diff --git a/.gitignore b/.gitignore index 31434e306c..8527012d09 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ -/cmd/vetinari-server/vetinari-server +/cmd/notary-server/notary-server cover bin diff --git a/Dockerfile b/Dockerfile index f959dfb0b4..1a1a8d6027 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,13 +1,13 @@ FROM golang -COPY . /go/src/github.com/docker/vetinari +COPY . /go/src/github.com/docker/notary RUN chmod 777 /tmp/ -RUN GOPATH="/go/src/github.com/docker/vetinari/Godeps/_workspace:/go/" go install github.com/docker/vetinari/cmd/vetinari-server +RUN GOPATH="/go/src/github.com/docker/notary/Godeps/_workspace:/go/" go install github.com/docker/notary/cmd/notary-server EXPOSE 4443 -WORKDIR /go/src/github.com/docker/vetinari +WORKDIR /go/src/github.com/docker/notary -CMD vetinari-server -config cmd/vetinari-server/dev-config.json +CMD notary-server -config cmd/notary-server/dev-config.json diff --git a/Godeps/Godeps.json b/Godeps/Godeps.json index d14f554491..a0b32fcfd4 100644 --- a/Godeps/Godeps.json +++ b/Godeps/Godeps.json @@ -1,5 +1,5 @@ { - "ImportPath": "github.com/docker/vetinari", + "ImportPath": "github.com/docker/notary", "GoVersion": "go1.4.2", "Packages": [ "./..." diff --git a/Godeps/_workspace/src/github.com/spf13/cast/LICENSE b/Godeps/_workspace/src/github.com/spf13/cast/LICENSE index 4527efb9c0..27457cde7b 100644 --- a/Godeps/_workspace/src/github.com/spf13/cast/LICENSE +++ b/Godeps/_workspace/src/github.com/spf13/cast/LICENSE @@ -18,4 +18,4 @@ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. \ No newline at end of file +SOFTWARE. diff --git a/Godeps/_workspace/src/github.com/spf13/jwalterweatherman/LICENSE b/Godeps/_workspace/src/github.com/spf13/jwalterweatherman/LICENSE index 4527efb9c0..27457cde7b 100644 --- a/Godeps/_workspace/src/github.com/spf13/jwalterweatherman/LICENSE +++ b/Godeps/_workspace/src/github.com/spf13/jwalterweatherman/LICENSE @@ -18,4 +18,4 @@ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. \ No newline at end of file +SOFTWARE. diff --git a/Godeps/_workspace/src/github.com/spf13/viper/LICENSE b/Godeps/_workspace/src/github.com/spf13/viper/LICENSE index 4527efb9c0..27457cde7b 100644 --- a/Godeps/_workspace/src/github.com/spf13/viper/LICENSE +++ b/Godeps/_workspace/src/github.com/spf13/viper/LICENSE @@ -18,4 +18,4 @@ FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. \ No newline at end of file +SOFTWARE. diff --git a/Godeps/_workspace/src/golang.org/x/oauth2/google/testdata/gcloud/properties b/Godeps/_workspace/src/golang.org/x/oauth2/google/testdata/gcloud/properties index 025de886cf..ba3ed9b7ad 100644 --- a/Godeps/_workspace/src/golang.org/x/oauth2/google/testdata/gcloud/properties +++ b/Godeps/_workspace/src/golang.org/x/oauth2/google/testdata/gcloud/properties @@ -1,2 +1,2 @@ [core] -account = bar@example.com \ No newline at end of file +account = bar@example.com diff --git a/Makefile b/Makefile index 4680c5760a..32dec4112c 100644 --- a/Makefile +++ b/Makefile @@ -15,9 +15,9 @@ AUTHORS: .git/HEAD version/version.go: ./version/version.sh > $@ -${PREFIX}/bin/vetinari-server: version/version.go $(shell find . -type f -name '*.go') +${PREFIX}/bin/notary-server: version/version.go $(shell find . -type f -name '*.go') @echo "+ $@" - @godep go build -o $@ ${GO_LDFLAGS} ./cmd/vetinari-server + @godep go build -o $@ ${GO_LDFLAGS} ./cmd/notary-server ${PREFIX}/bin/notary: version/version.go $(shell find . -type f -name '*.go') @echo "+ $@" @@ -53,9 +53,9 @@ protos: clean-protos: @rm proto/*.pb.go -binaries: ${PREFIX}/bin/vetinari-server ${PREFIX}/bin/notary +binaries: ${PREFIX}/bin/notary-server ${PREFIX}/bin/notary @echo "+ $@" clean: @echo "+ $@" - @rm -rf "${PREFIX}/bin/vetinari-server" "${PREFIX}/bin/notary" + @rm -rf "${PREFIX}/bin/notary-server" "${PREFIX}/bin/notary" diff --git a/README.md b/README.md index d36230d0fb..ccd508a5ec 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,10 @@ -# Vetinari +# Notary ## Overview -Vetinari manages trust metadata as a complementary service to the registry. +Notary manages trust metadata as a complementary service to the registry. It implements all endpoints under the `_trust` segment of the registry URLs. -Vetinari expects to manage TUF metadata and will do validation of one parent +Notary expects to manage TUF metadata and will do validation of one parent level of content for any data uploaded to ensure repositories do not become corrupted. This means either the keys in the root.json file will be used to validate the uploaded role, or the keys in the immediate delegate parent will @@ -17,16 +17,16 @@ will be sufficient to permit the uploading of a new root.json. ## Timestamping TUF requires a timestamp file be regularly generated. To achieve any ease -of use, it is necessary that Vetinari is responsible for generating the +of use, it is necessary that Notary is responsible for generating the timestamp.json based on the snapshot.json created and uploaded by the repository owner. It is bad policy to place any signing keys in frontline servers. While -Vetinari is capable of supporting this behaviour we recommend using a +Notary is capable of supporting this behaviour we recommend using a separate service and server with highly restricted permissions. Rufus is provided as a reference implementation of a remote signer. An implementation that satisfies the gRPC interface defined in Rufus will -satisfy Vetinari's requirements. +satisfy Notary's requirements. # Running diff --git a/ROADMAP.md b/ROADMAP.md index 43b01faabb..378b199003 100644 --- a/ROADMAP.md +++ b/ROADMAP.md @@ -1,6 +1,6 @@ # Roadmap -The Trust project consists of a number of moving parts of which Vetinari is one. Vetinari is the front line metadata service +The Trust project consists of a number of moving parts of which Notary is one. Notary is the front line metadata service that clients interact with. It manages TUF metadata and interacts with a pluggable signing service to issue new TUF timestamp files. diff --git a/cmd/vetinari-server/config.json b/cmd/notary-server/config.json similarity index 61% rename from cmd/vetinari-server/config.json rename to cmd/notary-server/config.json index 4f1dcf21d4..e2cd4fdc33 100644 --- a/cmd/vetinari-server/config.json +++ b/cmd/notary-server/config.json @@ -1,8 +1,8 @@ { "server": { "addr": ":4443", - "tls_cert_file": "./fixtures/vetinari.pem", - "tls_key_file": "./fixtures/vetinari.key" + "tls_cert_file": "./fixtures/notary.pem", + "tls_key_file": "./fixtures/notary.key" }, "trust_service":{ "type": "local", diff --git a/cmd/notary-server/dev-config.json b/cmd/notary-server/dev-config.json new file mode 100644 index 0000000000..ae4a61ab68 --- /dev/null +++ b/cmd/notary-server/dev-config.json @@ -0,0 +1,15 @@ +{ + "server": { + "addr": ":4443", + "tls_key_file": "/go/src/github.com/docker/notary/fixtures/notary.key", + "tls_cert_file": "/go/src/github.com/docker/notary/fixtures/notary.pem" + }, + "trust_service": { + "type": "local", + "hostname": "", + "port": "" + }, + "logging": { + "level": 5 + } +} diff --git a/cmd/vetinari-server/main.go b/cmd/notary-server/main.go similarity index 75% rename from cmd/vetinari-server/main.go rename to cmd/notary-server/main.go index 47d07233ba..0a9b086cd9 100644 --- a/cmd/vetinari-server/main.go +++ b/cmd/notary-server/main.go @@ -17,10 +17,10 @@ import ( _ "github.com/go-sql-driver/mysql" "golang.org/x/net/context" - "github.com/docker/vetinari/config" - "github.com/docker/vetinari/server" - "github.com/docker/vetinari/server/version" - "github.com/docker/vetinari/signer" + "github.com/docker/notary/config" + "github.com/docker/notary/server" + "github.com/docker/notary/server/version" + "github.com/docker/notary/signer" ) // DebugAddress is the debug server address to listen on @@ -65,21 +65,21 @@ func main() { var trust signed.CryptoService if conf.TrustService.Type == "remote" { - logrus.Info("[Vetinari Server] : Using remote signing service") + logrus.Info("[Notary Server] : Using remote signing service") trust = signer.NewRufusSigner(conf.TrustService.Hostname, conf.TrustService.Port, conf.TrustService.TLSCAFile) } else { - logrus.Info("[Vetinari] : Using local signing service") + logrus.Info("[Notary] : Using local signing service") trust = signed.NewEd25519() } - db, err := sql.Open("mysql", "dockercondemo:dockercondemo@tcp(vetinarimysql:3306)/dockercondemo") + db, err := sql.Open("mysql", "dockercondemo:dockercondemo@tcp(notarymysql:3306)/dockercondemo") if err != nil { logrus.Fatal("Error starting DB driver: ", err.Error()) return // not strictly needed but let's be explicit } ctx = context.WithValue(ctx, "versionStore", version.NewVersionDB(db)) for { - logrus.Info("[Vetinari] Starting Server") + logrus.Info("[Notary] Starting Server") childCtx, cancel := context.WithCancel(ctx) go server.Run(childCtx, conf.Server, trust) @@ -88,20 +88,20 @@ func main() { // On a sighup we cancel and restart a new server // with updated config case <-sigHup: - logrus.Infof("[Vetinari] Server restart requested. Attempting to parse config at %s", configFile) + logrus.Infof("[Notary] Server restart requested. Attempting to parse config at %s", configFile) conf, err = parseConfig(configFile) if err != nil { - logrus.Infof("[Vetinari] Unable to parse config. Old configuration will keep running. Parse Err: %s", err.Error()) + logrus.Infof("[Notary] Unable to parse config. Old configuration will keep running. Parse Err: %s", err.Error()) continue } else { cancel() - logrus.Info("[Vetinari] Stopping server for restart") + logrus.Info("[Notary] Stopping server for restart") break } // On sigkill we cancel and shutdown case <-sigTerm: cancel() - logrus.Info("[Vetinari] Shutting Down Hard") + logrus.Info("[Notary] Shutting Down Hard") os.Exit(0) } } @@ -117,9 +117,9 @@ func usage() { // endpoints. The addr should not be exposed externally. For most of these to // work, tls cannot be enabled on the endpoint, so it is generally separate. func debugServer(addr string) { - logrus.Info("[Vetinari Debug Server] server listening on", addr) + logrus.Info("[Notary Debug Server] server listening on", addr) if err := http.ListenAndServe(addr, nil); err != nil { - logrus.Fatal("[Vetinari Debug Server] error listening on debug interface: ", err) + logrus.Fatal("[Notary Debug Server] error listening on debug interface: ", err) } } diff --git a/cmd/notary/cli_crypto_service.go b/cmd/notary/cli_crypto_service.go index 9ce53e8e6b..ef527b811d 100644 --- a/cmd/notary/cli_crypto_service.go +++ b/cmd/notary/cli_crypto_service.go @@ -12,7 +12,7 @@ import ( "os" "path/filepath" - "github.com/docker/vetinari/trustmanager" + "github.com/docker/notary/trustmanager" "github.com/endophage/gotuf/data" "github.com/spf13/viper" ) diff --git a/cmd/notary/keys.go b/cmd/notary/keys.go index 924ffe71b4..387d2fde33 100644 --- a/cmd/notary/keys.go +++ b/cmd/notary/keys.go @@ -13,7 +13,7 @@ import ( "strings" "time" - "github.com/docker/vetinari/trustmanager" + "github.com/docker/notary/trustmanager" "github.com/spf13/cobra" "github.com/spf13/viper" diff --git a/cmd/notary/main.go b/cmd/notary/main.go index db2d50a1f3..e67e78bf6b 100644 --- a/cmd/notary/main.go +++ b/cmd/notary/main.go @@ -12,7 +12,7 @@ import ( "github.com/spf13/cobra" "github.com/spf13/viper" - "github.com/docker/vetinari/trustmanager" + "github.com/docker/notary/trustmanager" ) const configFileName string = "config" diff --git a/cmd/notary/tuf.go b/cmd/notary/tuf.go index 7402af1027..643ad4cc01 100644 --- a/cmd/notary/tuf.go +++ b/cmd/notary/tuf.go @@ -166,7 +166,7 @@ func tufList(cmd *cobra.Command, args []string) { repo := tuf.NewTufRepo(kdb, nil) remote, err := store.NewHTTPStore( - "https://vetinari:4443/v2/"+gun+"/_trust/tuf/", + "https://notary:4443/v2/"+gun+"/_trust/tuf/", "", "json", "", @@ -203,7 +203,7 @@ func tufLookup(cmd *cobra.Command, args []string) { repo := tuf.NewTufRepo(kdb, nil) remote, err := store.NewHTTPStore( - "https://vetinari:4443/v2/"+gun+"/_trust/tuf/", + "https://notary:4443/v2/"+gun+"/_trust/tuf/", "", "json", "", @@ -239,7 +239,7 @@ func tufPublish(cmd *cobra.Command, args []string) { fmt.Println("Pushing changes to ", gun, ".") remote, err := store.NewHTTPStore( - "https://vetinari:4443/v2/"+gun+"/_trust/tuf/", + "https://notary:4443/v2/"+gun+"/_trust/tuf/", "", "json", "", @@ -332,7 +332,7 @@ func verify(cmd *cobra.Command, args []string) { repo := tuf.NewTufRepo(kdb, nil) remote, err := store.NewHTTPStore( - "https://vetinari:4443/v2/"+gun+"/_trust/tuf/", + "https://notary:4443/v2/"+gun+"/_trust/tuf/", "", "json", "", diff --git a/cmd/vetinari-server/dev-config.json b/cmd/vetinari-server/dev-config.json deleted file mode 100644 index 3087e60c32..0000000000 --- a/cmd/vetinari-server/dev-config.json +++ /dev/null @@ -1,15 +0,0 @@ -{ - "server": { - "addr": ":4443", - "tls_key_file": "/go/src/github.com/docker/vetinari/fixtures/vetinari.key", - "tls_cert_file": "/go/src/github.com/docker/vetinari/fixtures/vetinari.pem" - }, - "trust_service": { - "type": "local", - "hostname": "", - "port": "" - }, - "logging": { - "level": 5 - } -} diff --git a/config/config.go b/config/config.go index 6c4e212b84..dbc32837a8 100644 --- a/config/config.go +++ b/config/config.go @@ -45,7 +45,7 @@ func Load(data io.Reader) (*Configuration, error) { decoder := json.NewDecoder(data) err := decoder.Decode(&conf) if err != nil { - logrus.Error("[Vetinari Server] : Failed to parse configuration: ", err.Error()) + logrus.Error("[Notary Server] : Failed to parse configuration: ", err.Error()) return nil, err } return &conf, nil diff --git a/docker-compose.yml b/docker-compose.yml index 79cb703176..7e811cea58 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,7 @@ -vetinari: +notary: build: . links: - - vetinarimysql + - notarymysql ports: - "8080:8080" - "4443:4443" @@ -10,7 +10,7 @@ vetinari: # - /dev/bus/usb/003/010:/dev/bus/usb/002/010 # - /var/run/pcscd/pcscd.comm:/var/run/pcscd/pcscd.comm # build: ../rufus -vetinarimysql: - build: ./vetinarimysql/ +notarymysql: + build: ./notarymysql/ ports: - "3306:3306" diff --git a/fixtures/vetinari.key b/fixtures/notary.key similarity index 100% rename from fixtures/vetinari.key rename to fixtures/notary.key diff --git a/fixtures/vetinari.pem b/fixtures/notary.pem similarity index 100% rename from fixtures/vetinari.pem rename to fixtures/notary.pem diff --git a/vetinarimysql/Dockerfile b/notarymysql/Dockerfile similarity index 100% rename from vetinarimysql/Dockerfile rename to notarymysql/Dockerfile diff --git a/vetinarimysql/LICENSE b/notarymysql/LICENSE similarity index 100% rename from vetinarimysql/LICENSE rename to notarymysql/LICENSE diff --git a/vetinarimysql/start b/notarymysql/start similarity index 100% rename from vetinarimysql/start rename to notarymysql/start diff --git a/server/handlers/default.go b/server/handlers/default.go index 5d7bdade31..f8c7e457ac 100644 --- a/server/handlers/default.go +++ b/server/handlers/default.go @@ -11,8 +11,8 @@ import ( "github.com/gorilla/mux" "golang.org/x/net/context" - "github.com/docker/vetinari/errors" - "github.com/docker/vetinari/server/version" + "github.com/docker/notary/errors" + "github.com/docker/notary/server/version" ) // MainHandler is the default handler for the server @@ -101,7 +101,7 @@ func GetHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) *er data, err := store.GetCurrent(gun, tufRole) logrus.Debug("JSON: ", string(data)) if err != nil { - logrus.Errorf("[Vetinari] 500 GET repository: %s, role: %s", gun, tufRole) + logrus.Errorf("[Notary] 500 GET repository: %s, role: %s", gun, tufRole) return &errors.HTTPError{ HTTPStatus: http.StatusInternalServerError, Code: 9999, @@ -109,7 +109,7 @@ func GetHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) *er } } if data == nil { - logrus.Errorf("[Vetinari] 404 GET repository: %s, role: %s", gun, tufRole) + logrus.Errorf("[Notary] 404 GET repository: %s, role: %s", gun, tufRole) return &errors.HTTPError{ HTTPStatus: http.StatusNotFound, Code: 9999, diff --git a/server/handlers/default_test.go b/server/handlers/default_test.go index 1c1b122a90..a8173f9bef 100644 --- a/server/handlers/default_test.go +++ b/server/handlers/default_test.go @@ -9,7 +9,7 @@ import ( "github.com/endophage/gotuf/signed" - "github.com/docker/vetinari/utils" + "github.com/docker/notary/utils" ) func TestMainHandlerGet(t *testing.T) { diff --git a/server/server.go b/server/server.go index c0adc87a1f..8dead1d29d 100644 --- a/server/server.go +++ b/server/server.go @@ -14,9 +14,9 @@ import ( "github.com/gorilla/mux" "golang.org/x/net/context" - "github.com/docker/vetinari/config" - "github.com/docker/vetinari/server/handlers" - "github.com/docker/vetinari/utils" + "github.com/docker/notary/config" + "github.com/docker/notary/server/handlers" + "github.com/docker/notary/utils" ) type HTTPServer struct { @@ -49,7 +49,7 @@ func (svr *HTTPServer) TimeoutConnections() { for conn, _ := range svr.conns { conn.Close() } - logrus.Infof("[Vetinari] All connections closed for server %s", svr.id) + logrus.Infof("[Notary] All connections closed for server %s", svr.id) } // Run sets