mirror of https://github.com/docker/docs.git
change API to specify keyID instead of name
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
This commit is contained in:
Riyaz Faizullabhoy
parent
5984b88f14
commit
be66056edb
|
|
@ -527,7 +527,7 @@ func (k *keyCommander) keyRemove(cmd *cobra.Command, args []string) error {
|
|||
return err
|
||||
}
|
||||
|
||||
// keyPassphraseChange changes the passphrase for a root key's private key based on ID
|
||||
// keyPassphraseChange changes the passphrase for a private key based on ID
|
||||
func (k *keyCommander) keyPassphraseChange(cmd *cobra.Command, args []string) error {
|
||||
if len(args) < 1 {
|
||||
cmd.Usage()
|
||||
|
|
|
|||
|
|
@ -156,15 +156,15 @@ func (s *KeyDBStore) ListKeys() map[string]trustmanager.KeyInfo {
|
|||
}
|
||||
|
||||
// RemoveKey removes the key from the keyfilestore
|
||||
func (s *KeyDBStore) RemoveKey(name string) error {
|
||||
func (s *KeyDBStore) RemoveKey(keyID string) error {
|
||||
s.Lock()
|
||||
defer s.Unlock()
|
||||
|
||||
delete(s.cachedKeys, name)
|
||||
delete(s.cachedKeys, keyID)
|
||||
|
||||
// Retrieve the GORM private key from the database
|
||||
dbPrivateKey := GormPrivateKey{}
|
||||
if s.db.Where(&GormPrivateKey{KeyID: name}).First(&dbPrivateKey).RecordNotFound() {
|
||||
if s.db.Where(&GormPrivateKey{KeyID: keyID}).First(&dbPrivateKey).RecordNotFound() {
|
||||
return trustmanager.ErrKeyNotFound{}
|
||||
}
|
||||
|
||||
|
|
@ -215,7 +215,7 @@ func (s *KeyDBStore) RotateKeyPassphrase(name, newPassphraseAlias string) error
|
|||
}
|
||||
|
||||
// ExportKey is currently unimplemented and will always return an error
|
||||
func (s *KeyDBStore) ExportKey(name string) ([]byte, error) {
|
||||
func (s *KeyDBStore) ExportKey(keyID string) ([]byte, error) {
|
||||
return nil, errors.New("Exporting from a KeyDBStore is not supported.")
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -172,34 +172,34 @@ func (s *KeyFileStore) ListKeys() map[string]KeyInfo {
|
|||
}
|
||||
|
||||
// RemoveKey removes the key from the keyfilestore
|
||||
func (s *KeyFileStore) RemoveKey(name string) error {
|
||||
func (s *KeyFileStore) RemoveKey(keyID string) error {
|
||||
s.Lock()
|
||||
defer s.Unlock()
|
||||
// If this is a bare key ID without the gun, prepend the gun so the filestore lookup succeeds
|
||||
if keyInfo, ok := s.keyInfoMap[name]; ok {
|
||||
name = filepath.Join(keyInfo.Gun, name)
|
||||
if keyInfo, ok := s.keyInfoMap[keyID]; ok {
|
||||
keyID = filepath.Join(keyInfo.Gun, keyID)
|
||||
}
|
||||
err := removeKey(s, s.cachedKeys, name)
|
||||
err := removeKey(s, s.cachedKeys, keyID)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
// Remove this key from our keyInfo map if we removed from our filesystem
|
||||
if _, ok := s.keyInfoMap[name]; ok {
|
||||
delete(s.keyInfoMap, name)
|
||||
if _, ok := s.keyInfoMap[keyID]; ok {
|
||||
delete(s.keyInfoMap, keyID)
|
||||
} else {
|
||||
// This might be of the form GUN/ID - try to delete without the gun
|
||||
delete(s.keyInfoMap, filepath.Base(name))
|
||||
delete(s.keyInfoMap, filepath.Base(keyID))
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// ExportKey exports the encrypted bytes from the keystore and writes it to
|
||||
// dest.
|
||||
func (s *KeyFileStore) ExportKey(name string) ([]byte, error) {
|
||||
if keyInfo, ok := s.keyInfoMap[name]; ok {
|
||||
name = filepath.Join(keyInfo.Gun, name)
|
||||
func (s *KeyFileStore) ExportKey(keyID string) ([]byte, error) {
|
||||
if keyInfo, ok := s.keyInfoMap[keyID]; ok {
|
||||
keyID = filepath.Join(keyInfo.Gun, keyID)
|
||||
}
|
||||
keyBytes, _, err := getRawKey(s, name)
|
||||
keyBytes, _, err := getRawKey(s, keyID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -271,31 +271,31 @@ func copyKeyInfoMap(keyInfoMap map[string]KeyInfo) map[string]KeyInfo {
|
|||
}
|
||||
|
||||
// RemoveKey removes the key from the keystore
|
||||
func (s *KeyMemoryStore) RemoveKey(name string) error {
|
||||
func (s *KeyMemoryStore) RemoveKey(keyID string) error {
|
||||
s.Lock()
|
||||
defer s.Unlock()
|
||||
// If this is a bare key ID without the gun, prepend the gun so the filestore lookup succeeds
|
||||
if keyInfo, ok := s.keyInfoMap[name]; ok {
|
||||
name = filepath.Join(keyInfo.Gun, name)
|
||||
if keyInfo, ok := s.keyInfoMap[keyID]; ok {
|
||||
keyID = filepath.Join(keyInfo.Gun, keyID)
|
||||
}
|
||||
err := removeKey(s, s.cachedKeys, name)
|
||||
err := removeKey(s, s.cachedKeys, keyID)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
// Remove this key from our keyInfo map if we removed from our filesystem
|
||||
if _, ok := s.keyInfoMap[name]; ok {
|
||||
delete(s.keyInfoMap, name)
|
||||
if _, ok := s.keyInfoMap[keyID]; ok {
|
||||
delete(s.keyInfoMap, keyID)
|
||||
} else {
|
||||
// This might be of the form GUN/ID - try to delete without the gun
|
||||
delete(s.keyInfoMap, filepath.Base(name))
|
||||
delete(s.keyInfoMap, filepath.Base(keyID))
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// ExportKey exports the encrypted bytes from the keystore and writes it to
|
||||
// dest.
|
||||
func (s *KeyMemoryStore) ExportKey(name string) ([]byte, error) {
|
||||
keyBytes, _, err := getRawKey(s, name)
|
||||
func (s *KeyMemoryStore) ExportKey(keyID string) ([]byte, error) {
|
||||
keyBytes, _, err := getRawKey(s, keyID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -43,11 +43,11 @@ type KeyStore interface {
|
|||
// AddKey adds a key to the KeyStore, and if the key already exists,
|
||||
// succeeds. Otherwise, returns an error if it cannot add.
|
||||
AddKey(keyInfo KeyInfo, privKey data.PrivateKey) error
|
||||
GetKey(name string) (data.PrivateKey, string, error)
|
||||
GetKey(keyID string) (data.PrivateKey, string, error)
|
||||
GetKeyInfo(keyID string) (KeyInfo, error)
|
||||
ListKeys() map[string]KeyInfo
|
||||
RemoveKey(name string) error
|
||||
ExportKey(name string) ([]byte, error)
|
||||
RemoveKey(keyID string) error
|
||||
ExportKey(keyID string) ([]byte, error)
|
||||
Name() string
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue