mirror of https://github.com/docker/docs.git
changing over logging to logrus
This commit is contained in:
David Lawrence
parent
7f5250b604
commit
4b39bf0c97
|
|
@ -2,12 +2,12 @@
|
||||||
"server": {
|
"server": {
|
||||||
"addr": ":4444",
|
"addr": ":4444",
|
||||||
"tls_key_file": "/go/src/github.com/docker/vetinari/fixtures/vetinari.key",
|
"tls_key_file": "/go/src/github.com/docker/vetinari/fixtures/vetinari.key",
|
||||||
"tls_cert_file": "/go/src/github.com/docker/vetinari/fixtures/vetinari.pem",
|
"tls_cert_file": "/go/src/github.com/docker/vetinari/fixtures/vetinari.pem"
|
||||||
"tls_ca_file": "/go/src/github.com/docker/vetinari/fixtures/ca.cert"
|
|
||||||
},
|
},
|
||||||
"trust_service": {
|
"trust_service": {
|
||||||
"type": "remote",
|
"type": "remote",
|
||||||
"hostname": "rufus",
|
"hostname": "rufus",
|
||||||
"port": "7899"
|
"port": "7899",
|
||||||
|
"tls_ca_file": "/go/src/github.com/docker/vetinari/fixtures/ca.cert"
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,7 @@ package main
|
||||||
import (
|
import (
|
||||||
_ "expvar"
|
_ "expvar"
|
||||||
"flag"
|
"flag"
|
||||||
|
"fmt"
|
||||||
"log"
|
"log"
|
||||||
"net/http"
|
"net/http"
|
||||||
_ "net/http/pprof"
|
_ "net/http/pprof"
|
||||||
|
|
@ -10,6 +11,8 @@ import (
|
||||||
"os/signal"
|
"os/signal"
|
||||||
"syscall"
|
"syscall"
|
||||||
|
|
||||||
|
"github.com/Sirupsen/logrus"
|
||||||
|
"github.com/endophage/go-tuf/signed"
|
||||||
"golang.org/x/net/context"
|
"golang.org/x/net/context"
|
||||||
|
|
||||||
_ "github.com/docker/vetinari/auth/token"
|
_ "github.com/docker/vetinari/auth/token"
|
||||||
|
|
@ -40,7 +43,8 @@ func main() {
|
||||||
|
|
||||||
conf, err := parseConfig(configFile)
|
conf, err := parseConfig(configFile)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatalf("Error parsing config: %s", err.Error())
|
logrus.Fatal("Error parsing config: ", err.Error())
|
||||||
|
return // not strictly needed but let's be explicit
|
||||||
}
|
}
|
||||||
|
|
||||||
sigHup := make(chan os.Signal)
|
sigHup := make(chan os.Signal)
|
||||||
|
|
@ -49,30 +53,39 @@ func main() {
|
||||||
signal.Notify(sigHup, syscall.SIGHUP)
|
signal.Notify(sigHup, syscall.SIGHUP)
|
||||||
signal.Notify(sigTerm, syscall.SIGTERM)
|
signal.Notify(sigTerm, syscall.SIGTERM)
|
||||||
|
|
||||||
|
var trust signed.TrustService
|
||||||
|
if conf.TrustServiceConf.Type == "remote" {
|
||||||
|
logrus.Info("[Vetinari Server] : Using remote signing service")
|
||||||
|
trust = newRufusSigner(conf.TrustServiceConf.Hostname, conf.TrustServiceConf.Port, conf.TrustServiceConf.TLSCAFile)
|
||||||
|
} else {
|
||||||
|
logrus.Info("[Vetinari Server] : Using local signing service")
|
||||||
|
trust = signed.NewEd25519()
|
||||||
|
}
|
||||||
|
|
||||||
for {
|
for {
|
||||||
log.Println("[Vetinari] Starting Server")
|
logrus.Info("[Vetinari] Starting Server")
|
||||||
childCtx, cancel := context.WithCancel(ctx)
|
childCtx, cancel := context.WithCancel(ctx)
|
||||||
go server.Run(childCtx, conf)
|
go server.Run(childCtx, conf.Server, trust)
|
||||||
|
|
||||||
for {
|
for {
|
||||||
select {
|
select {
|
||||||
// On a sighup we cancel and restart a new server
|
// On a sighup we cancel and restart a new server
|
||||||
// with updated config
|
// with updated config
|
||||||
case <-sigHup:
|
case <-sigHup:
|
||||||
log.Printf("[Vetinari] Server restart requested. Attempting to parse config at %s", configFile)
