Merge branch 'quay:master' into Developer-Quay

sivaramsingana · Sep 9, 2024 · bcae094 · bcae094
2 parents 256c1c4 + a2919e4
commit bcae094
Show file tree

Hide file tree

Showing 7 changed files with 78 additions and 17 deletions.
diff --git a/static/directives/create-external-notification.html b/static/directives/create-external-notification.html
@@ -16,7 +16,8 @@
                   <!-- Dropdown menu -->
                   <ul class="dropdown-select-menu pull-right" role="menu">
                     <li ng-repeat="event in events">
-                      <a ng-click="setEvent(event)">
+                      <!-- skipping `Image expiry trigger` as form implemented in new ui -->
+                      <a ng-click="setEvent(event)" ng-if="event.title != 'Image expiry trigger'">
                         <i class="fa fa-lg" ng-class="event.icon"></i> {{ event.title }}
                       </a>
                     </li>
@@ -186,7 +187,7 @@
       <div class="co-alert co-alert-danger" ng-show="status == 'error'">
         {{ errorMessage }}
       </div>
-      
+
       <button type="submit" class="btn btn-primary"
               ng-disabled="createForm.$invalid || !currentMethod.id || !currentEvent.id || creating">
         Create Notification

diff --git a/storage/cloud.py b/storage/cloud.py
@@ -1243,7 +1243,7 @@ def __init__(
         s3_region=None,
         endpoint_url=None,
         maximum_chunk_size_gb=None,
-        signature_version=None,
+        signature_version="s3v4",
     ):
         sts_client = boto3.client(
             "sts", aws_access_key_id=sts_user_access_key, aws_secret_access_key=sts_user_secret_key
@@ -1257,6 +1257,7 @@ def __init__(
             method="sts-assume-role",
         )
 
+        # !! NOTE !! connect_kwargs here initializes the S3Storage Class not the s3 connection (mis leading re-use of the name)
         connect_kwargs = {
             "s3_access_key": credentials["AccessKeyId"],
             "s3_secret_key": credentials["SecretAccessKey"],
@@ -1265,7 +1266,7 @@ def __init__(
             "endpoint_url": endpoint_url,
             "maximum_chunk_size_gb": maximum_chunk_size_gb,
             "deferred_refreshable_credentials": deferred_refreshable_credentials,
-            "config": Config(signature_version=signature_version),
+            "signature_version": signature_version,
         }
 
         super().__init__(context, storage_path, s3_bucket, **connect_kwargs)
diff --git a/util/migrate/allocator.py b/util/migrate/allocator.py
@@ -1,11 +1,20 @@
 import logging
+import os
 import random
 from threading import Event
 
 from bintrees import RBTree
 
 logger = logging.getLogger(__name__)
-logger.setLevel(logging.DEBUG)  # Set the default log level to DEBUG
+
+# Read the DEBUGLOG environment variable
+debug_log = os.getenv("DEBUGLOG", "false").lower() == "true"
+
+# Set the logging level based on DEBUGLOG
+if debug_log:
+    logging.basicConfig(level=logging.DEBUG)
+else:
+    logging.basicConfig(level=logging.INFO)
 
 
 class NoAvailableKeysError(ValueError):

diff --git a/util/migrate/test/test_backfill_allocator.py b/util/migrate/test/test_backfill_allocator.py
@@ -1,5 +1,8 @@
+import logging
+import os
 import random
 from datetime import datetime, timedelta
+from unittest.mock import patch
 
 import pytest
 
@@ -10,6 +13,33 @@
 )
 
 
+# Utility function to configure logging based on DEBUGLOG environment variable
+def configure_logging():
+    debug_log = os.getenv("DEBUGLOG", "false").lower() == "true"
+    level = logging.DEBUG if debug_log else logging.INFO
+    logging.basicConfig(level=level)
+
+
+# Test to verify logging setup
+def test_logging_setup():
+    with patch("logging.basicConfig") as mock_basic_config:
+
+        # Test with DEBUGLOG set to "true"
+        os.environ["DEBUGLOG"] = "true"
+        configure_logging()
+        mock_basic_config.assert_called_once_with(level=logging.DEBUG)
+        mock_basic_config.reset_mock()  # Reset mock for the next test
+
+        # Test with DEBUGLOG set to "false"
+        os.environ["DEBUGLOG"] = "false"
+        configure_logging()
+        mock_basic_config.assert_called_once_with(level=logging.INFO)
+        mock_basic_config.reset_mock()  # Reset mock for the next test
+
+    # Clean up environment variable
+    os.environ.pop("DEBUGLOG")
+
+
 def test_merge_blocks_operations():
     candidates = CompletedKeys(10)
     assert candidates.num_remaining == 10

diff --git a/util/secscan/v4/api.py b/util/secscan/v4/api.py
@@ -23,6 +23,7 @@
 logger = logging.getLogger(__name__)
 
 DOWNLOAD_VALIDITY_LIFETIME_S = 60  # Amount of time the security scanner has to call the layer URL
+DEFAULT_REQUEST_TIMEOUT = 30
 INDEX_REQUEST_TIMEOUT = 600
 
