Adds API endpoints for quota management (#1197)

Co-authored-by: Steven Smith <[email protected]>

api/master.adoc

@@ -68,6 +68,15 @@ include::modules/use-quay-export-logs-api.adoc[leveloffset=+2]
 include::modules/adding-managing-labels-api.adoc[leveloffset=+2]
 //mirror 
 include::modules/mirror-quay-api.adoc[leveloffset=+2]
+//quota
+include::modules/quota-management-api.adoc[leveloffset=+2]
+//quota (organization)
+include::modules/quota-organization-management-api.adoc[leveloffset=+3]
+// quota limits organization
+include::modules/quota-limit-api.adoc[leveloffset=+3]
+//quota (user limits and policies)
+include::modules/quota-limit-user-api.adoc[leveloffset=+3]
+
 
 //include::modules/proc_use-api.adoc[leveloffset=+1]
 
@@ -136,6 +145,7 @@ include::modules/api-mirror-getRepoMirrorConfig.adoc[leveloffset=+3]
 include::modules/api-mirror-changeRepoMirrorConfig.adoc[leveloffset=+3]
 include::modules/api-mirror-createRepoMirrorConfig.adoc[leveloffset=+3]
 
+
 include::modules/api-namespacequota.adoc[leveloffset=+2]
 include::modules/api-namespacequota-listUserQuota.adoc[leveloffset=+3]
 include::modules/api-namespacequota-getOrganizationQuotaLimit.adoc[leveloffset=+3]

modules/api-global-messages.adoc

@@ -15,8 +15,8 @@ Use the following procedure to create, obtain, or delete a global message.
 +
 [source,terminal]
 ----
-$ curl -X POST "https://quay-server.example.com/api/v1/messages" \
-    -H "Authorization: Bearer wplKtAuAX6DzAJwtB3X77nc18RFj2TKE5gTEk5K2" \
+$ curl -X POST "https://<quay-server.example.com>/api/v1/messages" \
+    -H "Authorization: Bearer <access_token>" \
     -H "Content-Type: application/json" \
     -d '{
         "message": {

modules/api-globalmessages-createGlobalMessage.adoc

@@ -41,8 +41,8 @@ _required_|A single message|object
 == Example command
 [source,terminal]
 ----
-$ curl -X POST "https://quay-server.example.com/api/v1/messages" \
-    -H "Authorization: Bearer wplKtAuAX6DzAJwtB3X77nc18RFj2TKE5gTEk5K2" \
+$ curl -X POST "https://<quay-server.example.com>/api/v1/messages" \
+    -H "Authorization: Bearer <access_token>" \
     -H "Content-Type: application/json" \
     -d '{
         "message": {

modules/quota-establishment-api.adoc

@@ -1,79 +1,62 @@
-[[quota-establishment-api]]
-= Establishing quota with the {productname} API
+[id="quota-establishment-api"]
+= Establishing quota for an organization with the {productname} API
 
-When an organization is first created, it does not have a quota applied. Use the */api/v1/organization/{organization}/quota* endpoint:
+When an organization is first created, it does not have an established quota. You can use the API to check, create, change, or delete quota limitations for an organization. 
 
-.Sample command
-[source,terminal]
-----
-$ curl -k -X GET -H "Authorization: Bearer <token>" -H 'Content-Type: application/json'  https://example-registry-quay-quay-enterprise.apps.docs.gcp.quaydev.org/api/v1/organization/testorg/quota  | jq
-----
+.Prerequisites
 
-.Sample output
-[source,terminal]
-----
-[]
-----
+* You have generated an OAuth access token.
 
-== Setting the quota
+.Procedure
 
-To set a quota for an organization, POST data to the */api/v1/organization/{orgname}/quota* endpoint:
-.Sample command
+. To set a quota for an organization, you can use the link:https://docs.redhat.com/en/documentation/red_hat_quay/{producty}/html-single/red_hat_quay_api_guide/index#createorganizationquota[`POST /api/v1/organization/{orgname}/quota`] endpoint:
++
 [source,terminal]
 ----
-$ curl -k -X POST -H "Authorization: Bearer <token>" -H 'Content-Type: application/json' -d '{"limit_bytes": 10485760}'  https://example-registry-quay-quay-enterprise.apps.docs.quayteam.org/api/v1/organization/testorg/quota | jq
+$ curl -X POST "https://<quay-server.example.com>/api/v1/organization/<orgname>/quota" \
+     -H "Authorization: Bearer <access_token>" \
+     -H "Content-Type: application/json" \
+     -d '{
+         "limit_bytes": 10737418240,
+         "limits": "10 Gi"
+     }'
 ----
-
-.Sample output
++
+.Example output
 [source,terminal]
 ----
 "Created"
 ----
 
