docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,379 Commits 25 Branches 28 Tags 827 MiB
Commit Graph

1379 Commits

Author SHA1 Message Date
Ying Li d67a7e128c Refactor the notary command line to not use global mutable state, and to not exit on error. 
This way we can test the command more easily (we want to test the error, as opposed to
just killing the test).

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-02-03 12:01:16 -08:00
Diogo Mónica 6acb6a1802 Merge pull request #528 from docker/delegation-api 
Break down client API for delegations
 2016-02-03 11:53:57 -08:00
Diogo Mónica f744660f49 Merge pull request #538 from docker/add-docker-go-connections 
Add the github.com/docker/go-connections/tlsconfig dependency to godeps
 2016-02-03 11:17:59 -08:00
Ying Li c495410402 Add the github.com/docker/go-connections/tlsconfig dependency to godeps 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-02-03 10:00:29 -08:00
Riyaz Faizullabhoy 0369344a78 split client.go into delegations.go 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-02 17:10:07 -08:00
Riyaz Faizullabhoy 9c84547853 Add tests against old style changes and clear paths 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-02 17:01:35 -08:00
Riyaz Faizullabhoy 70ee4f8670 PoC broken down client api for delegations 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-02 17:01:35 -08:00
Diogo Mónica 2fac65df71 Merge pull request #533 from endophage/remove_dead_targets_code 
removing last vestiges of target download code
 2016-02-02 16:55:43 -08:00
David Lawrence c07c7b49c2 removing last vestiges of target download code 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-02-02 11:39:17 -08:00
David Lawrence 905cbb7852 Merge pull request #531 from endophage/metrics_url 
update metrics endpoint
 2016-02-02 10:33:40 -08:00
David Lawrence f26a5c3c57 update metrics endpoint 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-02-02 09:52:43 -08:00
Ying Li 0202055694 Merge pull request #532 from HuKeping/db 
Stop logging out critical info of database
 2016-02-02 09:46:47 -08:00
HuKeping 5e088ee4dc Stop logging out critical info of database 
The signer will print out the user name and password of the database
which could cause security problem.

The server side is OK.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-02-02 20:02:08 +08:00
Diogo Mónica 9f67e93381 Merge pull request #519 from endophage/consistent_download 
Consistent Download
 2016-02-01 17:47:44 -08:00
David Lawrence 1bf3dd08db Addressing comments from review 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-02-01 17:21:25 -08:00
Riyaz Faizullabhoy 3fcfa2043c Merge pull request #522 from HuKeping/log 
Comments: rework some comments
 2016-02-01 11:10:32 -08:00
HuKeping 9f19815b08 Comments: rework some comments 
Make the error log message different from the following
`subtle.ConstantTimeCompare()` in the same function.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-02-01 09:45:56 +08:00
Diogo Mónica c583f993e3 Merge pull request #513 from moxiegirl/add-to-ddc 
Notary for 1.10 in docs.docker.com
 2016-01-30 11:32:16 -08:00
Mary Anthony 5a067e72ef Updating with the finished work 
Signed-off-by: Mary Anthony <mary@docker.com>
 2016-01-30 11:09:20 -08:00
Mary Anthony aa50ca6cd6 Adding Notary to ddc 
Making title conform
Updating links to the script/menu label

Signed-off-by: Mary Anthony <mary@docker.com>
 2016-01-30 06:24:20 -08:00
David Lawrence dec9a5a95c cleaning up some dead code and fixing memorystore consistency 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-29 16:52:58 -08:00
David Lawrence 637a2331d4 client side of consistent downloads 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-29 16:52:58 -08:00
Diogo Mónica 3eac9a8185 Merge pull request #516 from docker/canonical-key-id 
use only canonical IDs for display on delegation CLI commands,
 2016-01-29 16:43:25 -08:00
Diogo Mónica 564f8d06d3 Merge pull request #515 from docker/roles-for-targets 
Roles for targets via notary CLI
 2016-01-29 16:08:29 -08:00
Riyaz Faizullabhoy a16e6b58b5 use only canonical IDs for display on delegation CLI commands, translate to TUF key IDs for metadata usage under the hood 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-29 16:00:42 -08:00
Diogo Mónica 90d2017c6e Merge pull request #496 from docker/update-when-server-meta-corrupt 
Update when server metadata is corrupt
 2016-01-29 15:43:45 -08:00
Ying Li 5a39366f75 Clarify comments w.r.t. having an 'extra space' as being corrupted in transit. 
Also, we are not sure if we want to support thresholds, so make sure the comments
reflect that.