 
@@ -116,17 +117,23 @@ def retrieve_notification_page(self, notification_id, next_param=None):
 Action = namedtuple("Action", ["name", "payload"])
 
 actions: Dict[str, Callable[..., Action]] = {
-    "IndexState": lambda: Action("IndexState", ("GET", "/indexer/api/v1/index_state", None)),
-    "Index": lambda manifest: Action("Index", ("POST", "/indexer/api/v1/index_report", manifest)),
+    "IndexState": lambda: Action(
+        "IndexState", ("GET", "/indexer/api/v1/index_state", None, INDEX_REQUEST_TIMEOUT)
+    ),
+    "Index": lambda manifest: Action(
+        "Index", ("POST", "/indexer/api/v1/index_report", manifest, INDEX_REQUEST_TIMEOUT)
+    ),
     "GetIndexReport": lambda manifest_hash: Action(
-        "GetIndexReport", ("GET", "/indexer/api/v1/index_report/" + manifest_hash, None)
+        "GetIndexReport",
+        ("GET", "/indexer/api/v1/index_report/" + manifest_hash, None, INDEX_REQUEST_TIMEOUT),
     ),
     "GetVulnerabilityReport": lambda manifest_hash: Action(
         "GetVulnerabilityReport",
         (
             "GET",
             "/matcher/api/v1/vulnerability_report/" + manifest_hash,
             None,
+            DEFAULT_REQUEST_TIMEOUT,
         ),
     ),
     "DeleteNotification": lambda notification_id: Action(
@@ -135,6 +142,7 @@ def retrieve_notification_page(self, notification_id, next_param=None):
             "DELETE",
             "/notifier/api/v1/notification/%s" % (notification_id),
             None,
+            DEFAULT_REQUEST_TIMEOUT,
         ),
     ),
     "GetNotification": lambda notification_id, next_param: Action(
@@ -144,15 +152,12 @@ def retrieve_notification_page(self, notification_id, next_param=None):
             "/notifier/api/v1/notification/%s%s"
             % (notification_id, "?next=" + next_param if next_param else ""),
             None,
+            DEFAULT_REQUEST_TIMEOUT,
         ),
     ),
     "DeleteIndexReport": lambda manifest_hash: Action(
         "DeleteIndexReport",
-        (
-            "DELETE",
-            "/indexer/api/v1/index_report/" + manifest_hash,
-            None,
-        ),
+        ("DELETE", "/indexer/api/v1/index_report/" + manifest_hash, None, INDEX_REQUEST_TIMEOUT),
     ),
 }
 
@@ -320,7 +325,7 @@ def vulnerability_report(self, manifest_hash):
 
     def _perform(self, action):
         request_start_time = time.time()
-        (method, path, body) = action.payload
+        (method, path, body, timeout) = action.payload
         url = urljoin(self.secscan_api_endpoint, path)
 
         headers = {}
@@ -331,15 +336,19 @@ def _perform(self, action):
 
         logger.debug("%sing security URL %s", method.upper(), url)
         try:
-            resp = self._client.request(
-                method, url, json=body, headers=headers, timeout=INDEX_REQUEST_TIMEOUT
-            )
+            resp = self._client.request(method, url, json=body, headers=headers, timeout=timeout)
         except requests.exceptions.ConnectionError as ce:
             logger.exception("Connection error when trying to connect to security scanner endpoint")
             msg = "Connection error when trying to connect to security scanner endpoint: %s" % str(
                 ce
             )
             raise APIRequestFailure(msg)
+        except requests.exceptions.Timeout as te:
+            logger.exception("Security scanner endpoint timed out")
+            msg = "Connection error when trying to connect to security scanner endpoint: %s" % str(
+                te
+            )
+            raise APIRequestFailure(msg)
 
         dur = time.time() - request_start_time
         secscan_request_duration.labels(method, action.name, resp.status_code).observe(dur)

diff --git a/util/secscan/v4/test/test_secscan.py b/util/secscan/v4/test/test_secscan.py
@@ -2,6 +2,7 @@
 
 import pytest
 from mock import patch
+from requests.exceptions import Timeout
 
 from app import instance_keys, storage
 from config import build_requests_session
@@ -101,3 +102,11 @@ def test_vulnerability_report_incompatible_api_response(api, initialized_db):
             layers = registry_model.list_manifest_layers(manifest, storage, True)
 
             api.vulnerability_report(manifest.digest)
+
+
+def test_vulnerability_report_timeout(api, initialized_db):
+    with fake_security_scanner() as security_scanner:
+        with pytest.raises(APIRequestFailure):
+            with patch.object(api._client, "request", side_effect=Timeout):
+                manifest = manifest_for("devtable", "simple", "latest")
+                api.vulnerability_report(manifest.digest)
diff --git a/web/src/routes/UsageLogs/UsageLogs.tsx b/web/src/routes/UsageLogs/UsageLogs.tsx
@@ -241,4 +241,6 @@ export const logKinds = {
   update_repository_autoprune_policy: 'Update Repository Autoprune Policy',
   delete_repository_autoprune_policy: 'Delete Repository Autoprune Policy',
   oauth_token_assigned: 'OAuth token assigned',
+  enable_team_sync: 'Enable Team Sync',
+  disable_team_sync: 'Disable Team Sync',
 };