From af2da799bf7548e99fef7189e5b34324d0eeba56 Mon Sep 17 00:00:00 2001
From: Diogo Monica <diogo@docker.com>
Date: Tue, 28 Jul 2015 20:15:13 -0700
Subject: [PATCH] Added support for env passphrases and improved integration
 script

Signed-off-by: Diogo Monica <diogo@docker.com>
---
 cmd/notary/main.go  | 18 +++++++++++++++++-
 integration/test.sh | 22 ++++++++++++++++++++++
 test.sh             | 11 -----------
 3 files changed, 39 insertions(+), 12 deletions(-)
 create mode 100755 integration/test.sh
 delete mode 100755 test.sh

diff --git a/cmd/notary/main.go b/cmd/notary/main.go
index 20f7358170..df34b1a84b 100644
--- a/cmd/notary/main.go
+++ b/cmd/notary/main.go
@@ -27,7 +27,7 @@ var verbose bool
 var retriever passphrase.Retriever
 
 func init() {
-	retriever = passphrase.PromptRetriever()
+	retriever = getPassphraseRetriever()
 }
 
 func parseConfig() {
@@ -127,3 +127,19 @@ func askConfirm() bool {
 	}
 	return false
 }
+
+func getPassphraseRetriever() passphrase.Retriever {
+	baseRetriever := passphrase.PromptRetriever()
+	env := map[string]string{
+		"root":     os.Getenv("NOTARY_ROOT_PASSPHRASE"),
+		"targets":  os.Getenv("NOTARY_TARGET_PASSPHRASE"),
+		"snapshot": os.Getenv("NOTARY_SNAPSHOT_PASSPHRASE"),
+	}
+
+	return func(keyName string, alias string, createNew bool, numAttempts int) (string, bool, error) {
+		if v := env[alias]; v != "" {
+			return v, numAttempts > 1, nil
+		}
+		return baseRetriever(keyName, alias, createNew, numAttempts)
+	}
+}
diff --git a/integration/test.sh b/integration/test.sh
new file mode 100755
index 0000000000..96316502bd
--- /dev/null
+++ b/integration/test.sh
@@ -0,0 +1,22 @@
+#!/bin/sh
+
+set -x
+set -e
+
+export NOTARY_ROOT_PASSPHRASE="ponies"
+export NOTARY_SNAPSHOT_PASSPHRASE="ponies"
+export NOTARY_TARGET_PASSPHRASE="ponies"
+
+tmpdir=`mktemp -d -t notary-integration-XXXXXXXXXXXXXXX`
+new_repo=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)
+new_tag=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 10 | head -n 1)
+
+make binaries
+./bin/notary -d $tmpdir init -s $1 $new_repo || echo "FAILED"
+./bin/notary -d $tmpdir add $new_repo $new_tag README.md || echo "FAILED"
+./bin/notary -d $tmpdir publish -s $1 $new_repo || echo "FAILED"
+./bin/notary -d $tmpdir list -s $1 $new_repo | grep $new_tag || echo "FAILED"
+./bin/notary -d $tmpdir remove $new_repo $new_tag || echo "FAILED"
+./bin/notary -d $tmpdir publish -s $1 $new_repo || echo "FAILED"
+./bin/notary -d $tmpdir list -s $1 $new_repo | grep $new_tag && echo "FAILED"
+./bin/notary -d $tmpdir key list | grep $new_repo | wc -l | grep 3 || echo "FAILED"
\ No newline at end of file
diff --git a/test.sh b/test.sh
deleted file mode 100755
index 513eef5cf1..0000000000
--- a/test.sh
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/bin/sh
-
-set -x
-set -e
-
-rm -rf ~/.docker/trust
-make binaries
-./bin/notary init $1
-./bin/notary add $1 v1 README.md
-./bin/notary publish $1
-./bin/notary list $1