docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,259 Commits 21 Branches 28 Tags 816 MiB
Commit Graph

148 Commits

Author SHA1 Message Date
David Lawrence c0fb05584e fixing incorrect comments 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-15 11:30:32 -08:00
David Lawrence 9e80ad8158 remove certs.NewManager function 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-15 11:30:32 -08:00
David Lawrence a8b21cafe0 CertManager is completely removed 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-15 11:30:32 -08:00
Ying Li d4820c5756 Translate ErrMetaNotFound when updating, so long as it's on root, to ErrRepositoryNotExist. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-14 15:27:11 -08:00
Ying Li f57f2beb08 Factor marshalling a SignedRoot into JSON into TUF/data/root.go, and 
add an injectable serializer (so we can test JSON marshalling/unmarshalling
error propagation).

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-14 10:51:24 -08:00
Ying Li b74f1835b7 Ensure that we do not unnecessarily re-sign/serialize a root.json file on publish 
Adds additional tests to ensure that keys aren't unnecessarily created on error,
and that only the required keys to sign are used.

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-14 10:51:24 -08:00
Diogo Mónica 26d3f3f92b Merge pull request #413 from endophage/fix_root_download 
fixing bootstrapClient to prefer cached root
 2016-01-13 15:48:39 -08:00
David Lawrence 06d23e14c9 add test for invalid remote URL 
add offline store for use when we can't initialize a remote store
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-13 15:26:57 -08:00
Ying Li cf4b77b760 Revert "switching out to consistently use canonical json for all marshalling of TUF data" 
This reverts commit f417c834c4.

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-08 14:53:09 -08:00
David Lawrence 6d72fe7fd1 adding comment to bootstrapClient 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-08 09:03:27 -08:00
David Lawrence d11f11748c when we download during bootstrapClient we should save the root to cache 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-08 09:03:03 -08:00
David Lawrence 762c997104 fixing bootstrapClient to prefer cached root 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-08 09:03:03 -08:00
Ying Li c1c0ccf4be Combine bootstrapClient and tuf/client's Client.Update into NotaryRepository.Update. 
- it is easier to understand what's going on in the online functions of NotaryRepository
- we can test NotaryRepository.Update independently (although it'd be nice to have some way
  of ensuring that the actual public functions of NotaryRepository like ListTargets,
  GetTargetByName, and Publish actually calls Update.
- distinct error if the remote repo doesn't exist.

This also stops wrapping signed.ErrExpired in client.ErrExpired, and just passes
signed.ErrExpired on directly.

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-07 16:58:46 -08:00
David Lawrence f417c834c4 switching out to consistently use canonical json for all marshalling of TUF data 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-06 11:15:27 -08:00
Ying Li 61bbf7be49 Change ListTargetes and GetTargetsByName to return TargetWithRole. 
This object has both the target and the role in which the target was found.

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-04 17:15:44 -08:00
Ying Li 9252d9d892 Update client.Target to include a RoleName, so we know where the target is when listed. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-04 10:49:54 -08:00
Diogo Mónica ffca6fb522 Merge pull request #388 from docker/cleanup 
Rebased cleanup/remove PEM headers
 2015-12-23 11:36:25 -08:00
David Lawrence fa788cb2a9 make x509 certs viable as delegated public key object 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-23 09:41:03 -08:00
Riyaz Faizullabhoy 98b7dd7daf fixes to notary for docker integration 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2015-12-22 16:53:31 -08:00
Ying Li 0892ebb13f Add checks to TUFRepo to fail on updating a target if there are no signing keys. 
So UpdateDelegation, DeleteDelegation, AddTargets, RemoveTargets now
all check for the role existence, not metadata existence.  And they
also check the role's signing keys - there's no point in adding if
we can't sign.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-18 16:37:24 -08:00
Ying Li a1cbe5d43c Add test for, and fix bug with, publishing a bare repo not sending the targets file. 
It should always be published the first time, like the root.json.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-18 16:37:24 -08:00
Ying Li c12958af36 Do not sign the actual targets metadata unless it's dirty. 
Previously we were always signing it, but we can't do that anymore
because then delegated users won't be able to publish ever (they
probably don't have the target key).

Some other related changes: when role keys are rotated, that role
needs to be marked as dirty now in order to be re-signed and
published.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-18 16:37:24 -08:00
Ying Li 3ecba24410 When publishing, also publish all the dirty targets roles. 
This is in addition to the canonical targets role, which always gets
re-signed and publish (we may want to revisit this later).

