6f221551a3
Merge pull request #311 from mtrmac/invalid-passphrase
...
Fix error handling on invalid root passphrase
2015-12-10 08:40:02 -08:00
e19e7fc44d
Remove misleading passphrase-related error handling in NotaryRepository.Initialize:
...
1. It is on a path where those errors can never happen
2. The specific error handling would silently ignore the error, which
can’t be right anyway.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2015-12-09 19:58:02 +01:00
57a15112c8
Fix error handling on invalid root passphrase
...
When the user insists on an invalid passphrase (or aborts the
operation), CryptoService.GetPrivateKey will try the correct root
location first, correctly failing, and then try to look for the root key
in the $gun subdirectory, and so will return the last error, a confusing
”open $path: no such file or directory”.
So, recognize the passphrase-related errors and fail with them directly.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2015-12-09 19:58:02 +01:00
d3c3d70d6d
Add gun to CryptoServiceTester
...
The gun field is not necessary yet, but will be useful in a future
commit. But including it immediately allows us to simplify by using
an ordinary method for cryptoServiceFactory instead of closures.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2015-12-09 19:45:34 +01:00
2bfadacf34
Merge pull request #341 from HuKeping/parse-viper
...
Add a function to parse viper
2015-12-08 17:31:55 -08:00
639f1e80f0
Use the function to parse viper on server side
...
Signed-off-by: Hu Keping <hukeping@huawei.com>
2015-12-09 09:17:25 +08:00
bfe7316de9
Add a function to parse viper
...
None of these `filename`, `ext` or `configPath` should be in `main`,
they are all just for creating a instance of Viper and then nothing.
Do it in a separate function will make the function `main` more readable.
Signed-off-by: Hu Keping <hukeping@huawei.com>
2015-12-09 09:17:24 +08:00
a3d2974e1b
Merge pull request #344 from cyli/client-new-repo-refactor
...
Minor refactor of NotaryRepository constructor to use more shared code.
2015-12-08 15:11:09 -08:00
9ef782184c
Minor refactor of NotaryRepository constructor to use more shared code.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-12-07 17:19:28 -08:00
5f1100a3bf
Merge pull request #343 from endophage/fix_340
...
fixing incomplete comment as raised in #340
2015-12-07 16:37:55 -08:00
d9419287ea
Merge pull request #339 from cyli/server-handler
...
Get Snapshot Key Handler
2015-12-07 16:22:15 -08:00
4261d28d46
fixing incomplete comment as raised in #340
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-07 16:12:09 -08:00
d59ae2d90f
Add the handler for GET-ting a snapshot key.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-12-07 15:13:58 -08:00
bf0c6d0844
Fix bug with ED25519 cryptoservice's ListKeys
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-12-07 15:01:40 -08:00
dd69872bb6
Merge pull request #332 from endophage/server_snapshot
...
Server snapshot
2015-12-07 14:56:07 -08:00
eb75898c43
fix roleExpired varname, it shadowed a func name
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-07 14:44:11 -08:00
3e96684ba1
Merge pull request #338 from cyli/keydbstore-error
...
KeyDBStore refactor so that it just directly takes the DB arguments.
2015-12-07 14:33:01 -08:00
fb76bca9f0
adding comment to snapshot key insert race condition test per @cyli's request
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-07 12:55:09 -08:00
09a6fa07a1
some tests for the handlers
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-07 12:55:09 -08:00
91c9b61edb
update GetHandler to use new snapshot code
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-07 12:55:09 -08:00
844c1872c4
adding tests for server/snapshot/snapshot.go
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-07 12:55:09 -08:00
b0c7ef5b88
addressing @cyli's comments
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-07 12:55:09 -08:00
cae5940c70
generate snapshots server side
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-07 12:55:09 -08:00
d02f6f2686
Merge pull request #334 from docker/client-test-refactor
...
Refactor the client TestInitRepo test into reusable helper functions.
2015-12-07 12:52:04 -08:00
8417f6670b
KeyDBStore refactor so that it just directly takes the DB arguments.
...