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-29 11:07:01 -08:00
Ying Li 1baf3c781c Add test that update fails if the local root is corrupt AND the remote root is corrupt. 
Signed-off-by: Ying Li <ying.li@docker.com>

Conflicts:
	client/client_update_test.go
 2016-01-29 11:07:01 -08:00
Ying Li 237561a2a9 Fixed timestamp downloading so if verification fails, we fall back to cached. 
Signed-off-by: Ying Li <ying.li@docker.com>

Conflicts:
	tuf/client/client.go
 2016-01-29 11:05:21 -08:00
Ying Li befd30e9a4 Add tests for updating if server has metadata corruption such that the checksum was valid. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-29 11:01:31 -08:00
Ying Li bb5f9cc170 Update swizzler so that if messing up the root file, we can still get the pub keys and sign. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-29 11:01:31 -08:00
Ying Li f8a0e46b6c Add test for when any downloaded metadata has an invalid checksum compared to snapshot or timestamp. 
Signed-off-by: Ying Li <ying.li@docker.com>

Conflicts:
	client/client_update_test.go
 2016-01-29 11:01:31 -08:00
Ying Li a969db7a13 Add swizzler method to just change the checksum by adding a space. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-29 11:01:31 -08:00
Diogo Mónica e0b507bfc2 Merge pull request #501 from HuKeping/work-branch 
Use seperate databases for notary server and signer
 2016-01-29 10:13:18 -08:00
HuKeping 4b77c49401 Tiny rework on mysql start scripts. 
Fix some typo and update some comments.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-01-29 10:10:25 +08:00
HuKeping c739428591 [PATCH 4/4] Add docs for notary mysql 
This patch add the recommendation to guide people deploying a more
secure MySQL for notary.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-01-29 10:10:25 +08:00
HuKeping 91d66f5e7a [PATHC 3/4] Only create the needed tables 
Make database notaryserver and notarysigner only create the tables they
need.

The signer only needs the private_keys table, and the server only needs
the timestamp_keys and tuf_files tables.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-01-29 10:10:25 +08:00
HuKeping 9427c372af [PATCH 2/4] Add check for old database notary 
Check whether the database `notary` exist or not and warn people
to manually migrate those tables if it exist.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-01-29 10:10:25 +08:00
HuKeping e77db8a308 [PATCH 1/4] Use seperate databases for notary server and signer 
For security, server should not be able to access the `private_key` table
and we can go further more, say, use seperate databases for the server
and signer.

This patch creates two users corresponding to the different databases.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-01-29 10:10:25 +08:00
Diogo Mónica 54667d1254 Merge pull request #520 from endophage/add_logf_docs 
adding doc for notary-server -logf option
 2016-01-28 17:59:33 -08:00
Diogo Mónica 96d451e1c5 Merge pull request #495 from docker/filestore-getmeta-size 
ensure filestore GetMeta only returns up to size bytes.  Add max size constant
 2016-01-28 17:36:35 -08:00
Diogo Mónica 32d9cd7c4a Merge pull request #485 from docker/passphrase-change 
passwd command and tests
 2016-01-28 17:35:44 -08:00
Diogo Mónica ab389c6849 Merge pull request #517 from docker/changelog-doc 
Add a doc about how to upgrade to v0.2.
 2016-01-28 17:34:15 -08:00
David Lawrence 80fb9f2e12 adding doc for notary-server -logf option 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-28 17:32:35 -08:00
Ying Li 8c895747c5 Add a doc about how to upgrade to v0.2. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-28 16:21:22 -08:00
Riyaz Faizullabhoy cd7274f1b9 Add additional tests with different delegation key format using role PEM header 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-28 15:49:09 -08:00
Riyaz Faizullabhoy 8f0a3c3975 Merge pull request #512 from HuKeping/tiny 
Tiny refactor: to keep code style consistent
 2016-01-28 14:20:26 -08:00
Riyaz Faizullabhoy 9c59af1397 passwd command and tests 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-28 10:36:05 -08:00
Riyaz Faizullabhoy 2964e8c6f4 add integration test for adding/listing/removing targets from roles 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-28 10:20:27 -08:00
Riyaz Faizullabhoy 41643d4a9c make -1 read up to 100MB of data, use for non-timestamps. Reduce 
timestamp to 1MB max

Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-28 10:17:17 -08:00