301c0892f3
Update README to reflect go 1.5.1 requirement and add an endpoint
...
to the makefile to check the go version
Signed-off-by: Ying Li <ying.li@docker.com>
2015-11-01 01:47:02 -07:00
e5c388d470
Merge pull request #246 from endophage/private_signer
...
Private keys implement crypto.Signer
2015-10-30 10:33:46 -07:00
06990fd5a1
integreating with @cyli's improvements
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-30 10:15:52 -07:00
7e5cc048b7
Merge pull request #253 from cyli/prometheus-server
...
Add prometheus stats to server http handlers
2015-10-29 22:22:24 -07:00
5ea5b40d3f
Add prometheus stats to server http handlers
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-29 21:04:35 -07:00
3bd4637b09
Merge pull request #251 from HuKeping/fix-list
...
Fix broken list
2015-10-29 20:03:49 -07:00
169d67169c
Fix broken list
...
Signed-off-by: Hu Keping <hukeping@huawei.com>
2015-10-30 10:46:06 +08:00
4c195db439
Merge pull request #249 from jfrazelle/dockerfile-cleanup
...
better named dockerfiles and upgrade to go 1.5.1
2015-10-29 19:04:11 -07:00
7a24fbf32f
adding singer interfaces to private keys:
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-29 17:48:15 -07:00
e904675043
Merge pull request #247 from cyli/remove-unlocked-cryptoservice
...
Remove unlocked_cryptoservice and GetRootCryptoService
2015-10-29 17:47:31 -07:00
4e59ed05bc
better named dockerfiles and upgrade to go 1.5.1
...
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2015-10-29 17:18:43 -07:00
91d54899d7
Add a GetPrivateKey method to cryptoservice so that we can future-proof
...
cryptoservice having multiple keystores
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-29 16:34:40 -07:00
7dc0dbec84
Remove the cryptoservice argument to sign
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-29 16:34:21 -07:00
a3e9558b03
1. Add docstring as to why we are trying a key ID with a GUN and one without - thanks @diogo!
...
2. Call NotaryRepository.cryptoService.GetKey rather than
NotaryRepository.KeyStoreManager.KeyStore.GetKey
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-29 16:13:23 -07:00
a0b8fa4957
Rename unlocked_crypto_service files
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-29 15:17:08 -07:00
b9a4175ea9
Update the client NotaryRepository to initialize with a root key ID
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-29 15:11:15 -07:00
9d2585ea8a
Remove unlocked crypto service and get root crypto service.
...
Generate key is now just a function.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-29 15:03:27 -07:00
f9019873a6
Merge pull request #243 from endophage/key_types
...
creating concrete types for the various key ciphers
2015-10-29 14:21:33 -07:00
0e5ebb984a
Merge pull request #245 from cyli/prometheus
...
Add prometheus as a dependency
2015-10-29 14:18:31 -07:00
8696c64d12
Add prometheus as a dependency
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-28 20:21:45 -07:00
b7ce16ab6f
fixes for Diogo's comments
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-28 19:24:51 -07:00
ca7988d642
fixing lint + vet things
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-28 16:20:08 -07:00
f73560d839
creating concrete types for the various key ciphers
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-28 16:02:55 -07:00
570ef86584
Merge pull request #233 from cyli/codecov
...
Use make targets in circleci, more complete coverage
2015-10-28 15:55:33 -07:00
6dcad7860f
Merge pull request #237 from cyli/mutual-auth
...
Support mutual authentication between the server and signer
2015-10-28 15:55:24 -07:00
aa5b621968
Fix import error after rebase
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-28 15:44:33 -07:00
adda5776cb
Use ListenAndServeTLS with blank args, since ListenAndServe doesn't actually set up TLS
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-28 15:42:36 -07:00
126691ac9e
Update the notary server and signer configs to make use of client authentication.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-28 15:42:33 -07:00
34aecae033
Split out parsing the client TLS in notary-server.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-28 15:40:41 -07:00
04a78e720f
Factor out and test TLS configuration in notary-server.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-28 15:39:52 -07:00
bbf941d198
Allow client CAs to be provided to notary-signer.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-28 15:39:52 -07:00
0a3025c959
Merge pull request #235 from HuKeping/update-readme
...
Docs: update readme
2015-10-28 15:36:59 -07:00
daa36b43b7
Merge pull request #242 from docker/unify-root-nonroot-keystore
...
Unify root nonroot keystore
2015-10-28 13:14:19 -07:00
ccb2e1a8f4
Merge pull request #241 from endophage/include_gotuf
...
Include gotuf in notary
2015-10-28 13:13:48 -07:00
6150c931dd
Make a keysMap rather than just declaring
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-28 12:47:42 -07:00
34cbbb270b
updating maintainers and adding top level contributors, removing those files from tuf dir
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-27 22:59:23 -07:00
fa70a79ed7
go fmt was complaining about import order after my sed replacement
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-27 17:22:08 -07:00
21ee24bc30
fixing vet error in existing notary code
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-27 16:37:41 -07:00
57aaee1c1c
Remove unneeded contants from keystoremanager
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-27 16:36:53 -07:00
2833a88292
adding gotuf to notary
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-10-27 16:36:06 -07:00
75b63b84cd
Add import/export to KeyStore interface so that the import_export code
...
makes use of this rather than mangle files manually to import/export
root keys. (Regular keys it just zips up the whole directory.)
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-27 16:19:14 -07:00
566bd3ce67
Combine the nonRootKeyStore with the rootKeyStore, and move the abstracting
...
over the root keys directory from non-root keys directory from keystoremanager
to keystore, since we're eliminating keystoremanager.
Maintain the two separate directories, though, because one can't tell whether
there is an old-style separate-directories structure, or if someone has a GUN
that starts with tuf_keys.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-27 12:33:46 -07:00
4036910a6a
Merge pull request #240 from cyli/server-healthcheck-endpoint
...
Add the health handler to the main server
2015-10-27 11:47:53 -07:00
b238d85159
Add the health handler to the main server
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-26 14:23:48 -07:00
bcdd375ce5
Merge pull request #229 from cyli/tls-config-refactor
...
Factor out TLS configuration code for server and TLS
2015-10-26 09:33:41 -07:00
399df0a982
Merge pull request #234 from cyli/remove-symlinks
...
Remove symlinking root keys
2015-10-26 08:23:35 -07:00
f8b9127181
Docs: update readme
...
Two main things:
- Update the content
- Update broken links
Signed-off-by: Hu Keping <hukeping@huawei.com>
2015-10-26 16:42:20 +08:00
408f1efee7
Use -coverpkg to build multiple coverage outputs and use a tool
...
to merge them, to get more complete coverage information (so a package
can be tested by code outside the package).
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-24 02:31:09 -07:00
0eb76f4057
Remove option prefixing
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-23 21:55:53 -07:00
ed61974d10
Remove linking from the filestore
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-10-23 21:19:47 -07:00
Ying Li
Ying Li
David Lawrence
Diogo Mónica
HuKeping
David Lawrence
Jessica Frazelle