Added support for env passphrases and improved integration script

Signed-off-by: Diogo Monica <diogo@docker.com>
2015-07-28 20:15:13 -07:00 · 2015-07-28 20:15:13 -07:00 · af2da799bf
parent a15091dc56
commit af2da799bf
3 changed files with 39 additions and 12 deletions
--- a/cmd/notary/main.go
+++ b/cmd/notary/main.go
@ -27,7 +27,7 @@ var verbose bool
 var retriever passphrase.Retriever

 func init() {
-	retriever = passphrase.PromptRetriever()
+	retriever = getPassphraseRetriever()
 }

 func parseConfig() {
@ -127,3 +127,19 @@ func askConfirm() bool {
 	}
 	return false
 }
+
+func getPassphraseRetriever() passphrase.Retriever {
+	baseRetriever := passphrase.PromptRetriever()
+	env := map[string]string{
+		"root":     os.Getenv("NOTARY_ROOT_PASSPHRASE"),
+		"targets":  os.Getenv("NOTARY_TARGET_PASSPHRASE"),
+		"snapshot": os.Getenv("NOTARY_SNAPSHOT_PASSPHRASE"),
+	}
+
+	return func(keyName string, alias string, createNew bool, numAttempts int) (string, bool, error) {
+		if v := env[alias]; v != "" {
+			return v, numAttempts > 1, nil
+		}
+		return baseRetriever(keyName, alias, createNew, numAttempts)
+	}
+}
--- a/integration/test.sh
+++ b/integration/test.sh
@ -0,0 +1,22 @@
+#!/bin/sh
+
+set -x
+set -e
+
+export NOTARY_ROOT_PASSPHRASE="ponies"
+export NOTARY_SNAPSHOT_PASSPHRASE="ponies"
+export NOTARY_TARGET_PASSPHRASE="ponies"
+
+tmpdir=`mktemp -d -t notary-integration-XXXXXXXXXXXXXXX`
+new_repo=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
+new_tag=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 10 | head -n 1)
+
+make binaries
+./bin/notary -d $tmpdir init -s $1 $new_repo || echo "FAILED"
+./bin/notary -d $tmpdir add $new_repo $new_tag README.md || echo "FAILED"
+./bin/notary -d $tmpdir publish -s $1 $new_repo || echo "FAILED"
+./bin/notary -d $tmpdir list -s $1 $new_repo | grep $new_tag || echo "FAILED"
+./bin/notary -d $tmpdir remove $new_repo $new_tag || echo "FAILED"
+./bin/notary -d $tmpdir publish -s $1 $new_repo || echo "FAILED"
+./bin/notary -d $tmpdir list -s $1 $new_repo | grep $new_tag && echo "FAILED"
+./bin/notary -d $tmpdir key list | grep $new_repo | wc -l | grep 3 || echo "FAILED"
--- a/test.sh
+++ b/test.sh
@ -1,11 +0,0 @@
-#!/bin/sh
-
-set -x
-set -e
-
-rm -rf ~/.docker/trust
-make binaries
-./bin/notary init $1
-./bin/notary add $1 v1 README.md
-./bin/notary publish $1
-./bin/notary list $1