docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
807 Commits 21 Branches 28 Tags 816 MiB
Commit Graph

46 Commits

Author SHA1 Message Date
David Lawrence da18f54699 import-root, list, and remove working with yubikey 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-11-12 01:09:31 -08:00
David Lawrence be4c0669c1 move import/export to cryptoservice and add import to yubikey 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-11-12 01:09:31 -08:00
David Lawrence 07f0065152 ask for pin when signing 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-11-12 01:06:38 -08:00
Diogo Mónica fd0775e1dc Merge pull request #257 from mtrmac/fix-export-root 
Fix (notary key export-root)
 2015-11-01 10:31:29 +00:00
Miloslav Trmač 62dc66e936 Remove key ID from (notary key import-root) 
PR #242 has started requiring a passphrase for the imported key, and
recomputes the key ID, making the command-line argument redundant.  So,
remove it from the command line and from the KeyStoreManager API.

Also updates the comment for KeyStoreManager.ImportRootKey, and changes
(notary key import-root) to refuse unexpected arguments instead of
silently ignoring them.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2015-10-30 20:40:03 +01:00
Miloslav Trmač 93c28ccb1b Fix (notary key export-root) 
-c was recently taken over by --configFile; using it for
--change-passphrase as well results in

panic: shorthand redefinition

So, move --change-passphrase to -p.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2015-10-30 20:39:20 +01:00
Ying Li 566bd3ce67 Combine the nonRootKeyStore with the rootKeyStore, and move the abstracting 
over the root keys directory from non-root keys directory from keystoremanager
to keystore, since we're eliminating keystoremanager.

Maintain the two separate directories, though, because one can't tell whether
there is an old-style separate-directories structure, or if someone has a GUN
that starts with tuf_keys.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-10-27 12:33:46 -07:00
David Lawrence 98cde51f18 working basic key rotation for targets and snapshot key. Command is 'notary key rotate [GUN]' 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-10-09 20:35:06 -07:00
David Lawrence ac54370fb0 cleanup after discussing with Diogo 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-10-09 19:40:36 -07:00
Diogo Mónica 53467fd417 Merge pull request #85 from docker/simple_test_script 
add a simple test script, eventually this can grow to be our CI script
 2015-10-08 16:58:44 -07:00
Aaron Lehmann ec3167eedb Import and export symlinks in keystore 
- Export symlinks by encoding them in the zip file.

- Detect symlinks in a zip file on import and create them on the local
  filesystem.

- Add test coverage.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-08-03 15:03:31 -07:00
Diogo Monica b04ed5042b Added -y no confirmation and more integration tests 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-30 16:22:14 -07:00
Diogo Monica 27461ad9fb Added cli cert command, changed keylisting to be a map, fixed key removal 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-28 18:14:29 -07:00
Aaron Lehmann c3cf6c4083 Add a flag to change the password of the root key when exporting it 
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-28 15:08:41 -07:00
Aaron Lehmann 3af03daa42 Change "notary keys" command to "notary key" 
This makes the full subcommand names smoother; for example "notary key
generate" instead of "notary keys generate".

Add a "notary key list" subcommand to list keys, so "notary key"
lists the possible subcommands, instead of needing to use "notary key
-h".

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-28 13:46:45 -07:00
Aaron Lehmann 558f52530b Add key import and export commands 
This adds four commands:

- notary keys export: export all keys, or keys for a particular GUN
  (with -g)
- notary keys export-root: export root key by ID
- notary keys import: import a zip file of keys
- notary keys import-root: import a single root key

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-28 13:46:45 -07:00
Diogo Monica bdd6760c69 Changing key removal message 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-28 13:30:41 -07:00
Diogo Monica e7fb8ab46c Fixing golint 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-28 11:47:14 -07:00
Diogo Monica 579f51866b Removed all local keystores, added configurable trust dir 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-28 11:47:14 -07:00
Diogo Monica 58e6544d0a Adding Cert retrieval by common name, and renaming KeyID to CertID 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-17 14:28:30 -07:00
Diogo Monica 085c613527 Refactored fingerprint cert and added better debugging 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
Diogo Monica 8c6de46aca Added list keys that ignores symlinks 2015-07-09 17:58:10 -07:00
Diogo Monica 1346296869 Initial libnotary refactor 
Signed-off-by: Diogo Monica <diogo@docker.com>

Ported more functionality to libnotary
 2015-07-09 17:57:48 -07:00
Diogo Mónica 66aec225f2 Merge pull request #8 from docker/validate_root 
validate root file against cert store
 2015-07-03 14:23:25 -07:00
Diogo Monica 1eb972a820 Changed FingerprintCert to return string; renamed kID fingerprint everywhere in notary 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-06-30 21:44:57 -07:00
Diogo Monica a0e63bcaeb Fixed verification to use exact match and fallback to CA + tests 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-06-30 19:38:52 -07:00
Diogo Monica cf3d7d4b52 Removed all references of GUN from filestore 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-06-30 19:36:17 -07:00
Diogo Monica 09c9099fdf Adding ListGUN to allow listing of specific keys 2015-06-21 15:14:46 -04:00
Diogo Monica eb1da6d5c6 Added delete keys by GUN 2015-06-20 23:31:03 -04:00
Diogo Monica db847379df Major refactor the the FileStore 2015-06-20 23:04:34 -04:00
Diogo Monica ed0ba8c1bf Adding minor stdout cosmetic change 2015-06-19 15:12:20 -07:00
Nathan McCauley e46a95227c rename vetinari to notary 
Signed-off-by: Nathan McCauley <nathan.mccauley@docker.com>
 2015-06-19 11:01:19 -07:00
Nathan McCauley 3f9b5dd6f7 Remove double negative 
Signed-off-by: Nathan McCauley <nathan.mccauley@docker.com>
 2015-06-19 00:04:03 -07:00
Diogo Monica 7b86665cf8 Descriptions now use Trusted Collection everywhere 2015-06-18 21:44:54 -07:00
Diogo Monica 8da91369b8 Added confirmation for trust 2015-06-18 21:32:30 -07:00
Diogo Monica b0df67acd3 Added small validation to GUNs, changed logrus loglevel 2015-06-17 22:06:37 -07:00
Diogo Monica e5dd1721b3 Renamed SKID to kID 2015-06-17 21:11:36 -07:00
Diogo Monica cb6f43e99a Changed universal ID to be TUF, cleaned UI 2015-06-17 20:51:18 -07:00
Diogo Monica 712ff83945 Added cliCryptoService 2015-06-17 16:05:16 -07:00
Diogo Monica ff169897b6 s/QDN/GUN 2015-06-17 13:31:13 -07:00
Diogo Monica 770cca453a Added listing and removal of signing certs 2015-06-17 11:17:08 -07:00
Diogo Monica 08124c18f6 Added key generate 2015-06-17 11:16:11 -07:00
Diogo Monica 205379efb7 Refactor commands 2015-06-17 11:13:42 -07:00
Diogo Monica 836521e166 Refactor cmdline key naming and added TUF skeletons 2015-06-17 11:13:42 -07:00
Diogo Monica 931c5e2a9b Refactored Add by URL out from X509 Key Stores 2015-06-17 11:13:41 -07:00
Diogo Monica ae11e1472e Changed Cli lib to Cobra and renamed to notary 2015-06-17 11:13:41 -07:00