docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,585 Commits 21 Branches 28 Tags 816 MiB
Commit Graph

1585 Commits

Author SHA1 Message Date
Ying Li 0bec06eb9b RemoveTarget now takes an optional variadic list of roles to remove from. 
If none are provided, it defaults to the targets role, as before.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-16 13:18:40 -08:00
Ying Li 19c49cf7ce AddTarget now takes an optional variadic list of roles to add target to. 
If none are provided, it defaults to the targets role, as before.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-16 13:18:40 -08:00
Ying Li 56ab7292e7 Merge pull request #369 from HuKeping/docs-update 
Docs: update docs for notary config
 2015-12-15 21:13:24 -08:00
HuKeping 34655a2efc Docs: update docs for notary config 
Greate docs but still have some nit.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2015-12-16 11:39:53 +08:00
David Lawrence 01f42b7313 Merge pull request #354 from endophage/delegations 
Delegation primitives up to changelist level
 2015-12-15 16:34:46 -08:00
David Lawrence 5891805b29 addressing review 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-15 16:21:30 -08:00
Ying Li ade56e47f2 Merge pull request #367 from riyazdf/master 
readme and doc typo fixes
 2015-12-15 15:14:28 -08:00
Riyaz Faizullabhoy e1e53c3cc9 doc typo fixes 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2015-12-15 14:25:00 -08:00
Riyaz Faizullabhoy e338dd0caa fix readme link to be consistent with prior client link 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2015-12-15 14:23:47 -08:00
Ying Li 20c557a10b Merge pull request #291 from docker/server-docs 
Server and signer docs
 2015-12-15 13:26:08 -08:00
Ying Li b0bfab2868 Merge pull request #348 from cyli/client-rotate-snapshot-key-to-server 
Client rotate snapshot key to server
 2015-12-15 11:05:16 -08:00
Ying Li 63f48791c3 Fix docstring for 'key-type' parameter on key rotate. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-15 10:18:58 -08:00
Ying Li 2c7e632925 Amend rotation tests to assert old keys are removed after rotation. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-14 17:44:28 -08:00
David Lawrence 79b05d4c0a changelists for delegations 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-14 17:23:47 -08:00
Ying Li ca1623e17b Update CLI rotate key command to optionally rotate a single key. 
This makes it possible to delegate snapshots key management to the
server, and to reclaim the responsibility.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-14 17:17:23 -08:00
Ying Li 2ce0232972 Refactor notary CLI keys cmds to use less globally mutable state. 
This way we can test the command functions more easily.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-14 17:17:23 -08:00
Ying Li 8521ea5b6d Convert NotaryRepository.RotateKeys to RotateKey(role, serverManages bool) 
This should make it possible to delegate snapshot key management
to the server for existing repos, or switching back to user managing
snapshot keys.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-14 17:17:23 -08:00
Ying Li aa81b91ab4 Merge pull request #359 from docker/diogo-volumes 
Adding a volume to MySQL container to ensure data persistence
 2015-12-14 14:28:04 -08:00
David Lawrence fb5c9b28a4 low level tuf delegation primitives with full test coverage 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-14 10:11:47 -08:00
Diogo Mónica 3d54349e4a Merge pull request #349 from endophage/server_snapshot_bugfixes 
fixing bugs raised by @mtrmac
 2015-12-14 09:42:26 -08:00
Diogo Mónica ad1fd268af Merge pull request #360 from docker/fix-merge-conflict 
Fix semantic merge conflict.
 2015-12-14 09:32:19 -08:00
Ying Li c0bf1a4a68 Fix semantic merge conflict. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-11 17:37:29 -08:00
Diogo Monica fd01151cd2 Adding a volume to MYSQL to ensure data persistence 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-12-11 16:37:54 -08:00
David Lawrence 8bca542c17 restructuring validateUpdate to get rid of prepRepo 
removing attempt in server/snapshot/snapshot.go to regenerate
metadata for roles in snapshot.

Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-11 16:20:20 -08:00
David Lawrence 4aa9239aaf Merge pull request #335 from cyli/client-snapshot 
Client supports server snapshot
 2015-12-11 16:04:29 -08:00
David Lawrence 03aa3509bd fixing bugs raised by @mtrmac 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-11 15:06:24 -08:00
Ying Li 9d2590ffb5 Only allow publishing if there is no snapshot.json, not if it's corrupt 
or unreadable.

