docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
287 Commits 21 Branches 28 Tags 816 MiB
Commit Graph

287 Commits

Author SHA1 Message Date
Diogo Mónica 5490ece809 Merge pull request #56 from dmcgowan/fix-timestamp-algorithm 
Change fallback timestamp algorithtm to supported version
 2015-07-14 15:39:48 -07:00
Diogo Mónica eb8e868e6d Merge pull request #53 from docker/import-notary-signer 
Import notary signer, refactor notary-signer API again
 2015-07-14 14:33:10 -07:00
Nathan McCauley 79af8434d3 exclude proto gen'd code from go fmt during circle ci 
Signed-off-by: Nathan McCauley <nathan.mccauley@docker.com>
 2015-07-14 14:21:52 -07:00
Nathan McCauley 40fd60264a exclude proto gen'd code from go fmt 
Signed-off-by: Nathan McCauley <nathan.mccauley@docker.com>
 2015-07-14 14:13:19 -07:00
Aaron Lehmann c82440258f Add documentation for FindKeyByID function 
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-14 14:06:52 -07:00
Derek McGowan 3971955cfe Change fallback timestamp algorithtm to supported version 
ECDSA timestamp keys currently not supported by crypto service, use support ED25519.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
 2015-07-14 11:44:50 -07:00
Aaron Lehmann e7e9ef4a0d Don't hardcode RSA algorithm 
When we need to find a key from its ID, search all available signing
services. There should only be a few, so this shouldn't have much
overhead. This avoids the need to maintain a persistent mapping between
key ID and the responsible signing service.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-14 10:49:43 -07:00
Diogo Monica 321b155596 Godeps update, removed dependency on rufus 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-14 00:39:03 -07:00
Diogo Monica f03626a10e Refactored Rufus API 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-14 00:23:38 -07:00
Diogo Monica 9a4c2dc744 Initial copy of notary-signer 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-14 00:23:22 -07:00
Diogo Monica ead0224526 Removing commented out code 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-13 20:32:51 -07:00
David Lawrence b8674162f8 Merge pull request #44 from endophage/atomic_update 
Atomic updates of metadata.
 2015-07-13 20:23:01 -07:00
David Lawrence 0f26bdf956 adding errors if role is empty or bad 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 19:50:09 -07:00
David Lawrence 6dd18754b2 Merge pull request #48 from endophage/db_schema 
refactoring database schema out into its own file
 2015-07-13 18:45:45 -07:00
David Lawrence 81ab80d0bf adding sqlmock godep 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 18:19:31 -07:00
David Lawrence 6533da1be4 tests for atomic update 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 18:19:31 -07:00
David Lawrence 5bcd3ff52d reworking the insert check for TUF metadata in the database 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 18:18:33 -07:00
David Lawrence 40921a4bed fixing lint and vet errors 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 18:18:33 -07:00
David Lawrence ec08d28610 provide an additional handler to allow clients to update any set of TUF metadata atomically 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 18:18:33 -07:00
David Lawrence c35eed7b36 Merge pull request #50 from dmcgowan/fix-token-type 
Fix access controller resource type
 2015-07-13 17:46:36 -07:00
Derek McGowan e4bb29a669 Fix access controller resource type 
The token server returns tokens with the type as "repository" not "repo".

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
 2015-07-13 16:22:05 -07:00
Diogo Mónica 935b9a9366 Merge pull request #47 from docker/cryptoservice-refactor 
Refactor crypto service
 2015-07-13 15:29:59 -07:00
Diogo Monica 8dcea65731 Adding new gotuf 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-13 15:28:33 -07:00
Aaron Lehmann e4704f9729 Update notary for removal of signed.Signer 
We now deal with CryptoServices directly instead of passing around
Signers.

UnlockedSigner becomes UnlockedCryptoService because it no longer
contains a Signer.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-13 15:18:02 -07:00
Aaron Lehmann ea298b4999 Update gotuf to 875881b1d0ce625f54318e3ebfd79414a6b5e285 
This brings in the Signer removal.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-13 14:42:24 -07:00
David Lawrence bfdb5f72b0 refactoring database schema out into its own file for easier use outside of containers 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 14:41:51 -07:00
David Lawrence 76478a52ab Merge pull request #11 from docker/authentication 
Auth mechanisms
 2015-07-13 14:33:11 -07:00
David Lawrence 12dd2c2273 challenge.ServeHTTP doesn't set Unauthorized status code 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 14:21:14 -07:00
David Lawrence da59198191 adding htpasswd auth to support the same set of mechanisms as distribution 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 14:17:24 -07:00
Diogo Monica a139807d89 Fixing lint 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-13 14:01:26 -07:00
Diogo Monica 765a2cf661 Refactor crypto service 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-13 13:53:47 -07:00
David Lawrence 17af21f00c Merge pull request #46 from dmcgowan/use-distribution-uuid 
Use uuid library from distribution
 2015-07-13 10:56:13 -07:00
Derek McGowan c87caf3979 Use uuid library from distribution 
Distribution updated context library to use its own uuid library which does not panic on entropy exhaustion.
Updated to use latest context library from distribution.
Updated auth to match context and uuid library version.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
 2015-07-13 10:09:06 -07:00
Diogo Mónica 3f5a78d235 Merge pull request #45 from docker/adding-ecdsa 
Adding ECDSA support
 2015-07-12 23:04:47 -07:00
Diogo Monica 373e4f6c76 Adding term as new dependency 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 23:00:20 -07:00
Diogo Monica 1f5d935cc8 Fixing lint 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:51:27 -07:00
Diogo Monica 2522b3f6df Updating gotuf 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:49:35 -07:00
Diogo Monica 1a054d7741 Small nits 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
Diogo Monica ba94fdd19d Signature/key types are now used correcty and are represented by constants. 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
Diogo Monica 085c613527 Refactored fingerprint cert and added better debugging 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
Diogo Monica 39482c2397 Working ECDSA implementation 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
Diogo Monica 43d0ec8a75 Initial ECDSA trustmanager methods 
Signed-off-by: Diogo Monica <diogo@docker.com>

Splitting CryptoService into ECDSA and RSA cryptoservices

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>

Working ECDSA support

Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
Diogo Mónica 0e0605c6e2 Merge pull request #43 from dmcgowan/fix-fmt-lines 
Use logrus instead of fmt.Println
 2015-07-12 11:40:08 -07:00
Derek McGowan f292b562e2 Use logrus instead of fmt.Println 
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
 2015-07-10 17:10:23 -07:00
Diogo Mónica cab1006568 Merge pull request #42 from docker/signing-methods 
Signing methods
 2015-07-10 15:21:21 -07:00
Diogo Monica 5a7e1ca7f2 Vendoring new gotuf 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-10 15:17:44 -07:00
Aaron Lehmann f8e087a17a Unify CryptoService and RootCryptoService 
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-10 15:10:44 -07:00
Aaron Lehmann 81f5fd7461 Switch to RSA-PSS 
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-10 15:10:19 -07:00
Aaron Lehmann a45c3e3965 Modify TestAddTarget to make TestAddListTarget 
This test now checks ListTargets and GetTargetByName as well. To do
this, it needs to expose signed metadata files over the internal HTTP
server. This means adding the timestamp private key to the key store and
exposing various json files as endpoints that serialize the necessary
data.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-10 10:19:14 -07:00
David Lawrence d1b09962f1 using roundtripper in notary client 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-10 10:02:38 -07:00