208977b1ad
Add an extra test for ECDSAx509 keys
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-20 20:57:18 -07:00
ea7d621705
Add a utility function to return a public key ID from a certificate.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-20 19:38:39 -07:00
a858a4f362
Update Makefile with targets that can be used with CircleCI. Also
...
allow an option to run the short tests (without coverage) while
searching for race conditions.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-20 14:20:01 -07:00
5cdb46a9da
Accept the same ciphersuites in the client and server as docker.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-19 17:31:18 -07:00
fb81aaed10
Add test for if the client CA dir is empty
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-19 17:31:18 -07:00
fc389b7bc3
Use tls client config utility in notary as well.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-19 17:31:18 -07:00
fb1013b997
Add servername to the client TLS config, and use it to build notary-server's
...
TLS connection to notary-signer.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-19 17:29:54 -07:00
b399783eee
Slight refactoring of ConfigureServerTLS and added a ConfigureClientTLS
...
as well.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-19 17:29:54 -07:00
8d96cf0c1f
Use ConfigureServerTLS for notary-server and notary-signer
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-19 17:29:54 -07:00
7356dfd273
Change ConfigServerTLS to take a client CA directory instead of certs
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-19 17:29:54 -07:00
e50cc2c9cd
Add test to ensure that x509filestore loads existing certs from the
...
directory without modifying/overwriting them.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-19 17:29:54 -07:00
77dc081ead
Add a utility which generates a tls configuration for you given the
...
requisite certs.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-19 17:29:54 -07:00
f417279d0d
Merge pull request #228 from cyli/new-vipers
...
Do not use the viper singleton instance everywhere
2015-10-19 17:29:02 -07:00
d77d8f1ce8
Lint fix
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-19 11:52:43 -07:00
a5e64ecf03
Do not use the viper singleton instance everywhere
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-19 11:50:04 -07:00
1efacea48a
Merge pull request #225 from moxiegirl/hugo-tooling-15
...
Retooling for Hugo 15 patch
2015-10-18 14:19:48 -07:00
b42f9241a4
Merge pull request #219 from cyli/server-healthcheck
...
Healthchecks for notary-server
2015-10-16 18:06:39 -07:00
3c58f3cffc
Simplify server health check to only check only the key management client.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-16 15:11:19 -07:00
6db76a873e
Small cleanup as per review comments
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-16 14:48:05 -07:00
bdcd70eca7
Remove -debug from signer/server Dockerfiles
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-16 14:40:33 -07:00
497bbb2410
Retooling for Hugo 15 patch
...
Signed-off-by: Mary Anthony <mary@docker.com>
2015-10-16 13:17:58 -07:00
81380e0862
Even simpler - cancel the GRPC call using the context object passed
...
to the GRPC clients - thanks @endophage!
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-16 09:46:08 -07:00
089d8450d8
Merge pull request #218 from endophage/update_gotuf
...
updating gotuf in godeps
2015-10-15 15:30:19 -07:00
15b07101c0
updating gotuf dependency
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-15 14:52:18 -07:00
faff328d62
Simplify by using a single buffered channel, instead of having a done
...
channel and a regular channel - thanks @aaronlehmann!
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-15 11:43:17 -07:00
23a5d42bf6
Use a done channel to clean up and prevent the goroutine from writing
...
to a closed channel.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-15 11:15:07 -07:00
5f65d86411
Update circle-ci to use go 1.5.1
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-15 10:49:26 -07:00
a49406de42
Log an error if the notary server cannot reach the signer or otherwise
...
if the signer is in trouble, but do not fail the health check, since
the server can operate for a while without the signer (the server will
have degraded performance, but is not down)
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-15 10:48:10 -07:00
a1edc02b82
Use a function interface instead of declaring an anonymous interface in
...
the function arguments.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-15 10:34:11 -07:00
b94915628b
Changing docstring to re-trigger CI
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-15 09:13:24 -07:00
33e031444e
Better line wrapping and more comments
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-14 18:10:21 -07:00
bca919c65f
Making an RPC call would hang forever if the connection to the GRPC server dies
...
(it just retries to connect, and the RPC call would just block until it does), so change up
how this works by timing out the health check.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-14 18:03:19 -07:00
cd5015592a
Fix the key names for the server health checks
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-14 14:52:31 -07:00
37d7ee84ea
Add -debug to the notary-server Dockerfile so that the debug server
...
starts up and we can check 8080.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-14 14:50:43 -07:00
60271f3014
Enable the signer RPC health check calls to return the last checked health
...
status from the health package.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-14 14:49:39 -07:00
30330f43e2
Register trust health checks and DB health check with the notary server.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-14 13:23:38 -07:00
4028941b3f
Add health checks functions to the trust service client API.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-14 13:23:21 -07:00
6b98278282
Merge pull request #215 from cyli/server-uses-gorm
...
Use gorm for storing notary-server information
2015-10-14 13:09:37 -07:00
272f442fee
Use an anonymous interface instead, thanks @endophage
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-14 11:33:45 -07:00
79066c3403
Just drop the test tables when they should not exist
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-14 11:30:34 -07:00
7f0078d513
Define interface for iterating through gorm models by table name
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-14 11:30:04 -07:00
b5690cfc51
Undo accidental downgrade of Go version
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-14 11:09:46 -07:00
f49b74675d
Update Gotuf to the latest version (sqlite3 dependency changed) and clean up some old
...
Godep dependencies that are no longer needed.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-14 10:53:07 -07:00
e786d62f0f
Check for duplicate key errors in both mysql and sqlite3 in server/db
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-13 17:04:24 -07:00
ba4e596457
Move the testing.T module to be the first argument to helper functions.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-13 16:19:17 -07:00
09a041be14
Use more idiomatic go in if conditions.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-13 16:18:59 -07:00
9290507a1f
In server/storage/database, do not panic, and also return the right error.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-13 15:56:45 -07:00
bf783ff65f
Merge pull request #217 from mtrmac/circleci-make
...
Use Makefile targets for test/pre to avoid duplication
2015-10-13 13:34:19 -07:00
f677dcc1be
Use Makefile targets for test/pre to avoid duplication
...
Thus, we will actually test that the Makefile works.
Doesn’t yet convert test/override because the two already differ and
it’s not immediately obvious to me which one to use.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2015-10-13 22:21:41 +02:00
517dd4bbd0
Rename MySQL to SQL in server DB tests
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-13 11:28:57 -07:00
Ying Li
Ying Li
moxiegirl
David Lawrence
David Lawrence
Diogo Mónica
Miloslav Trmač