docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,183 Commits 21 Branches 28 Tags 816 MiB
Commit Graph

160 Commits

Author SHA1 Message Date
David Lawrence e516dd88f2 cleaning up tests by converting t.Fatal to assert.___ 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-23 09:41:03 -08:00
Ying Li 2900423fa2 Minor error message changes 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-22 16:29:28 -08:00
Ying Li 7592a029ef Do not create the delegation metadata when the delegation is created. 
Only create it when a target is added to it, or other delegations
are added to it, or when getting a child delegation.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-18 16:37:24 -08:00
David Lawrence d3a54cab25 the empty string should be used in delegation Paths to indicate a role can sign anything 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-18 16:10:43 -08:00
David Lawrence f72f799806 fixing up ListTargets and GetTargetByName to process prioritized roles more efficiently 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-17 14:56:05 -08:00
David Lawrence 4a9ebb8bc8 adding test for ListTargets with delegation 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-17 10:09:34 -08:00
David Lawrence e0dd8c82bf removing TODO for delegated roles on server 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-16 22:00:58 -08:00
David Lawrence ad0582ae9c test that a child role gets removed from the update if it doesn't exist in the parent 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-16 19:27:04 -08:00
David Lawrence a27e4f7471 moving comment about sorting for clarity 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-16 16:44:12 -08:00
David Lawrence 38d2175087 tests for new validation code 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-16 15:06:48 -08:00
David Lawrence 63ecf5f92f server side delegations support in validation and snapshot generation 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-16 15:06:05 -08:00
David Lawrence 8bca542c17 restructuring validateUpdate to get rid of prepRepo 
removing attempt in server/snapshot/snapshot.go to regenerate
metadata for roles in snapshot.

Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-11 16:20:20 -08:00
David Lawrence 03aa3509bd fixing bugs raised by @mtrmac 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-11 15:06:24 -08:00
Diogo Mónica ec78a03045 Merge pull request #356 from HuKeping/refactor-mainhandler 
Refactor a little to reduce indentation
 2015-12-11 11:46:26 -08:00
Miloslav Trmač da7c87f9dc Fix (make vet) 
server/handlers/default_test.go:353: GetCurrent passes Lock by value: handlers.failStore contains github.com/docker/notary/server/storage.MemStorage contains sync.Mutex
tuf/store/httpstore_test.go:208: github.com/docker/notary/tuf/validation.ErrBadRoot composite literal uses unkeyed fields

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2015-12-11 19:59:16 +01:00
HuKeping b78823e5c3 Refactor a little to reduce indentation 
Signed-off-by: Hu Keping <hukeping@huawei.com>
 2015-12-11 15:48:09 +08:00
Ying Li 6aa114a49f Fix all instances where 'propagate' was mispelled as 'propogate' 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-10 15:12:05 -08:00
Ying Li 20f5b5f3b2 Ensure that the server produces errors the client can parse. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-09 16:48:09 -08:00
Ying Li fb9afbc5d8 Server propogates validation failures in the 400 response. 
Previously, it just said that the update was invalid, but not why.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-09 15:10:17 -08:00
Ying Li 3aa13e6645 Move validation errors to tuf, since that is the expected server interface. 
Also make the validation errors serializable as JSON.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-09 14:04:44 -08:00
Ying Li 4208945fc1 Move the notary errors HTTP errors into the server package. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-09 11:22:49 -08:00
Ying Li 45c740b6b8 Add an invalid update error to the server errors. 
This would represent a validation error on the updates, as opposed to
a malformed upload error.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-09 11:16:35 -08:00
Ying Li d59ae2d90f Add the handler for GET-ting a snapshot key. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-07 15:13:58 -08:00
David Lawrence eb75898c43 fix roleExpired varname, it shadowed a func name 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-07 14:44:11 -08:00
David Lawrence fb76bca9f0 adding comment to snapshot key insert race condition test per @cyli's request 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-07 12:55:09 -08:00
David Lawrence 09a6fa07a1 some tests for the handlers 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-07 12:55:09 -08:00
David Lawrence 91c9b61edb update GetHandler to use new snapshot code 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-07 12:55:09 -08:00
David Lawrence 844c1872c4 adding tests for server/snapshot/snapshot.go 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-07 12:55:09 -08:00
David Lawrence b0c7ef5b88 addressing @cyli's comments 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-07 12:55:09 -08:00
David Lawrence cae5940c70 generate snapshots server side 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-07 12:55:09 -08:00
David Lawrence 064e37560e adding tests for role based key support on server 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-03 13:58:25 -08:00
David Lawrence e20773f2b1 renaming TimestampKey and ErrTimestampKeyExists to just Key and ErrKeyExists 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-03 11:25:45 -08:00
David Lawrence c2c474b9c6 generalize notary server key storage to be able to handle any role, not just timestamps 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-03 11:25:45 -08:00
David Lawrence a1ec8c69e0 unify the timestamp handler with the handler for getting other tuf metadata 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-02 15:50:54 -08:00
Ying Li 9c3d87d5eb When validating root.json on the server, timestamp threshold must be 1. 
This is because the server handles the timestamp key and timestamp signing.
So there can only ever be 1 key.  Thanks @mtrmac for pointing this out.

This change also refactors some of the test code somewhat.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-11-24 17:47:00 -05:00
Ying Li bd84f3cce1 Address review comments. 
Thanks @mtrmac!

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-11-24 13:55:15 -05:00
Ying Li 4f8c1a8ef4 Server check that the root.json's timestamp key ID is valid. 
If the client sends a root.json with an invalid timestamp key ID,
possibly because they are pushing an existing repo to a new server,
then the server should reject the update.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-11-18 00:57:40 -08:00
David Lawrence bc0c0d4ea1 health check will never be able to get auth token so remove RootHandler wrapper 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-11-12 01:08:41 -08:00
Diogo Mónica 7e5cc048b7 Merge pull request #253 from cyli/prometheus-server 
Add prometheus stats to server http handlers
 2015-10-29 22:22:24 -07:00
Ying Li 5ea5b40d3f Add prometheus stats to server http handlers 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-10-29 21:04:35 -07:00
Ying Li 7dc0dbec84 Remove the cryptoservice argument to sign 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-10-29 16:34:21 -07:00
Ying Li f9019873a6 Merge pull request #243 from endophage/key_types 
creating concrete types for the various key ciphers
 2015-10-29 14:21:33 -07:00
David Lawrence f73560d839 creating concrete types for the various key ciphers 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-10-28 16:02:55 -07:00
Ying Li 04a78e720f Factor out and test TLS configuration in notary-server. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-10-28 15:39:52 -07:00
David Lawrence 21ee24bc30 fixing vet error in existing notary code 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-10-27 16:37:41 -07:00
David Lawrence 2833a88292 adding gotuf to notary 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-10-27 16:36:06 -07:00
Ying Li b238d85159 Add the health handler to the main server 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-10-26 14:23:48 -07:00
Ying Li bcdd375ce5 Merge pull request #229 from cyli/tls-config-refactor 
Factor out TLS configuration code for server and TLS
 2015-10-26 09:33:41 -07:00
Ying Li 61f9f84254 Use configuration option structures to set up client TLS and server TLS. 
Test for if client cert is passed without a client key and vice versa.
Fail in ConfigureClientTLS if only one of client cert/key is passed.
Lint fixes.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-10-21 18:43:33 -07:00
David Lawrence 8a996f417a updating godeps and notary for some syntax changes in gotuf brought on by golint 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-10-20 23:56:35 -07:00