docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
320 Commits 25 Branches 28 Tags 827 MiB
Commit Graph

136 Commits

Author SHA1 Message Date
Richard Scothern df18a541e2 Fix the staging deployment. 
Add a service name and ephemeral ports to notary server.
Remove certs as TLS is terminated in the ELB.

Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
 2015-07-16 09:50:52 -07:00
Diogo Mónica 0ed6072a4a Merge pull request #67 from docker/adding-certs 
Adding new certificates
 2015-07-15 22:35:54 -07:00
Richard Scothern 8eafc998f7 Merge pull request #63 from endophage/fix_sql 
fixing database queries
 2015-07-15 22:33:48 -07:00
Diogo Monica 3debfbca10 Reissued all certs with correct SANs 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-15 21:42:24 -07:00
Diogo Monica ddfcd50471 Changing .pem to .crt everywhere 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-15 20:44:09 -07:00
Diogo Monica cdee810942 Changed notary-server to point at new certs 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-15 19:45:34 -07:00
Aaron Lehmann 167a07c894 Change notary-signer to use gotuf's key types 
This causes notary-signer to use gotuf's Key interface instead of
defining its own redundant types.

We can go further with this in the future by removing the redundant
ED25519 implementation. This would be refactored into the cryptoservice
package, and notary-signer would be changed to use that package's
cryptoservice for key creation and signing operations.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-15 17:22:46 -07:00
David Lawrence 72d7d35221 fixing database queries 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-15 16:19:14 -07:00
Aaron Lehmann a16581ecc7 Move CryptoService and UnlockedCryptoService into a cryptoservice package 
Move GenRootKey and GetRootCryptoService to KeyStoreManager, now that
they don't depend on client-specific types.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-14 18:39:38 -07:00
Aaron Lehmann d5c7c40955 Introduce a KeyStoreManager to abstract management of root and non-root key storage 
This structure encapsulates what used to be "rootKeyStore" and
"privKeyStore". These are being moved out of NotaryRepository, so that
operations like listing keys, importing keys, and exporting keys aren't
tied to a NotaryRepository structure.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-14 18:39:38 -07:00
Diogo Monica 321b155596 Godeps update, removed dependency on rufus 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-14 00:39:03 -07:00
Diogo Monica f03626a10e Refactored Rufus API 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-14 00:23:38 -07:00
Diogo Monica 9a4c2dc744 Initial copy of notary-signer 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-14 00:23:22 -07:00
Diogo Mónica 935b9a9366 Merge pull request #47 from docker/cryptoservice-refactor 
Refactor crypto service
 2015-07-13 15:29:59 -07:00
Aaron Lehmann e4704f9729 Update notary for removal of signed.Signer 
We now deal with CryptoServices directly instead of passing around
Signers.

UnlockedSigner becomes UnlockedCryptoService because it no longer
contains a Signer.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-13 15:18:02 -07:00
David Lawrence da59198191 adding htpasswd auth to support the same set of mechanisms as distribution 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 14:17:24 -07:00
Diogo Monica 765a2cf661 Refactor crypto service 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-13 13:53:47 -07:00
Diogo Monica ba94fdd19d Signature/key types are now used correcty and are represented by constants. 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
Diogo Monica 085c613527 Refactored fingerprint cert and added better debugging 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
Diogo Monica 39482c2397 Working ECDSA implementation 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-12 22:21:29 -07:00
David Lawrence d1b09962f1 using roundtripper in notary client 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-10 10:02:38 -07:00
Diogo Mónica 436e02d390 Merge pull request #32 from dmcgowan/fix-default-loglevel 
Fix default log level
 2015-07-09 23:56:13 -07:00
Ian Duffy ed4454c9c9 Fix example configuration file given in README.md 
The example configuration given in README.md is missing a comma character and doesn't form valid JSON.

This PR adds the comma as required.

Signed-off-by: Ian Duffy <ian@ianduffy.ie>
 2015-07-10 04:35:02 +01:00
Diogo Monica 06a28c89ee Added root key creation if non-existing to notary 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-09 18:56:06 -07:00
Aaron Lehmann 082d4f3c7c Change NotaryRepository to honor the baseURL passed in 
Remove "transport", because it's not used.

In the actual notary client, pass in a hard-coded URL for now (same one
previously hardcoded in getRemoteStore). In tests, create a trivial HTTP
server using net/http/httptest, which returns a timestamp.key file.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-09 17:58:33 -07:00
Diogo Monica 8c6de46aca Added list keys that ignores symlinks 2015-07-09 17:58:10 -07:00
David Lawrence 73ca456297 annotating Publish and making it accept a password retriever function 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:09 -07:00
David Lawrence 6bff14a679 refactoring NotaryClient out 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:09 -07:00
David Lawrence ebbb30b56c hold unlocked signer on repository 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:09 -07:00
David Lawrence c9ab3394de further publish updates, it pushes now, but doesn't sign roots correctly 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:09 -07:00
Diogo Monica f9f11e5781 Starting the key refactor; rename UnlockedRootKey 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-09 17:58:09 -07:00
David Lawrence 1d163650a3 changelist implementation 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)

Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:09 -07:00
David Lawrence 9d5e988586 working refactor 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-09 17:58:08 -07:00
Diogo Monica e66dc12eca More refactor 2015-07-09 17:58:08 -07:00
Diogo Monica 93f7d9911f Implementing ListTargets 2015-07-09 17:58:08 -07:00
Diogo Monica 30c0856266 Remove config from libnotary 2015-07-09 17:58:08 -07:00
Diogo Monica 1346296869 Initial libnotary refactor 
Signed-off-by: Diogo Monica <diogo@docker.com>

Ported more functionality to libnotary
 2015-07-09 17:57:48 -07:00
Derek McGowan 0f5f340d0c Fix default log level 
Work around bug in viper configuration.
Viper will always use the default since it matches the whole key match first.
Setting the default to a map keeps the config file as the first matched item.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
 2015-07-07 11:55:49 -07:00
Diogo Monica d5cdeb93bb Adding EncryptedFileStore and changing interfaces 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-05 21:02:16 -07:00
Diogo Monica fd8471038c Added a keyfilestore with encrypted PEM support 2015-07-04 12:17:54 -07:00
David Lawrence 89379a728c adding timestamping and some general cleanup 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-03 15:38:09 -07:00
Diogo Mónica 66aec225f2 Merge pull request #8 from docker/validate_root 
validate root file against cert store
 2015-07-03 14:23:25 -07:00
Diogo Monica 1eb972a820 Changed FingerprintCert to return string; renamed kID fingerprint everywhere in notary 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-06-30 21:44:57 -07:00
Diogo Monica a0e63bcaeb Fixed verification to use exact match and fallback to CA + tests 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-06-30 19:38:52 -07:00
Diogo Monica cf3d7d4b52 Removed all references of GUN from filestore 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-06-30 19:36:17 -07:00
Diogo Monica da7a1e67f5 Rebased off of master, fixed tests 2015-06-28 16:42:27 -07:00
David Lawrence cf2a819b21 validate root file against cert store 2015-06-28 16:35:24 -07:00
David Lawrence 913e2669c9 Merge pull request #16 from docker/mccauley/notary-readme 
Initial cut of notary client README
 2015-06-21 16:19:44 -07:00
Nathan McCauley ccfa3f44fd Initial cut of notary client README 
Signed-off-by: Nathan McCauley <nathan.mccauley@docker.com>
 2015-06-21 16:18:39 -07:00
David Lawrence b0ee6f0c4e putting the same warning at the top of all the readmes. 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-06-21 16:13:16 -07:00