docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,146 Commits 25 Branches 28 Tags 827 MiB
Commit Graph

14 Commits

Author SHA1 Message Date
Ying Li 34055f8cf7 Code cleanups as per review, and after rebasing. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-18 16:51:48 -08:00
Ying Li 0892ebb13f Add checks to TUFRepo to fail on updating a target if there are no signing keys. 
So UpdateDelegation, DeleteDelegation, AddTargets, RemoveTargets now
all check for the role existence, not metadata existence.  And they
also check the role's signing keys - there's no point in adding if
we can't sign.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-18 16:37:24 -08:00
Ying Li c12958af36 Do not sign the actual targets metadata unless it's dirty. 
Previously we were always signing it, but we can't do that anymore
because then delegated users won't be able to publish ever (they
probably don't have the target key).

Some other related changes: when role keys are rotated, that role
needs to be marked as dirty now in order to be re-signed and
published.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-18 16:37:24 -08:00
Ying Li 7592a029ef Do not create the delegation metadata when the delegation is created. 
Only create it when a target is added to it, or other delegations
are added to it, or when getting a child delegation.

Signed-off-by: Ying Li <ying.li@docker.com>
 2015-12-18 16:37:24 -08:00
David Lawrence 4243b258b3 making GetTargetsByName work with delegations 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-17 10:46:41 -08:00
David Lawrence 63ecf5f92f server side delegations support in validation and snapshot generation 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-16 15:06:05 -08:00
David Lawrence 5891805b29 addressing review 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-15 16:21:30 -08:00
David Lawrence 79b05d4c0a changelists for delegations 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-14 17:23:47 -08:00
David Lawrence fb5c9b28a4 low level tuf delegation primitives with full test coverage 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-12-14 10:11:47 -08:00
David Lawrence 1074897040 delete non-root keys from cryptoservice when they get rotated out 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-11-12 01:09:38 -08:00
David Lawrence 519a2ccbe8 removing all errors that aren't in use, fixing one place in memorystore that was using a different errorcode to all other stores, pushing errors into appropriate packages 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-11-12 01:08:49 -08:00
Ying Li 7dc0dbec84 Remove the cryptoservice argument to sign 
Signed-off-by: Ying Li <ying.li@docker.com>
 2015-10-29 16:34:21 -07:00
David Lawrence f73560d839 creating concrete types for the various key ciphers 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-10-28 16:02:55 -07:00
David Lawrence 2833a88292 adding gotuf to notary 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-10-27 16:36:06 -07:00