mirror of https://github.com/docker/docs.git
change API to specify keyID instead of name
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
This commit is contained in:
Riyaz Faizullabhoy
parent
5984b88f14
commit
be66056edb
|
|
@ -527,7 +527,7 @@ func (k *keyCommander) keyRemove(cmd *cobra.Command, args []string) error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
// keyPassphraseChange changes the passphrase for a root key's private key based on ID
|
// keyPassphraseChange changes the passphrase for a private key based on ID
|
||||||
func (k *keyCommander) keyPassphraseChange(cmd *cobra.Command, args []string) error {
|
func (k *keyCommander) keyPassphraseChange(cmd *cobra.Command, args []string) error {
|
||||||
if len(args) < 1 {
|
if len(args) < 1 {
|
||||||
cmd.Usage()
|
cmd.Usage()
|
||||||
|
|
|
||||||
|
|
@ -156,15 +156,15 @@ func (s *KeyDBStore) ListKeys() map[string]trustmanager.KeyInfo {
|
||||||
}
|
}
|
||||||
|
|
||||||
// RemoveKey removes the key from the keyfilestore
|
// RemoveKey removes the key from the keyfilestore
|
||||||
func (s *KeyDBStore) RemoveKey(name string) error {
|
func (s *KeyDBStore) RemoveKey(keyID string) error {
|
||||||
s.Lock()
|
s.Lock()
|
||||||
defer s.Unlock()
|
defer s.Unlock()
|
||||||
|
|
||||||
delete(s.cachedKeys, name)
|
delete(s.cachedKeys, keyID)
|
||||||
|
|
||||||
// Retrieve the GORM private key from the database
|
// Retrieve the GORM private key from the database
|
||||||
dbPrivateKey := GormPrivateKey{}
|
dbPrivateKey := GormPrivateKey{}
|
||||||
if s.db.Where(&GormPrivateKey{KeyID: name}).First(&dbPrivateKey).RecordNotFound() {
|
if s.db.Where(&GormPrivateKey{KeyID: keyID}).First(&dbPrivateKey).RecordNotFound() {
|
||||||
return trustmanager.ErrKeyNotFound{}
|
return trustmanager.ErrKeyNotFound{}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -215,7 +215,7 @@ func (s *KeyDBStore) RotateKeyPassphrase(name, newPassphraseAlias string) error
|
||||||
}
|
}
|
||||||
|
|
||||||
// ExportKey is currently unimplemented and will always return an error
|
// ExportKey is currently unimplemented and will always return an error
|
||||||
func (s *KeyDBStore) ExportKey(name string) ([]byte, error) {
|
func (s *KeyDBStore) ExportKey(keyID string) ([]byte, error) {
|
||||||
return nil, errors.New("Exporting from a KeyDBStore is not supported.")
|
return nil, errors.New("Exporting from a KeyDBStore is not supported.")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -172,34 +172,34 @@ func (s *KeyFileStore) ListKeys() map[string]KeyInfo {
|
||||||
}
|
}
|
||||||
|
|
||||||
// RemoveKey removes the key from the keyfilestore
|
// RemoveKey removes the key from the keyfilestore
|
||||||
func (s *KeyFileStore) RemoveKey(name string) error {
|
func (s *KeyFileStore) RemoveKey(keyID string) error {
|
||||||
s.Lock()
|
s.Lock()
|
||||||
defer s.Unlock()
|
defer s.Unlock()
|
||||||
// If this is a bare key ID without the gun, prepend the gun so the filestore lookup succeeds
|
// If this is a bare key ID without the gun, prepend the gun so the filestore lookup succeeds
|
||||||
if keyInfo, ok := s.keyInfoMap[name]; ok {
|
if keyInfo, ok := s.keyInfoMap[keyID]; ok {
|
||||||
name = filepath.Join(keyInfo.Gun, name)
|
keyID = filepath.Join(keyInfo.Gun, keyID)
|
||||||
}
|
}
|
||||||
err := removeKey(s, s.cachedKeys, name)
|
err := removeKey(s, s.cachedKeys, keyID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
// Remove this key from our keyInfo map if we removed from our filesystem
|
// Remove this key from our keyInfo map if we removed from our filesystem
|
||||||
if _, ok := s.keyInfoMap[name]; ok {
|
if _, ok := s.keyInfoMap[keyID]; ok {
|
||||||
delete(s.keyInfoMap, name)
|
delete(s.keyInfoMap, keyID)
|
||||||
} else {
|
} else {
|
||||||
// This might be of the form GUN/ID - try to delete without the gun
|
// This might be of the form GUN/ID - try to delete without the gun
|
||||||
delete(s.keyInfoMap, filepath.Base(name))
|
delete(s.keyInfoMap, filepath.Base(keyID))
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// ExportKey exports the encrypted bytes from the keystore and writes it to
|
// ExportKey exports the encrypted bytes from the keystore and writes it to
|
||||||
// dest.
