontend build script (PROJQUAY-0000) (#3777)
2025-04-11 13:38:51 -04:00
static
feat: Add image pull statistics API endpoints and UI integration (PROJQUAY-7176) (#4382)
2025-10-27 15:19:52 -04:00
storage
revert: tracing improving otlp handling (PROJQUAY-8902) (#4438)
2025-11-03 16:17:32 +01:00
templates
fix: resolve Sentry/OpenTelemetry integration conflicts (PROJQUAY-9198) (#4232)
2025-09-04 16:19:27 -04:00
test
fix(api): superuser panel access without SUPERUSERS_FULL_ACCESS (PROJQUAY-9693) (#4455)
2025-11-13 09:38:11 -05:00
tools
chore: drop deprecated tables and remove unused code (PROJQUAY-522) (#2089)
2023-08-25 12:17:24 -04:00
util
fix: Added lazy initialization for redis to retry the connection after pod restart automatically connect when available (PROJQUAY-9791) (#4538)
2025-11-18 06:15:37 +00:00
web
fix(web): handle user deletion via Actions dropdown (PROJQUAY-9788) (#4539)
2025-11-18 07:23:22 +05:30
workers
sentry: added additional filtering for sentry events (PROJQUAY-9436) (#4418)
2025-10-31 09:42:23 -04:00
_init.py
Revert workqueue refactor (#1456)
2022-07-22 13:11:39 -04:00
.dockerignore
chore(build): avoid npm caches in images when building locally (PROJQUAY-9604) (#4482)
2025-11-07 13:38:31 -05:00
.flake8
Enable some flake8 checks in CI (#1389)
2022-06-16 18:22:16 +02:00
.gitignore
chore: ctrf cypress reporting (#4486)
2025-11-07 16:02:37 -06:00
.mcp.json
chore: add create-plan-from-issue CC command (#4531)
2025-11-17 11:44:34 -05:00
.pre-commit-config.yaml
ui: run builds (PROJQUAY-6297) (#2636)
2024-02-13 12:00:59 -05:00
active_migration.py
chore: drop deprecated tables and remove unused code (PROJQUAY-522) (#2089)
2023-08-25 12:17:24 -04:00
alembic.ini
initial import for Open Source 🎉
2019-11-12 11:09:47 -05:00
app.py
revert: tracing improving otlp handling (PROJQUAY-8902) (#4438)
2025-11-03 16:17:32 +01:00
artifacts.lock.yaml
security: address golang vulnerabilities (PROJQUAY-8635) (#4110)
2025-07-07 09:06:46 -04:00
bill-of-materials.json
chore: remove yapf (PROJQUAY-4865) (#1693)
2023-01-25 15:01:30 +01:00
boot.py
chore: drop deprecated tables and remove unused code (PROJQUAY-522) (#2089)
2023-08-25 12:17:24 -04:00
build.sh
[Feature] storage: Modify the STS S3 implementation of the storage backend to use Web Identity Tokens when available (PROJQUAY-8576) (#3670)
2025-03-13 14:44:24 -04:00
CHANGELOG.md
Revert "v3.12.1 Changelog Bump" (#3100)
2024-08-01 12:30:17 -04:00
cirun.config.yaml
Major post-OCI cleanup (#225)
2020-03-17 13:27:29 -04:00
config.py
chore: enable FEATURE_UI_V2 as default (#4511)
2025-11-13 15:07:06 +00:00
constraints.txt
build: updating hack script for gathering python dependencies on konflux (PROJQUAY-8804) (#3950)
2025-05-29 11:11:41 -04:00
displayversion.py
chore: drop deprecated tables and remove unused code (PROJQUAY-522) (#2089)
2023-08-25 12:17:24 -04:00
docker-compose.static
feat(oidc): add PKCE (S256/plain) support with session-verifier flow (PROJQUAY-9281) (#4256)
2025-10-01 16:42:25 -04:00
docker-compose.yaml
chore: add ldap dev config (#4497)
2025-11-11 22:41:24 +00:00
Dockerfile
nginx: Add nginx routing logic to default to react UI for downstream (PROJQUAY-9207) (#4252)
2025-10-14 15:10:39 -04:00
external_libraries.py
deps: removing unused raven dependencies (PROJQUAY-9198) (#4179)
2025-08-08 12:09:46 -04:00
GOVERNANCE.md
initial import for Open Source 🎉
2019-11-12 11:09:47 -05:00
initdb.py
db: Added TagPullStatistics and ManifestPullStatistics tables with migrations (PROJQUAY-8414) (#4318)
2025-10-07 10:59:37 -04:00
karma.conf.js
deps: removing unused raven dependencies (PROJQUAY-9198) (#4179)
2025-08-08 12:09:46 -04:00
LICENSE
initial import for Open Source 🎉
2019-11-12 11:09:47 -05:00
loghandler.py
chore: drop deprecated tables and remove unused code (PROJQUAY-522) (#2089)
2023-08-25 12:17:24 -04:00
Makefile
chore: add ldap dev config (#4497)
2025-11-11 22:41:24 +00:00
mypy.ini
chore: bump mypy python_version to 3.12 (#4490)
2025-11-10 09:29:00 -06:00
package-lock.json
deps: update sha.js to 2.4.12 (PROJQUAY-9332) (#4216)
2025-08-26 18:25:14 +00:00
package.json
deps: updated raven dependency to be compatible with python 3.12 (PROJQUAY-9198) (#4169)
2025-08-07 15:58:59 -04:00
path_converters.py
chore: update werkzeug and related package versions (PROJQUAY-5098) (#1982)
2023-09-12 11:51:09 -04:00
project_quay_logo.png
initial import for Open Source 🎉
2019-11-12 11:09:47 -05:00
pyproject.toml
chore: fix isort config and remove isort: skip_file (#2196)
2023-09-21 11:46:03 -04:00
quay-entrypoint.sh
alembic: Install certs during alembic migrations (PROJQUAY-9135) (#4125)
2025-07-15 09:51:09 -04:00
README.md
chore: Update README.md (#3155)
2024-08-21 15:42:08 -04:00
registry.py
chore: drop deprecated tables and remove unused code (PROJQUAY-522) (#2089)
2023-08-25 12:17:24 -04:00
release.py
chore: drop deprecated tables and remove unused code (PROJQUAY-522) (#2089)
2023-08-25 12:17:24 -04:00
requirements-build.txt
konflux: update requirements-build dependencies (#4374)
2025-10-16 12:25:55 -04:00
requirements-dev.txt
build(deps-dev): bump bencode-py from 2.1.0 to 4.0.0 (#2382)
2024-07-15 15:52:54 +02:00
requirements.txt
konflux: update requirements-build dependencies (#4374)
2025-10-16 12:25:55 -04:00
rpms.in.yaml
build: rpm lock for konflux builds (PROJQUAY-8930) (#3888)
2025-05-22 10:23:35 -04:00
rpms.lock.yaml
build: rpm lock for konflux builds (PROJQUAY-8930) (#3888)
2025-05-22 10:23:35 -04:00
secscan.py
chore: allows Quay to run for account recoveries (PROJQUAY-970) (#793)
2021-07-07 12:45:24 -04:00
setup.cfg
chore: update setup.py (#3565)
2025-01-14 18:33:02 +00:00
setup.py
deps: updated raven dependency to be compatible with python 3.12 (PROJQUAY-9198) (#4169)
2025-08-07 15:58:59 -04:00
TESTING.md
initial import for Open Source 🎉
2019-11-12 11:09:47 -05:00
tox.ini
build: move quay to python 3.12 (PROJQUAY-8800) (#3780)
2025-05-29 09:35:48 -04:00
tsconfig.json
initial import for Open Source 🎉
2019-11-12 11:09:47 -05:00
tslint.json
initial import for Open Source 🎉
2019-11-12 11:09:47 -05:00
ubi.repo
build: rpm lock for konflux builds (PROJQUAY-8930) (#3888)
2025-05-22 10:23:35 -04:00
web.py
robots: Add robot federation for keyless auth (PROJQUAY-7803) (#3207)
2024-09-24 11:32:38 -04:00
webpack.config.js
deps: updated raven dependency to be compatible with python 3.12 (PROJQUAY-9198) (#4169)
2025-08-07 15:58:59 -04:00

README.md

Project Quay

CI Container Repository on Quay

⚠️ The master branch may be in an unstable or even broken state during development. Please use releases instead of the master branch in order to get stable software.

Project Quay Logo

Project Quay builds, stores, and distributes your container images.

High-level features include:

Getting Started

  • Explore a live instance of Project Quay hosted at Quay.io
  • Watch talks given about Project Quay
  • Review the documentation for Red Hat Quay
  • Get up and running with our getting started guide for developing or deploying Quay
  • Deploy on Kubernetes using the Quay Operator

Community

License

Project Quay is under the Apache 2.0 license. See the LICENSE file for details.

View Git Blame Copy Permalink
Description
Создавайте, храните и распространяйте свои приложения и контейнеры
https://www.projectquay.io
Readme Apache-2.0 246 MiB
Languages
Python 54.8%
TypeScript 25.1%
JavaScript 8.8%
HTML 5.5%
CSS 2.8%
Other 2.8%