This also modifies tuf/store/filestore to return ErrMetaNotFound if the
metadata file does not exist.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-11 15:04:08 -08:00
Ying Li f3f8de50d1 Clarified the default_alias configuration for Notary Signer. 
Also changed the on-container paths for the server/signer configuration
to be /etc/docker/notary-(signer|server).

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-11 12:26:48 -08:00
Ying Li 54c7de5bd6 Update the server and signer docs to reflect new code changes. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-11 12:26:48 -08:00
Ying Li 4d696a0187 Grammar/spelling/formatting/readability fixes. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-11 12:26:48 -08:00
Ying Li 7ee1173084 Add information on how to run notary-signer. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-11 12:26:48 -08:00
Ying Li 2e8721564d Added documentation for the notary signer configuration file. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-11 12:26:48 -08:00
Ying Li e9d0e68b97 Add information on how to run notary-server from a docker image. 
Also include information on how to override the configuration file
in the docker image.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-11 12:26:48 -08:00
Ying Li ca54b435ce Add documentation for notary server (what it does, etc.). 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-11 12:26:48 -08:00
Ying Li 41b1d57b95 Document the notary-server configuration JSON file. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-11 12:26:48 -08:00
Ying Li 351f90fa1c Add a script to use openssl to generate root/server/client ssl certs. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-11 12:26:48 -08:00
Diogo Mónica ec78a03045 Merge pull request #356 from HuKeping/refactor-mainhandler 
Refactor a little to reduce indentation
 2015-12-11 11:46:26 -08:00
Ying Li 25f22a2dc8 Merge pull request #357 from mtrmac/fix-vet 
Fix (make vet)
 2015-12-11 11:33:24 -08:00
Miloslav Trmač da7c87f9dc Fix (make vet) 
server/handlers/default_test.go:353: GetCurrent passes Lock by value: handlers.failStore contains github.com/docker/notary/server/storage.MemStorage contains sync.Mutex
tuf/store/httpstore_test.go:208: github.com/docker/notary/tuf/validation.ErrBadRoot composite literal uses unkeyed fields

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2015-12-11 19:59:16 +01:00
HuKeping b78823e5c3 Refactor a little to reduce indentation 
Signed-off-by: Hu Keping <hukeping@huawei.com>
 2015-12-11 15:48:09 +08:00
Ying Li 8fd8916b15 Merge pull request #352 from HuKeping/check-map 
Use canonical way to check if a map contains a key
 2015-12-10 23:13:27 -08:00
HuKeping 54af67344b Minor typo 
Signed-off-by: Hu Keping <hukeping@huawei.com>
 2015-12-11 14:07:38 +08:00
HuKeping f147a7ac68 Use canonical way to check if a map contains a key 
As the language spec:
https://golang.org/ref/spec#Index_expressions

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2015-12-11 14:07:38 +08:00
Ying Li c77bbee0ef Merge pull request #351 from cyli/better-validation-errors 
Propagate error validations from server to client
 2015-12-10 21:29:57 -08:00
Ying Li 8b9cc4c3f6 Minor review comment changes: 
- add a specific error type when the server is requested to manage
  an unsupported key type
- variable name change

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-10 17:16:53 -08:00
Ying Li 5717258931 When publishing, if no snapshot data exists, create it and then try to sign. 
This supports the case of a user intializing a repo so that the server
signs the snapshot, and then changing their minds and rotating the keys
so that they now sign the snapshot, but all before publishing a single
thing.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-10 16:28:20 -08:00
Ying Li 6aa114a49f Fix all instances where 'propagate' was mispelled as 'propogate' 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-10 15:12:05 -08:00
Ying Li aaf45a9cce Refactor Initialize to be easier to read, and update comments per review. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-10 15:02:31 -08:00
Ying Li a89bdaa9bf Just propogate server error if server can't sign snapshot. 
The errors returned by the server aren't great right now, so it's hard
to try to be clever in synthesizing a signed.ErrNoKeys{}.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-10 10:16:39 -08:00
Ying Li a924ca172f When initializing a repo, create local keys before getting remote keys. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-10 10:16:39 -08:00