|
// dest.
|
||||||
func (s *KeyFileStore) ExportKey(name string) ([]byte, error) {
|
func (s *KeyFileStore) ExportKey(keyID string) ([]byte, error) {
|
||||||
if keyInfo, ok := s.keyInfoMap[name]; ok {
|
if keyInfo, ok := s.keyInfoMap[keyID]; ok {
|
||||||
name = filepath.Join(keyInfo.Gun, name)
|
keyID = filepath.Join(keyInfo.Gun, keyID)
|
||||||
}
|
}
|
||||||
keyBytes, _, err := getRawKey(s, name)
|
keyBytes, _, err := getRawKey(s, keyID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
@ -271,31 +271,31 @@ func copyKeyInfoMap(keyInfoMap map[string]KeyInfo) map[string]KeyInfo {
|
||||||
}
|
}
|
||||||
|
|
||||||
// RemoveKey removes the key from the keystore
|
// RemoveKey removes the key from the keystore
|
||||||
func (s *KeyMemoryStore) RemoveKey(name string) error {
|
func (s *KeyMemoryStore) RemoveKey(keyID string) error {
|
||||||
s.Lock()
|
s.Lock()
|
||||||
defer s.Unlock()
|
defer s.Unlock()
|
||||||
// If this is a bare key ID without the gun, prepend the gun so the filestore lookup succeeds
|
// If this is a bare key ID without the gun, prepend the gun so the filestore lookup succeeds
|
||||||
if keyInfo, ok := s.keyInfoMap[name]; ok {
|
if keyInfo, ok := s.keyInfoMap[keyID]; ok {
|
||||||
name = filepath.Join(keyInfo.Gun, name)
|
keyID = filepath.Join(keyInfo.Gun, keyID)
|
||||||
}
|
}
|
||||||
err := removeKey(s, s.cachedKeys, name)
|
err := removeKey(s, s.cachedKeys, keyID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
// Remove this key from our keyInfo map if we removed from our filesystem
|
// Remove this key from our keyInfo map if we removed from our filesystem
|
||||||
if _, ok := s.keyInfoMap[name]; ok {
|
if _, ok := s.keyInfoMap[keyID]; ok {
|
||||||
delete(s.keyInfoMap, name)
|
delete(s.keyInfoMap, keyID)
|
||||||
} else {
|
} else {
|
||||||
// This might be of the form GUN/ID - try to delete without the gun
|
// This might be of the form GUN/ID - try to delete without the gun
|
||||||
delete(s.keyInfoMap, filepath.Base(name))
|
delete(s.keyInfoMap, filepath.Base(keyID))
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// ExportKey exports the encrypted bytes from the keystore and writes it to
|
// ExportKey exports the encrypted bytes from the keystore and writes it to
|
||||||
// dest.
|
// dest.
|
||||||
func (s *KeyMemoryStore) ExportKey(name string) ([]byte, error) {
|
func (s *KeyMemoryStore) ExportKey(keyID string) ([]byte, error) {
|
||||||
keyBytes, _, err := getRawKey(s, name)
|
keyBytes, _, err := getRawKey(s, keyID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -43,11 +43,11 @@ type KeyStore interface {
|
||||||
// AddKey adds a key to the KeyStore, and if the key already exists,
|
// AddKey adds a key to the KeyStore, and if the key already exists,
|
||||||
// succeeds. Otherwise, returns an error if it cannot add.
|
// succeeds. Otherwise, returns an error if it cannot add.
|
||||||
AddKey(keyInfo KeyInfo, privKey data.PrivateKey) error
|
AddKey(keyInfo KeyInfo, privKey data.PrivateKey) error
|
||||||
GetKey(name string) (data.PrivateKey, string, error)
|
GetKey(keyID string) (data.PrivateKey, string, error)
|
||||||
GetKeyInfo(keyID string) (KeyInfo, error)
|
GetKeyInfo(keyID string) (KeyInfo, error)
|
||||||
ListKeys() map[string]KeyInfo
|
ListKeys() map[string]KeyInfo
|
||||||
RemoveKey(name string) error
|
RemoveKey(keyID string) error
|
||||||
ExportKey(name string) ([]byte, error)
|
ExportKey(keyID string) ([]byte, error)
|
||||||
Name() string
|
Name() string
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue