docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

tuf push working

This commit is contained in:
David Lawrence 2015-06-17 22:09:56 -07:00
parent b0df67acd3
commit 322f60b1ba
7 changed files with 32 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Godeps/Godeps.json generated
View File

@ -47,7 +47,7 @@
}, },
{ {
"ImportPath": "github.com/endophage/gotuf", "ImportPath": "github.com/endophage/gotuf",
"Rev": "e9e8b03dd7102520b09dd4c856ad4eab211fea3d" "Rev": "4e1cdf8615f2039032f44b575cb48842a523919f"
}, },
{ {
"ImportPath": "github.com/go-sql-driver/mysql", "ImportPath": "github.com/go-sql-driver/mysql",

7
Godeps/_workspace/src/github.com/endophage/gotuf/utils/utils.go generated vendored
View File

@ -3,6 +3,7 @@ package utils
import ( import (
"bytes" "bytes"
"crypto/sha256" "crypto/sha256"
"crypto/tls"
"fmt" "fmt"
"io" "io"
"net/http" "net/http"
@ -18,7 +19,11 @@ func Download(url url.URL) (*http.Response, error) {
} }
func Upload(url string, body io.Reader) (*http.Response, error) { func Upload(url string, body io.Reader) (*http.Response, error) {
return http.Post(url, "application/json", body) tr := &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
}
client := &http.Client{Transport: tr}
return client.Post(url, "application/json", body)
} }
func ValidateTarget(r io.Reader, m *data.FileMeta) error { func ValidateTarget(r io.Reader, m *data.FileMeta) error {

6
cmd/notary/tuf.go
View File

@ -265,16 +265,16 @@ func tufPush(cmd *cobra.Command, args []string) {
fatalf("must specify a QDN") fatalf("must specify a QDN")
} }
qdn := args[0] gun := args[0]
remote, err := store.NewHTTPStore( remote, err := store.NewHTTPStore(
"https://localhost:4443/v2"+qdn+"/_trust/tuf/", "https://vetinari:4443/v2/"+gun+"/_trust/tuf/",
"", "",
"json", "json",
"", "",
) )
filestore, err := store.NewFilesystemStore( filestore, err := store.NewFilesystemStore(
"", // TODO: base trust dir from config path.Join(viper.GetString("tufDir"), gun),
"metadata", "metadata",
"json", "json",
"targets", "targets",

4
cmd/vetinari-server/config.json
View File

@ -1,8 +1,8 @@
{ {
"server": { "server": {
"addr": ":4443", "addr": ":4443",
"tls_cert_file": "../../fixtures/vetinari.pem", "tls_cert_file": "./fixtures/vetinari.pem",
"tls_key_file": "../../fixtures/vetinari.key" "tls_key_file": "./fixtures/vetinari.key"
}, },
"trust_service":{ "trust_service":{
"type": "local", "type": "local",

18
server/handlers/default.go
View File

@ -36,6 +36,13 @@ func MainHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) *e
func UpdateHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) *errors.HTTPError { func UpdateHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) *errors.HTTPError {
defer r.Body.Close() defer r.Body.Close()
s := ctx.Value("versionStore") s := ctx.Value("versionStore")
if s == nil {
return &errors.HTTPError{
HTTPStatus: http.StatusInternalServerError,
Code: 9999,
Err: fmt.Errorf("Version store is nil"),
}
}
store, ok := s.(*version.VersionDB) store, ok := s.(*version.VersionDB)
if !ok { if !ok {
return &errors.HTTPError{ return &errors.HTTPError{
@ -65,13 +72,20 @@ func UpdateHandler(ctx context.Context, w http.ResponseWriter, r *http.Request)
} }
} }
version := meta.Signed.Version version := meta.Signed.Version
store.UpdateCurrent(qdn, tufRole, version, input) err = store.UpdateCurrent(qdn, tufRole, version, input)
if err != nil {
return &errors.HTTPError{
HTTPStatus: http.StatusInternalServerError,
Code: 9999,
Err: err,
}
}
return nil return nil
} }
// GetHandler accepts urls in the form /<imagename>/<tuf file>.json // GetHandler accepts urls in the form /<imagename>/<tuf file>.json
func GetHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) *errors.HTTPError { func GetHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) *errors.HTTPError {
s := ctx.Value("vesionStore") s := ctx.Value("versionStore")
store, ok := s.(*version.VersionDB) store, ok := s.(*version.VersionDB)
if !ok { if !ok {
return &errors.HTTPError{ return &errors.HTTPError{

3
server/server.go
View File

@ -58,7 +58,6 @@ func (svr *HTTPServer) TimeoutConnections() {
func Run(ctx context.Context, conf config.ServerConf, trust signed.CryptoService) error { func Run(ctx context.Context, conf config.ServerConf, trust signed.CryptoService) error {
// TODO: check validity of config // TODO: check validity of config
return run(ctx, conf.Addr, conf.TLSCertFile, conf.TLSKeyFile, trust) return run(ctx, conf.Addr, conf.TLSCertFile, conf.TLSKeyFile, trust)
} }
@ -102,7 +101,7 @@ func run(ctx context.Context, addr, tlsCertFile, tlsKeyFile string, trust signed
//if err != nil { //if err != nil {
// return err // return err
//} //}
hand := utils.RootHandlerFactory(ac, context.Background(), trust) hand := utils.RootHandlerFactory(ac, ctx, trust)
r := mux.NewRouter() r := mux.NewRouter()
// TODO (endophage): use correct regexes for image and tag names // TODO (endophage): use correct regexes for image and tag names

6
server/version/database.go
View File

@ -30,17 +30,17 @@ func NewVersionDB(db *sql.DB) *VersionDB {
// Update multiple TUF records in a single transaction. // Update multiple TUF records in a single transaction.
// Always insert a new row. The unique constraint will ensure there is only ever // Always insert a new row. The unique constraint will ensure there is only ever
func (vdb *VersionDB) UpdateCurrent(qdn, role string, version int, data []byte) error { func (vdb *VersionDB) UpdateCurrent(qdn, role string, version int, data []byte) error {
checkStmt := "SELECT 1 FROM `tuf_files` WHERE `qdn`=? AND `role`=? AND `version`=?;" checkStmt := "SELECT count(*) FROM `tuf_files` WHERE `qdn`=? AND `role`=? AND `version`=?;"
insertStmt := "INSERT INTO `tuf_files` (`qdn`, `role`, `version`, `data`) VALUES (?,?,?,?) ;" insertStmt := "INSERT INTO `tuf_files` (`qdn`, `role`, `version`, `data`) VALUES (?,?,?,?) ;"
// ensure immediately previous version exists // ensure immediately previous version exists
row := vdb.QueryRow(checkStmt, qdn, role, version-1) row := vdb.QueryRow(checkStmt, qdn, role, version-1)
var exists bool var exists int
err := row.Scan(&exists) err := row.Scan(&exists)
if err != nil { if err != nil {
return err return err
} }
if !exists { if exists == 0 && version > 0 {
return fmt.Errorf("Attempting to increment version by more than 1 for QDN: %s, role: %s, version: %d", qdn, role, version) return fmt.Errorf("Attempting to increment version by more than 1 for QDN: %s, role: %s, version: %d", qdn, role, version)
} }