up and starts a TLS server that can be cancelled using the @@ -65,7 +65,7 @@ func run(ctx context.Context, addr, tlsCertFile, tlsKeyFile string, trust signed keypair, err := tls.LoadX509KeyPair(tlsCertFile, tlsKeyFile) if err != nil { - logrus.Errorf("[Vetinari] Error loading keys %s", err) + logrus.Errorf("[Notary] Error loading keys %s", err) return err } @@ -115,7 +115,7 @@ func run(ctx context.Context, addr, tlsCertFile, tlsKeyFile string, trust signed }, ) - logrus.Info("[Vetinari] : Listening on", addr) + logrus.Info("[Notary] : Listening on", addr) go stopWatcher(ctx, svr, lsnr, tlsLsnr) @@ -127,7 +127,7 @@ func run(ctx context.Context, addr, tlsCertFile, tlsKeyFile string, trust signed func stopWatcher(ctx context.Context, svr *HTTPServer, ls ...net.Listener) { doneChan := ctx.Done() <-doneChan - logrus.Debug("[Vetinari] Received close signal") + logrus.Debug("[Notary] Received close signal") for _, l := range ls { l.Close() } diff --git a/server/server_test.go b/server/server_test.go index df23dafe01..af884754dc 100644 --- a/server/server_test.go +++ b/server/server_test.go @@ -9,7 +9,7 @@ import ( "github.com/endophage/gotuf/signed" "golang.org/x/net/context" - "github.com/docker/vetinari/config" + "github.com/docker/notary/config" ) func TestRunBadCerts(t *testing.T) { @@ -40,8 +40,8 @@ func TestRunReservedPort(t *testing.T) { config := config.ServerConf{ Addr: "localhost:80", - TLSCertFile: "../fixtures/vetinari.pem", - TLSKeyFile: "../fixtures/vetinari.key", + TLSCertFile: "../fixtures/notary.pem", + TLSKeyFile: "../fixtures/notary.key", } err := Run(ctx, config, signed.NewEd25519()) @@ -59,8 +59,8 @@ func TestRunGoodCancel(t *testing.T) { config := config.ServerConf{ Addr: "localhost:8002", - TLSCertFile: "../fixtures/vetinari.pem", - TLSKeyFile: "../fixtures/vetinari.key", + TLSCertFile: "../fixtures/notary.pem", + TLSKeyFile: "../fixtures/notary.key", } go func() { diff --git a/utils/http.go b/utils/http.go index 046cfb745c..4a2d03dbc3 100644 --- a/utils/http.go +++ b/utils/http.go @@ -9,7 +9,7 @@ import ( "github.com/gorilla/mux" "golang.org/x/net/context" - "github.com/docker/vetinari/errors" + "github.com/docker/notary/errors" ) // contextHandler defines an alterate HTTP handler interface which takes in @@ -56,7 +56,7 @@ func (root *rootHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { // return // } if err := root.handler(ctx, w, r); err != nil { - logrus.Error("[Vetinari] ", err.Error()) + logrus.Error("[Notary] ", err.Error()) http.Error(w, err.Error(), err.HTTPStatus) return } diff --git a/utils/http_test.go b/utils/http_test.go index f2ff7ccb98..c2692565fd 100644 --- a/utils/http_test.go +++ b/utils/http_test.go @@ -12,7 +12,7 @@ import ( "github.com/endophage/gotuf/signed" - "github.com/docker/vetinari/errors" + "github.com/docker/notary/errors" ) func MockContextHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) *errors.HTTPError { diff --git a/version/version.go b/version/version.go index c1d3893576..2f177c8081 100644 --- a/version/version.go +++ b/version/version.go @@ -2,7 +2,7 @@ package version // Package is the overall, canonical project import path under which the // package was built. -var Package = "github.com/docker/vetinari" +var Package = "github.com/docker/notary" // Version indicates which version of the binary is running. This is set to // the latest release tag by hand, always suffixed by "+unknown". During