|
logrus.Infof("[Vetinari] Server restart requested. Attempting to parse config at %s", configFile)
|
||||||
conf, err = parseConfig(configFile)
|
conf, err = parseConfig(configFile)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("[Vetinari] Unable to parse config. Old configuration will keep running. Parse Err: %s", err.Error())
|
logrus.Infof("[Vetinari] Unable to parse config. Old configuration will keep running. Parse Err: %s", err.Error())
|
||||||
continue
|
continue
|
||||||
} else {
|
} else {
|
||||||
cancel()
|
cancel()
|
||||||
log.Println("[Vetinari] Stopping server for restart")
|
logrus.Info("[Vetinari] Stopping server for restart")
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
// On sigkill we cancel and shutdown
|
// On sigkill we cancel and shutdown
|
||||||
case <-sigTerm:
|
case <-sigTerm:
|
||||||
cancel()
|
cancel()
|
||||||
log.Println("[Vetinari] Shutting Down Hard")
|
logrus.Info("[Vetinari] Shutting Down Hard")
|
||||||
os.Exit(0)
|
os.Exit(0)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -80,7 +93,7 @@ func main() {
|
||||||
}
|
}
|
||||||
|
|
||||||
func usage() {
|
func usage() {
|
||||||
log.Println("usage:", os.Args[0], "<config>")
|
fmt.Println("usage:", os.Args[0], "<config>")
|
||||||
flag.PrintDefaults()
|
flag.PrintDefaults()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -88,9 +101,9 @@ func usage() {
|
||||||
// endpoints. The addr should not be exposed externally. For most of these to
|
// endpoints. The addr should not be exposed externally. For most of these to
|
||||||
// work, tls cannot be enabled on the endpoint, so it is generally separate.
|
// work, tls cannot be enabled on the endpoint, so it is generally separate.
|
||||||
func debugServer(addr string) {
|
func debugServer(addr string) {
|
||||||
log.Println("[Vetinari Debug Server] server listening on", addr)
|
logrus.Info("[Vetinari Debug Server] server listening on", addr)
|
||||||
if err := http.ListenAndServe(addr, nil); err != nil {
|
if err := http.ListenAndServe(addr, nil); err != nil {
|
||||||
log.Fatalf("[Vetinari Debug Server] error listening on debug interface: %v", err)
|
logrus.Fatal("[Vetinari Debug Server] error listening on debug interface: ", err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -98,6 +111,7 @@ func parseConfig(path string) (*config.Configuration, error) {
|
||||||
file, err := os.Open(path)
|
file, err := os.Open(path)
|
||||||
defer file.Close()
|
defer file.Close()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
logrus.Error("Failed to open configuration file located at: ", path)
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,8 @@ package config
|
||||||
import (
|
import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"io"
|
"io"
|
||||||
|
|
||||||
|
"github.com/Sirupsen/logrus"
|
||||||
)
|
)
|
||||||
|
|
||||||
// Configuration is the top level object that
|
// Configuration is the top level object that
|
||||||
|
|
@ -18,7 +20,6 @@ type ServerConf struct {
|
||||||
Addr string `json:"addr"`
|
Addr string `json:"addr"`
|
||||||
TLSCertFile string `json:"tls_cert_file"`
|
TLSCertFile string `json:"tls_cert_file"`
|
||||||
TLSKeyFile string `json:"tls_key_file"`
|
TLSKeyFile string `json:"tls_key_file"`
|
||||||
TLSCAFile string `json:"tls_ca_file,omitempty"`
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// TrustServiceConf specificies the service to use for signing.