-== Viewing the quota
-
-To see the applied quota, `GET` data from the  */api/v1/organization/{orgname}/quota* endpoint:
-
-.Sample command
+. Use the link:https://docs.redhat.com/en/documentation/red_hat_quay/{producty}/html-single/red_hat_quay_api_guide/index#listorganizationquota[`GET /api/v1/organization/{orgname}/quota`] command to see if your organization already has an established quota:
++
 [source,terminal]
 ----
 $ curl -k -X GET -H "Authorization: Bearer <token>" -H 'Content-Type: application/json'  https://example-registry-quay-quay-enterprise.apps.docs.gcp.quaydev.org/api/v1/organization/testorg/quota  | jq
 ----
-
-.Sample output
-[source,json]
++
+.Example output
+[source,terminal]
 ----
-[
-  {
-    "id": 1,
-    "limit_bytes": 10485760,
-    "default_config": false,
-    "limits": [],
-    "default_config_exists": false
-  }
-]
+[{"id": 1, "limit_bytes": 10737418240, "limit": "10.0 GiB", "default_config": false, "limits": [], "default_config_exists": false}]
 ----
 
-== Modifying the quota
-
-To change the existing quota, in this instance from 10 MB to 100 MB, PUT data to the */api/v1/organization/{orgname}/quota/{quota_id}* endpoint:
-
-.Sample command
+. You can use the link:https://docs.redhat.com/en/documentation/red_hat_quay/{producty}/html-single/red_hat_quay_api_guide/index#changeorganizationquota[`PUT /api/v1/organization/{orgname}/quota/{quota_id}`] command to modify the existing quota limitation. For example:
++
 [source,terminal]
 ----
-$ curl -k -X PUT -H "Authorization: Bearer <token>" -H 'Content-Type: application/json' -d '{"limit_bytes": 104857600}'  https://example-registry-quay-quay-enterprise.apps.docs.gcp.quaydev.org/api/v1/organization/testorg/quota/1 | jq
+$ curl -X PUT "https://<quay-server.example.com>/api/v1/organization/<orgname>/quota/<quota_id>" \
+     -H "Authorization: Bearer <access_token>" \
+     -H "Content-Type: application/json" \
+     -d '{                                
+         "limit_bytes": <limit_in_bytes>
+     }' 
 ----
-
-.Sample output
++
+.Example output
 [source,json]
 ----
-{
-  "id": 1,
-  "limit_bytes": 104857600,
-  "default_config": false,
-  "limits": [],
-  "default_config_exists": false
-}
+{"id": 1, "limit_bytes": 21474836480, "limit": "20.0 GiB", "default_config": false, "limits": [], "default_config_exists": false}
 ----
 
 == Pushing images

modules/quota-limit-api.adoc

@@ -0,0 +1,90 @@
+[id="quota-limit-management-api"]
+= Setting quota limits for an organization with the {productname} API
+
+You can set specific quota limits for an organization so that, when exceeded, a warning is returned, or the pushed image is denied altogether.
+
+.Procedure
+
+. Use the link:https://docs.redhat.com/en/documentation/red_hat_quay/{producty}/html-single/red_hat_quay_api_guide/index#createorganizationquotalimit[`POST /api/v1/organization/{orgname}/quota/{quota_id}/limit`] command to create a quota policy that rejects images if they exceeded the allotted quota. For example:
++
+[source,terminal]
+----
+$ curl -X POST "https://<quay-server.example.com>/api/v1/organization/<orgname>/quota/<quota_id>/limit" \
+     -H "Authorization: Bearer <access_token>" \
+     -H "Content-Type: application/json" \
+     -d '{
+           "limit_bytes": 21474836480,
+           "type": "Reject", <1>
+           "threshold_percent": 90 <2>
+         }'
+----
+<1> One of `Reject` or `Warning`.
+<2> Quota threshold, in percent of quota.
++
+.Example output
++
+[source,terminal]
+----
+"Created"
+----
+
+. Use the link:https://docs.redhat.com/en/documentation/red_hat_quay/3.13/html-single/red_hat_quay_api_guide/index#listorganizationquotalimit[`GET /api/v1/organization/{orgname}/quota/{quota_id}/limit`] to obtain the ID of the quota limit. For example:
++
+[source,terminal]
+----
+$ curl -X GET "https://<quay-server.example.com>/api/v1/organization/<orgname>/quota/<quota_id>/limit" \
+     -H "Authorization: Bearer <access_token>"
+----
++
+.Example output
++
+[source,terminal]
+----
+[{"id": 2, "type": "Reject", "limit_percent": 90}]
+----
+
+////
+. Use the link:https://docs.redhat.com/en/documentation/red_hat_quay/{producty}/html-single/red_hat_quay_api_guide/index#getuserquotalimit[`GET /api/v1/user/quota/{quota_id}/limit/{limit_id}`] endpoint to return information about the quota limit. Note that this requires the limit ID. For example:
++
+[source,terminal]
+----
+
+----
++
+.Example output
++
+[source,terminal]
+----
+
+----
+////
+
+. Update the policy with the link:https://docs.redhat.com/en/documentation/red_hat_quay/{producty}/html-single/red_hat_quay_api_guide/index#changeorganizationquotalimit[`PUT /api/v1/organization/{orgname}/quota/{quota_id}/limit/{limit_id}`] endpoint. For example:
++
+[source,terminal]
+----
+$ curl -X PUT "https://<quay-server.example.com>/api/v1/organization/<orgname>/quota/<quota_id>/limit/<limit_id>" \
+     -H "Authorization: Bearer <access_token>" \
+     -H "Content-Type: application/json" \
+     -d '{
+           "type": "<type>",
+           "threshold_percent": <threshold_percent>
+         }'
+----
++
+.Example output
++
+[source,terminal]
+----
+{"id": 3, "limit_bytes": 10737418240, "limit": "10.0 GiB", "default_config": false, "limits": [{"id": 2, "type": "Warning", "limit_percent": 80}], "default_config_exists": false}
+----
+
+. You can delete the quota limit with the link:https://docs.redhat.com/en/documentation/red_hat_quay/{producty}/html-single/red_hat_quay_api_guide/index#deleteorganizationquotalimit[`DELETE /api/v1/organization/{orgname}/quota/{quota_id}/limit/{limit_id}`] endpoint:
++
+[source,terminal]
+----
+$ curl -X DELETE "https://<quay-server.example.com>/api/v1/organization/<orgname>/quota/<quota_id>/limit/<limit_id>" \
+     -H "Authorization: Bearer <access_token>"
+----
++
+This command does not return output.