This makes some tests pass - still need to do fallback of roles
and publishing a created delegation role without necessarily
having the signing key for that role.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-18 16:37:24 -08:00
David Lawrence d3a54cab25 the empty string should be used in delegation Paths to indicate a role can sign anything 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-18 16:10:43 -08:00
David Lawrence a2a4870512 adding comment about priority ordering and updating test for ListTargets with delegates to hit default no roles passed case 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-18 11:21:12 -08:00
David Lawrence 574b4d543d updating ListTargets delegate test to check iteration of children and correct (lack of) overwriting. 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-17 21:28:52 -08:00
David Lawrence 9307692b52 reverse priority order or roles for ListTargets and GetTargetsByName 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-17 16:33:52 -08:00
David Lawrence 594049b24f fixing download to continue if we get ErrMetaNotFound 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-17 15:53:57 -08:00
David Lawrence f72f799806 fixing up ListTargets and GetTargetByName to process prioritized roles more efficiently 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-17 14:56:05 -08:00
David Lawrence 4243b258b3 making GetTargetsByName work with delegations 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-17 10:46:41 -08:00
David Lawrence 4694178bbe download delegation test 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-17 10:09:34 -08:00
David Lawrence 377b72a54f updating list targets to list across multiple roles 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-17 10:09:34 -08:00
David Lawrence 8f7e7adcef making stack thread safe 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-17 10:09:34 -08:00
Ying Li 351d5483b7 Implement RemoveDelegation for NotaryRepository. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-16 16:01:17 -08:00
Ying Li c72934794a Implement AddDelegation for NotaryRepository. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-16 16:00:45 -08:00
Ying Li 22aefc9317 Make the addChange code easier to read using the IsDelegation function 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-16 14:31:45 -08:00
Ying Li 0bec06eb9b RemoveTarget now takes an optional variadic list of roles to remove from. 
If none are provided, it defaults to the targets role, as before.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-16 13:18:40 -08:00
Ying Li 19c49cf7ce AddTarget now takes an optional variadic list of roles to add target to. 
If none are provided, it defaults to the targets role, as before.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-16 13:18:40 -08:00
David Lawrence 01f42b7313 Merge pull request #354 from endophage/delegations 
Delegation primitives up to changelist level
 2015-12-15 16:34:46 -08:00
David Lawrence 5891805b29 addressing review 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-15 16:21:30 -08:00
Ying Li 2c7e632925 Amend rotation tests to assert old keys are removed after rotation. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-14 17:44:28 -08:00
David Lawrence 79b05d4c0a changelists for delegations 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-14 17:23:47 -08:00
Ying Li 8521ea5b6d Convert NotaryRepository.RotateKeys to RotateKey(role, serverManages bool) 
This should make it possible to delegate snapshot key management
to the server for existing repos, or switching back to user managing
snapshot keys.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-14 17:17:23 -08:00
Ying Li 9d2590ffb5 Only allow publishing if there is no snapshot.json, not if it's corrupt 
or unreadable.

This also modifies tuf/store/filestore to return ErrMetaNotFound if the
metadata file does not exist.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-11 15:04:08 -08:00
Ying Li 8b9cc4c3f6 Minor review comment changes: 
- add a specific error type when the server is requested to manage
  an unsupported key type
- variable name change

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-10 17:16:53 -08:00
Ying Li 5717258931 When publishing, if no snapshot data exists, create it and then try to sign. 
This supports the case of a user intializing a repo so that the server
signs the snapshot, and then changing their minds and rotating the keys
so that they now sign the snapshot, but all before publishing a single
thing.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-10 16:28:20 -08:00
Ying Li aaf45a9cce Refactor Initialize to be easier to read, and update comments per review. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-10 15:02:31 -08:00
Ying Li a89bdaa9bf Just propogate server error if server can't sign snapshot. 
The errors returned by the server aren't great right now, so it's hard
to try to be clever in synthesizing a signed.ErrNoKeys{}.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-10 10:16:39 -08:00
Ying Li a924ca172f When initializing a repo, create local keys before getting remote keys. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-10 10:16:39 -08:00
Ying Li d0e789740a Simplify the logic to determine whether to publish the root 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-10 10:16:39 -08:00