|
// TrustServiceConf specificies the service to use for signing.
|
||||||
|
|
@ -28,6 +29,7 @@ type TrustServiceConf struct {
|
||||||
Type string `json:"type"`
|
Type string `json:"type"`
|
||||||
Hostname string `json:"hostname,omitempty"`
|
Hostname string `json:"hostname,omitempty"`
|
||||||
Port string `json:"port,omitempty"`
|
Port string `json:"port,omitempty"`
|
||||||
|
TLSCAFile string `json:"tls_ca_file,omitempty"`
|
||||||
}
|
}
|
||||||
|
|
||||||
// Load takes a filename (relative path from pwd) and attempts
|
// Load takes a filename (relative path from pwd) and attempts
|
||||||
|
|
@ -38,6 +40,7 @@ func Load(data io.Reader) (*Configuration, error) {
|
||||||
decoder := json.NewDecoder(data)
|
decoder := json.NewDecoder(data)
|
||||||
err := decoder.Decode(&conf)
|
err := decoder.Decode(&conf)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
logrus.Error("[Vetinari Server] : Failed to parse configuration: ", err.Error())
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
return &conf, nil
|
return &conf, nil
|
||||||
|
|
|
||||||
|
|
@ -191,6 +191,21 @@ func GenKeysHandler(ctx utils.Context, w http.ResponseWriter, r *http.Request) *
|
||||||
Err: err,
|
Err: err,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
_ = tufRepo.Init(false)
|
// init repo
|
||||||
|
err = tufRepo.Init(false)
|
||||||
|
if err != nil {
|
||||||
|
return &errors.HTTPError{
|
||||||
|
HTTPStatus: http.StatusInternalServerError,
|
||||||
|
Code: 9999,
|
||||||
|
Err: err,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// gen keys
|
||||||
|
|
||||||
|
// generate empty targets file
|
||||||
|
|
||||||
|
// snapshot
|
||||||
|
|
||||||
|
// timestamp
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -2,17 +2,15 @@ package server
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"errors"
|
"errors"
|
||||||
"log"
|
|
||||||
"net"
|
"net"
|
||||||
|
|
||||||
|
"github.com/Sirupsen/logrus"
|
||||||
|
pb "github.com/docker/rufus/proto"
|
||||||
"github.com/endophage/go-tuf/data"
|
"github.com/endophage/go-tuf/data"
|
||||||
"github.com/endophage/go-tuf/keys"
|
"github.com/endophage/go-tuf/keys"
|
||||||
|
|
||||||
"golang.org/x/net/context"
|
"golang.org/x/net/context"
|
||||||
"google.golang.org/grpc"
|
"google.golang.org/grpc"
|
||||||
"google.golang.org/grpc/credentials"
|
"google.golang.org/grpc/credentials"
|
||||||
|
|
||||||
pb "github.com/docker/rufus/proto"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// RufusSigner implements a RPC based Trust service that calls the Rufus Service
|
// RufusSigner implements a RPC based Trust service that calls the Rufus Service
|
||||||
|
|
@ -26,13 +24,13 @@ func newRufusSigner(hostname string, port string, tlscafile string) *RufusSigner
|
||||||
netAddr := net.JoinHostPort(hostname, port)
|
netAddr := net.JoinHostPort(hostname, port)
|
||||||
creds, err := credentials.NewClientTLSFromFile(tlscafile, hostname)
|
creds, err := credentials.NewClientTLSFromFile(tlscafile, hostname)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatalf("fail to read: %v", err)
|
logrus.Fatal("fail to read: ", err)
|
||||||
}
|
}
|
||||||
opts = append(opts, grpc.WithTransportCredentials(creds))
|
opts = append(opts, grpc.WithTransportCredentials(creds))
|
||||||
conn, err := grpc.Dial(netAddr, opts...)
