docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #344 from cyli/client-new-repo-refactor 

Minor refactor of NotaryRepository constructor to use more shared code.
This commit is contained in:
Diogo Mónica 2015-12-08 15:11:09 -08:00
parent 5f1100a3bf 9ef782184c
commit a3d2974e1b
3 changed files with 48 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
client/client.go
View File

@ -74,6 +74,43 @@ type NotaryRepository struct {
CertManager *certs.Manager CertManager *certs.Manager
} }
// repositoryFromKeystores is a helper function for NewNotaryRepository that
// takes some basic NotaryRepository parameters as well as keystores (in order
// of usage preference), and returns a NotaryRepository.
func repositoryFromKeystores(baseDir, gun, baseURL string, rt http.RoundTripper,
keyStores []trustmanager.KeyStore) (*NotaryRepository, error) {
certManager, err := certs.NewManager(baseDir)
if err != nil {
return nil, err
}
cryptoService := cryptoservice.NewCryptoService(gun, keyStores...)
nRepo := &NotaryRepository{
gun: gun,
baseDir: baseDir,
baseURL: baseURL,
tufRepoPath: filepath.Join(baseDir, tufDir, filepath.FromSlash(gun)),
CryptoService: cryptoService,
roundTrip: rt,
CertManager: certManager,
}
fileStore, err := store.NewFilesystemStore(
nRepo.tufRepoPath,
"metadata",
"json",
"",
)
if err != nil {
return nil, err
}
nRepo.fileStore = fileStore
return nRepo, nil
}
// Target represents a simplified version of the data TUF operates on, so external // Target represents a simplified version of the data TUF operates on, so external
// applications don't have to depend on tuf data types. // applications don't have to depend on tuf data types.
type Target struct { type Target struct {

39
client/repo.go
View File

@ -5,52 +5,23 @@ package client
import ( import (
"fmt" "fmt"
"net/http" "net/http"
"path/filepath"
"github.com/docker/notary/certs"
"github.com/docker/notary/cryptoservice"
"github.com/docker/notary/passphrase" "github.com/docker/notary/passphrase"
"github.com/docker/notary/trustmanager" "github.com/docker/notary/trustmanager"
"github.com/docker/notary/tuf/store"
) )
// NewNotaryRepository is a helper method that returns a new notary repository. // NewNotaryRepository is a helper method that returns a new notary repository.
// It takes the base directory under where all the trust files will be stored // It takes the base directory under where all the trust files will be stored
// (usually ~/.docker/trust/). // (usually ~/.docker/trust/).
func NewNotaryRepository(baseDir, gun, baseURL string, rt http.RoundTripper, func NewNotaryRepository(baseDir, gun, baseURL string, rt http.RoundTripper,
retriever passphrase.Retriever) (*NotaryRepository, error) { retriever passphrase.Retriever) (
*NotaryRepository, error) {
fileKeyStore, err := trustmanager.NewKeyFileStore(baseDir, retriever) fileKeyStore, err := trustmanager.NewKeyFileStore(baseDir, retriever)
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to create private key store in directory: %s", baseDir) return nil, fmt.Errorf("failed to create private key store in directory: %s", baseDir)
} }
certManager, err := certs.NewManager(baseDir) return repositoryFromKeystores(baseDir, gun, baseURL, rt,
if err != nil { []trustmanager.KeyStore{fileKeyStore})
return nil, err
}
cryptoService := cryptoservice.NewCryptoService(gun, fileKeyStore)
nRepo := &NotaryRepository{
gun: gun,
baseDir: baseDir,
baseURL: baseURL,
tufRepoPath: filepath.Join(baseDir, tufDir, filepath.FromSlash(gun)),
CryptoService: cryptoService,
roundTrip: rt,
CertManager: certManager,
}
fileStore, err := store.NewFilesystemStore(
nRepo.tufRepoPath,
"metadata",
"json",
"",
)
if err != nil {
return nil, err
}
nRepo.fileStore = fileStore
return nRepo, nil
} }

40
client/repo_pkcs11.go
View File

@ -5,57 +5,29 @@ package client
import ( import (
"fmt" "fmt"
"net/http" "net/http"
"path/filepath"
"github.com/docker/notary/certs"
"github.com/docker/notary/cryptoservice"
"github.com/docker/notary/passphrase" "github.com/docker/notary/passphrase"
"github.com/docker/notary/trustmanager" "github.com/docker/notary/trustmanager"
"github.com/docker/notary/trustmanager/yubikey" "github.com/docker/notary/trustmanager/yubikey"
"github.com/docker/notary/tuf/signed"
"github.com/docker/notary/tuf/store"
) )
// NewNotaryRepository is a helper method that returns a new notary repository. // NewNotaryRepository is a helper method that returns a new notary repository.
// It takes the base directory under where all the trust files will be stored // It takes the base directory under where all the trust files will be stored
// (usually ~/.docker/trust/). // (usually ~/.docker/trust/).
func NewNotaryRepository(baseDir, gun, baseURL string, rt http.RoundTripper, func NewNotaryRepository(baseDir, gun, baseURL string, rt http.RoundTripper,
retriever passphrase.Retriever) (*NotaryRepository, error) { retriever passphrase.Retriever) (
*NotaryRepository, error) {
fileKeyStore, err := trustmanager.NewKeyFileStore(baseDir, retriever) fileKeyStore, err := trustmanager.NewKeyFileStore(baseDir, retriever)
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to create private key store in directory: %s", baseDir) return nil, fmt.Errorf("failed to create private key store in directory: %s", baseDir)
} }
certManager, err := certs.NewManager(baseDir) keyStores := []trustmanager.KeyStore{fileKeyStore}
yubiKeyStore, _ := yubikey.NewYubiKeyStore(fileKeyStore, retriever) yubiKeyStore, _ := yubikey.NewYubiKeyStore(fileKeyStore, retriever)
var cryptoService signed.CryptoService if yubiKeyStore != nil {
if yubiKeyStore == nil { keyStores = append(keyStores, yubiKeyStore)
cryptoService = cryptoservice.NewCryptoService(gun, fileKeyStore)
} else {
cryptoService = cryptoservice.NewCryptoService(gun, yubiKeyStore, fileKeyStore)
} }
nRepo := &NotaryRepository{ return repositoryFromKeystores(baseDir, gun, baseURL, rt, keyStores)
gun: gun,
baseDir: baseDir,
baseURL: baseURL,
tufRepoPath: filepath.Join(baseDir, tufDir, filepath.FromSlash(gun)),
CryptoService: cryptoService,
roundTrip: rt,
CertManager: certManager,
}
fileStore, err := store.NewFilesystemStore(
nRepo.tufRepoPath,
"metadata",
"json",
"",
)
if err != nil {
return nil, err
}
nRepo.fileStore = fileStore
return nRepo, nil
} }