modules/quota-limit-user-api.adoc

@@ -0,0 +1,67 @@
+[id="quota-limit-user-api"]
+= Obtaining quota limits for the user with the {productname} API
+
+You can specify quota and limitations for users so that, when exceeded, a warning is returned, or the pushed image is denied altogether.  Quota limits for users must be set on the {productname} UI. The following APIs can be used to view the quota limits for the user that is logged in. 
+
+.Procedure
+
+. Use the link:https://docs.redhat.com/en/documentation/red_hat_quay/{producty}/html-single/red_hat_quay_api_guide/index#listuserquota[`GET /api/v1/user/quota`] command to return information about the quota limitations:
++
+[source,terminal]
+----
+$ curl -X GET "https://<quay-server.example.com>/api/v1/user/quota" \
+  -H "Authorization: Bearer <access_token>"
+----
++
+.Example output
++
+[source,terminal]
+----
+[{"id": 4, "limit_bytes": 2199023255552, "limit": "2.0 TiB", "default_config": false, "limits": [], "default_config_exists": false}]
+----
+
+. After you have received the quota ID, you can pass it in with the link:https://docs.redhat.com/en/documentation/red_hat_quay/{producty}/html-single/red_hat_quay_api_guide/index#getuserquota[`GET /api/v1/user/quota/{quota_id}`] endpoint to return information about the limitation:
++
+[source,terminal]
+----
+$ curl -X GET "https://<quay-server.example.com>/api/v1/user/quota/{quota_id}" \
+  -H "Authorization: Bearer <access_token>"
+----
++
+.Example output
++
+[source,terminal]
+----
+{"id": 4, "limit_bytes": 2199023255552, "limit": "2.0 TiB", "default_config": false, "limits": [], "default_config_exists": false}
+----
+
+. The limitations can be viewed by using the link:https://docs.redhat.com/en/documentation/red_hat_quay/{producty}/html-single/red_hat_quay_api_guide/index#listuserquotalimit[`GET /api/v1/user/quota/{quota_id}/limit`] endpoint. For example:
++
+[source,terminal]
+----
+$ curl -X GET "https://<quay-server.example.com>/api/v1/user/quota/{quota_id}/limit" \
+  -H "Authorization: Bearer <access_token>"
+----
++
+.Example output
++
+[source,terminal]
+----
+[{"id": 3, "type": "Reject", "limit_percent": 100}]
+----
+
+. Additional information about the entire policy can be returned using the link:https://docs.redhat.com/en/documentation/red_hat_quay/{producty}/html-single/red_hat_quay_api_guide/index#getuserquotalimit[`GET /api/v1/user/quota/{quota_id}/limit/{limit_id}`] endpoint:
++
+[source,terminal]
+----
+$ curl -X GET "https://<quay-server.example.com>/api/v1/user/quota/{quota_id}/limit/{limit_id}" \
+  -H "Authorization: Bearer <access_token>"
+----
++
+.Example output
++
+[source,terminal]
+----
+{"id": 4, "limit_bytes": 2199023255552, "limit": "2.0 TiB", "default_config": false, "limits": [{"id": 3, "type": "Reject", "limit_percent": 100}], "default_config_exists": false}
+
+----

modules/quota-management-api.adoc

@@ -0,0 +1,6 @@
+[id="quota-management-api"]
+= Establishing quota with the {productname} API
+
+You can establish quota for an organization or users, and tailor quota policies to suit the needs of your registry.
+
+The following sections show you how to establish quota for an organization, a user, and then how to modify those settings.