|
conn, err := grpc.Dial(netAddr, opts...)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatalf("fail to dial: %v", err)
|
logrus.Fatal("fail to dial: ", err)
|
||||||
}
|
}
|
||||||
kmClient := pb.NewKeyManagementClient(conn)
|
kmClient := pb.NewKeyManagementClient(conn)
|
||||||
sClient := pb.NewSignerClient(conn)
|
sClient := pb.NewSignerClient(conn)
|
||||||
|
|
|
||||||
|
|
@ -3,6 +3,7 @@ package server
|
||||||
import (
|
import (
|
||||||
"crypto/rand"
|
"crypto/rand"
|
||||||
"crypto/tls"
|
"crypto/tls"
|
||||||
|
"encoding/json"
|
||||||
"log"
|
"log"
|
||||||
"net"
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
@ -19,19 +20,16 @@ import (
|
||||||
// Run sets up and starts a TLS server that can be cancelled using the
|
// Run sets up and starts a TLS server that can be cancelled using the
|
||||||
// given configuration. The context it is passed is the context it should
|
// given configuration. The context it is passed is the context it should
|
||||||
// use directly for the TLS server, and generate children off for requests
|
// use directly for the TLS server, and generate children off for requests
|
||||||
func Run(ctx context.Context, conf *config.Configuration) error {
|
func Run(ctx context.Context, conf config.ServerConf, trust signed.TrustService) error {
|
||||||
|
|
||||||
var trust signed.TrustService
|
// TODO: check validity of config
|
||||||
if conf.TrustService.Type == "remote" {
|
|
||||||
log.Println("[Vetinari Server] : Using remote signing service")
|
return run(ctx, conf.Addr, conf.TLSCertFile, conf.TLSKeyFile, trust)
|
||||||
trust = newRufusSigner(conf.TrustService.Hostname, conf.TrustService.Port, conf.Server.TLSCAFile)
|
|
||||||
log.Println("return from RufusSigner")
|
|
||||||
} else {
|
|
||||||
log.Println("[Vetinari Server] : Using local signing service")
|
|
||||||
trust = signed.NewEd25519()
|
|
||||||
}
|
}
|
||||||
|
|
||||||
keypair, err := tls.LoadX509KeyPair(conf.Server.TLSCertFile, conf.Server.TLSKeyFile)
|
func run(ctx context.Context, addr, tlsCertFile, tlsKeyFile string, trust signed.TrustService) error {
|
||||||
|
|
||||||
|
keypair, err := tls.LoadX509KeyPair(tlsCertFile, tlsKeyFile)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("error loading keys %s", err)
|
log.Printf("error loading keys %s", err)
|
||||||
return err
|
return err
|
||||||
|
|
@ -54,7 +52,7 @@ func Run(ctx context.Context, conf *config.Configuration) error {
|
||||||
Rand: rand.Reader,
|
Rand: rand.Reader,
|
||||||
}
|
}
|
||||||
|
|
||||||
tcpAddr, err := net.ResolveTCPAddr("tcp", conf.Server.Addr)
|
tcpAddr, err := net.ResolveTCPAddr("tcp", addr)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
@ -85,11 +83,11 @@ func Run(ctx context.Context, conf *config.Configuration) error {
|
||||||
r.Methods("POST").Path("/{imageName:.*}/{tag:[a-zA-Z0-9]+}").Handler(hand(handlers.AddHandler, utils.SSUpdate))
|
r.Methods("POST").Path("/{imageName:.*}/{tag:[a-zA-Z0-9]+}").Handler(hand(handlers.AddHandler, utils.SSUpdate))
|
||||||
|
|
||||||
server := http.Server{
|
server := http.Server{
|
||||||
Addr: conf.Server.Addr,
|
Addr: addr,
|
||||||
Handler: r,
|
Handler: r,
|
||||||
}
|
}
|
||||||
|
|
||||||
log.Println("[Vetinari Server] : Listening on", conf.Server.Addr)
|
log.Println("[Vetinari Server] : Listening on", addr)
|
||||||
|
|
||||||
err = server.Serve(tlsLsnr)
|
err = server.Serve(tlsLsnr)
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue