From 9ef782184c66185c36fef855a0f2a66651a0307a Mon Sep 17 00:00:00 2001
From: Ying Li <ying.li@docker.com>
Date: Mon, 7 Dec 2015 17:19:28 -0800
Subject: [PATCH] Minor refactor of NotaryRepository constructor to use more
 shared code.

Signed-off-by: Ying Li <ying.li@docker.com>
---
 client/client.go      | 37 +++++++++++++++++++++++++++++++++++++
 client/repo.go        | 39 +++++----------------------------------
 client/repo_pkcs11.go | 40 ++++++----------------------------------
 3 files changed, 48 insertions(+), 68 deletions(-)

diff --git a/client/client.go b/client/client.go
index 26749267ff..3514ba567f 100644
--- a/client/client.go
+++ b/client/client.go
@@ -74,6 +74,43 @@ type NotaryRepository struct {
 	CertManager   *certs.Manager
 }
 
+// repositoryFromKeystores is a helper function for NewNotaryRepository that
+// takes some basic NotaryRepository parameters as well as keystores (in order
+// of usage preference), and returns a NotaryRepository.
+func repositoryFromKeystores(baseDir, gun, baseURL string, rt http.RoundTripper,
+	keyStores []trustmanager.KeyStore) (*NotaryRepository, error) {
+
+	certManager, err := certs.NewManager(baseDir)
+	if err != nil {
+		return nil, err
+	}
+
+	cryptoService := cryptoservice.NewCryptoService(gun, keyStores...)
+
+	nRepo := &NotaryRepository{
+		gun:           gun,
+		baseDir:       baseDir,
+		baseURL:       baseURL,
+		tufRepoPath:   filepath.Join(baseDir, tufDir, filepath.FromSlash(gun)),
+		CryptoService: cryptoService,
+		roundTrip:     rt,
+		CertManager:   certManager,
+	}
+
+	fileStore, err := store.NewFilesystemStore(
+		nRepo.tufRepoPath,
+		"metadata",
+		"json",
+		"",
+	)
+	if err != nil {
+		return nil, err
+	}
+	nRepo.fileStore = fileStore
+
+	return nRepo, nil
+}
+
 // Target represents a simplified version of the data TUF operates on, so external
 // applications don't have to depend on tuf data types.
 type Target struct {
diff --git a/client/repo.go b/client/repo.go
index 726baa867e..d9931891ff 100644
--- a/client/repo.go
+++ b/client/repo.go
@@ -5,52 +5,23 @@ package client
 import (
 	"fmt"
 	"net/http"
-	"path/filepath"
 
-	"github.com/docker/notary/certs"
-	"github.com/docker/notary/cryptoservice"
 	"github.com/docker/notary/passphrase"
 	"github.com/docker/notary/trustmanager"
-	"github.com/docker/notary/tuf/store"
 )
 
 // NewNotaryRepository is a helper method that returns a new notary repository.
 // It takes the base directory under where all the trust files will be stored
 // (usually ~/.docker/trust/).
 func NewNotaryRepository(baseDir, gun, baseURL string, rt http.RoundTripper,
-	retriever passphrase.Retriever) (*NotaryRepository, error) {
+	retriever passphrase.Retriever) (
+	*NotaryRepository, error) {
+
 	fileKeyStore, err := trustmanager.NewKeyFileStore(baseDir, retriever)
 	if err != nil {
 		return nil, fmt.Errorf("failed to create private key store in directory: %s", baseDir)
 	}
 
-	certManager, err := certs.NewManager(baseDir)
-	if err != nil {
-		return nil, err
-	}
-
-	cryptoService := cryptoservice.NewCryptoService(gun, fileKeyStore)
-
-	nRepo := &NotaryRepository{
-		gun:           gun,
-		baseDir:       baseDir,
-		baseURL:       baseURL,
-		tufRepoPath:   filepath.Join(baseDir, tufDir, filepath.FromSlash(gun)),
-		CryptoService: cryptoService,
-		roundTrip:     rt,
-		CertManager:   certManager,
-	}
-
-	fileStore, err := store.NewFilesystemStore(
-		nRepo.tufRepoPath,
-		"metadata",
-		"json",
-		"",
-	)
-	if err != nil {
-		return nil, err
-	}
-	nRepo.fileStore = fileStore
-
-	return nRepo, nil
+	return repositoryFromKeystores(baseDir, gun, baseURL, rt,
+		[]trustmanager.KeyStore{fileKeyStore})
 }
diff --git a/client/repo_pkcs11.go b/client/repo_pkcs11.go
index 7e6e35a6b1..b93f9bf29c 100644
--- a/client/repo_pkcs11.go
+++ b/client/repo_pkcs11.go
@@ -5,57 +5,29 @@ package client
 import (
 	"fmt"
 	"net/http"
-	"path/filepath"
 
-	"github.com/docker/notary/certs"
-	"github.com/docker/notary/cryptoservice"
 	"github.com/docker/notary/passphrase"
 	"github.com/docker/notary/trustmanager"
 	"github.com/docker/notary/trustmanager/yubikey"
-	"github.com/docker/notary/tuf/signed"
-	"github.com/docker/notary/tuf/store"
 )
 
 // NewNotaryRepository is a helper method that returns a new notary repository.
 // It takes the base directory under where all the trust files will be stored
 // (usually ~/.docker/trust/).
 func NewNotaryRepository(baseDir, gun, baseURL string, rt http.RoundTripper,
-	retriever passphrase.Retriever) (*NotaryRepository, error) {
+	retriever passphrase.Retriever) (
+	*NotaryRepository, error) {
 
 	fileKeyStore, err := trustmanager.NewKeyFileStore(baseDir, retriever)
 	if err != nil {
 		return nil, fmt.Errorf("failed to create private key store in directory: %s", baseDir)
 	}
 
-	certManager, err := certs.NewManager(baseDir)
+	keyStores := []trustmanager.KeyStore{fileKeyStore}
 	yubiKeyStore, _ := yubikey.NewYubiKeyStore(fileKeyStore, retriever)
-	var cryptoService signed.CryptoService
-	if yubiKeyStore == nil {
-		cryptoService = cryptoservice.NewCryptoService(gun, fileKeyStore)
-	} else {
-		cryptoService = cryptoservice.NewCryptoService(gun, yubiKeyStore, fileKeyStore)
+	if yubiKeyStore != nil {
+		keyStores = append(keyStores, yubiKeyStore)
 	}
 
-	nRepo := &NotaryRepository{
-		gun:           gun,
-		baseDir:       baseDir,
-		baseURL:       baseURL,
-		tufRepoPath:   filepath.Join(baseDir, tufDir, filepath.FromSlash(gun)),
-		CryptoService: cryptoService,
-		roundTrip:     rt,
-		CertManager:   certManager,
-	}
-
-	fileStore, err := store.NewFilesystemStore(
-		nRepo.tufRepoPath,
-		"metadata",
-		"json",
-		"",
-	)
-	if err != nil {
-		return nil, err
-	}
-	nRepo.fileStore = fileStore
-
-	return nRepo, nil
+	return repositoryFromKeystores(baseDir, gun, baseURL, rt, keyStores)
 }