Rather than create an SQL DB, then create a gorm BD using the SQL
DB. Also split the Create/Get test into two tests.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-12-04 10:05:31 -08:00
52aa55076b
Merge pull request #333 from jfrazelle/update-maintainers
...
update maintainers file for parsing
2015-12-04 09:24:35 -08:00
e3cee0cdbd
Refactor the client TestInitRepo test into reusable helper functions.
...
Also, eliminate the timestamp JSON constant and just generate a new
one for the tests.
The client test now also uses KeyFileStore and certs.Manager to
verify the keys and certs on disk, rather than directly manipulating
the files themselves. This way, if the exact implementation of
KeyFileStore or certs.Manager changes, this test won't fail so long
as KeyFileStore and certs.Manager are self-consistent.
Signed-off-by: Ying Li <ying.li@docker.com>
2015-12-03 17:52:22 -08:00
414aeb4c42
Merge pull request #329 from endophage/generalize_server_keys
...
Generalize server keys
2015-12-03 14:22:09 -08:00
132122a454
update maintainers file for parsing
...
update standard for dockerfiles so we can clean up dockers and parse
into one repo
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2015-12-03 14:01:40 -08:00
064e37560e
adding tests for role based key support on server
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-03 13:58:25 -08:00
c0a84c2508
update notarymysql/migrate.go to add role to timestamp_keys and update indexes
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-03 11:48:18 -08:00
2dc2fe6738
set initial role value for existing records in timestamp_keys table
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-03 11:25:45 -08:00
e20773f2b1
renaming TimestampKey and ErrTimestampKeyExists to just Key and ErrKeyExists
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-03 11:25:45 -08:00
76caa3d76a
adding migrations for new timestamp_keys role column including key changes
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-03 11:25:45 -08:00
c2c474b9c6
generalize notary server key storage to be able to handle any role, not just timestamps
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-03 11:25:45 -08:00
9b4f7ca599
Merge pull request #323 from endophage/mysql_parsetime
...
when using a mysql database, need to set parseTime=True in connection…
2015-12-03 11:05:27 -08:00
77d72ba81c
when using a mysql database, need to set parseTime=True in connection string query params
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-03 10:39:13 -08:00
60fe3c48f6
Merge pull request #319 from endophage/migrations
...
initial database migration state
2015-12-02 16:22:11 -08:00
44fe5bcaa4
initial database migration state
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-02 16:09:41 -08:00
7c5563b7b2
Merge pull request #327 from endophage/unify_tuf_http_get
...
unify the timestamp handler with the handler for getting other tuf metadata
2015-12-02 16:04:52 -08:00
a1ec8c69e0
unify the timestamp handler with the handler for getting other tuf metadata
...
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-12-02 15:50:54 -08:00
5593112f85
Merge pull request #318 from docker/post-to-codecov
...
Re-enable pushing coverage reports to codecov.io
2015-12-02 15:45:51 -08:00
9c8e084e0d
Run coverage merge and reporting on all parallel containers.
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-12-02 15:30:22 -08:00
555a46d8f8
Re-enable pushing coverage reports to codecov.io
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-12-02 15:30:22 -08:00
cb2b2951e0
Merge pull request #325 from mbentley/db-exist-check
...
Added check to skip db import if exists
2015-12-02 15:27:46 -08:00
3b02384a0a
Added check to skip db import if exists
...
Signed-off-by: Matt Bentley <matt@docker.com>
2015-12-02 17:05:24 -05:00
d131a7a7fd
Merge pull request #320 from HuKeping/tiny
...
Tiny refactor
2015-12-02 09:58:49 -08:00
9ad415e0b5
Tiny refactor
...
It's no need to keep the `err` after asserting it should be `nil`, and
we can merge these two logs into one I suppose.
Signed-off-by: Hu Keping <hukeping@huawei.com>
2015-12-02 19:22:56 +08:00
8292d1866d
Merge pull request #299 from docker/server-parsing-trust
...
Fixed bug parsing trust service info in notary server.
2015-11-30 19:31:13 -08:00
870fe0fd01
Define injected function types for notary-server/main.getTrustService
...
Signed-off-by: Ying Li <ying.li@docker.com>
2015-11-30 17:24:28 -08:00
David Lawrence
Miloslav Trmač
HuKeping
Diogo Mónica
Ying Li
Ying Li
David Lawrence
Jessica Frazelle
Matt Bentley