docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,738 Commits 21 Branches 28 Tags 816 MiB
Commit Graph

190 Commits

Author SHA1 Message Date
Ying Li cea46f7c3e Change root cert rotation to be root key rotation instead 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-04-13 22:12:53 -07:00
Ying Li 708507adde Require signing with all previous roles, instead of just the immediately previous role 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-04-13 22:10:58 -07:00
Ying Li 160ea2bc54 Address review comments and improve docstrings 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-04-13 11:48:36 -07:00
Miloslav Trmač d835fbbca2 Implement root certificate rotation in NotaryRepository 
NotaryRepository can now list root certificates, and
generate new versions (as changelists to be applied
on Publish).

This is a pretty mechanical encapsulation of the
root certificate rotation support in Repo.AddBaseKeys
and Repo.RemoveBaseKeys. The only slightly interesting
part is ListRootCert, which requires on-line access
to ensure fresh data, and depends on CertStore doing
some verification for us.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2016-04-13 11:48:36 -07:00
Miloslav Trmač f23f2093e3 Create enough signatures as role's threshold requires 
Tell signed.Sign how many signatures are necessary to sign a role, and
have it fail if it cannot create that many.

For most uses this does not make much of a difference because the
threshold tends to be 1 and signed.Sign was already failing if no key
could be found or if no signature could be created; only >1-threshold
roles now (correctly) fail in additional situations. But the knowledge
of a role’s threshold will be useful in a future commit.

Always use ErrInsufficientSignatures for this failure, whether this is
when loading the keys or actually using them (also fixing
ErrInsufficentSignature documentation to refer to signing and not
verification). ErrNoKeys is no longer returned by signed.Sign.

So, adjust the “snapshot key is not available” logic in
NotaryRepository.Publish accordingly, which also makes it more precise
(actually triggering only when no snapshot key is available).

Now that role's threshold is enforced when signing, update
TestValidateRootInvalidTimestampThreshold to create the second key
necessary to correctly sign the timestamp role.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2016-04-13 11:48:36 -07:00
Miloslav Trmač 14a563bb51 Add a few more descriptive comments 
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2016-04-12 14:33:45 -07:00
Ying Li f8c42e4cbf NotaryRepository.Update now just returns an error, rather than a client 
an error, because we don't actually use the client anymore.

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-04-06 14:08:08 -07:00
HuKeping 0a60261fab Use constant for root role 
Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-03-29 07:08:23 +08:00
HuKeping ddff581bd8 Use constant for targets role 
Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-03-29 07:08:16 +08:00
HuKeping 67b0ec3771 Use constant for snapshot 
Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-03-28 17:21:24 +08:00
Riyaz Faizullabhoy 9ecd899e25 Removing key import and gun from cryptoservice 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-03-18 11:31:03 -07:00
Ying Li 44cccbb4db Make all key rotations publish immediately, not just remote key rotations 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-15 18:35:30 -07:00
Ying Li fa5edc40af Publish only the key rotation changes after a remote key rotation 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-15 18:17:27 -07:00
Ying Li e3716f0be9 Change the CLI for rotate key to require a role type 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-15 18:17:27 -07:00
Ying Li 07b9f504e4 Update the CLI and client to no longer reject remote timestamp rotations. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-15 18:17:27 -07:00
HuKeping 6b96c7e56d [PATCH 3/8] Add sha512 when creating target, snapshot and timestamp 
Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-03-11 10:44:42 +08:00
David Lawrence cb2dd07edc the server was not setting the longer snapshot expiry time. When generating a timestamp it was also retriving the snapshot directly from the database and only validating the checksum still matched what was in the timestamp. Due to the addition of consistent downloads, this mean a new snapshot never got generated. It is necessary for GetOrCreateTimestamp to call GetOrCreateSnapshot to ensure a new snapshot is generated as and when required 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-02-24 15:51:31 -08:00
Riyaz Faizullabhoy 729bb88537 addressing review comments 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-23 11:55:31 -08:00
Riyaz Faizullabhoy 06e34e825a walk for updating/creating delegations, validate changes to paths 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-23 11:55:31 -08:00
Riyaz Faizullabhoy fe1c8ea1d8 More robust errors for visitor and walker, improve comments 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-23 11:55:31 -08:00
Riyaz Faizullabhoy a7153aeccb WalkTargets on tuf repo, use in getting targets/roles 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-23 11:55:31 -08:00
Riyaz Faizullabhoy 0d10758c32 Merge pull request #566 from docker/role-types-getters 
Role types with keys, remove keyDB
 2016-02-17 18:17:34 -08:00
David Lawrence 1db128778d completely removing KeyDB 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-02-16 21:11:13 -08:00
Riyaz Faizullabhoy 5931f93134 fix current typos 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-16 13:36:57 -08:00
Riyaz Faizullabhoy 0369344a78 split client.go into delegations.go 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-02 17:10:07 -08:00
Riyaz Faizullabhoy 9c84547853 Add tests against old style changes and clear paths 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-02 17:01:35 -08:00
Riyaz Faizullabhoy 70ee4f8670 PoC broken down client api for delegations 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-02 17:01:35 -08:00
David Lawrence c07c7b49c2 removing last vestiges of target download code 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-02-02 11:39:17 -08:00
David Lawrence 637a2331d4 client side of consistent downloads 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-29 16:52:58 -08:00
Riyaz Faizullabhoy a16e6b58b5 use only canonical IDs for display on delegation CLI commands, translate to TUF key IDs for metadata usage under the hood 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-29 16:00:42 -08:00
Riyaz Faizullabhoy 41643d4a9c make -1 read up to 100MB of data, use for non-timestamps. Reduce 
timestamp to 1MB max

Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-28 10:17:17 -08:00
Riyaz Faizullabhoy a6159a45d1 ensure filestore GetMeta only returns up to size bytes. Standardize constant for max size 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-28 10:16:19 -08:00
HuKeping 3cd3614de6 Tiny refactor 
Just to keep consistent with the others.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-01-25 15:14:08 +08:00
Riyaz Faizullabhoy 25a1e9aed7 change to ListRoles, and GetAllLoadedRoles 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-20 15:58:55 -08:00
Riyaz Faizullabhoy a052d9e105 client library for retrieving keys and signatures for all roles 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-20 12:00:09 -08:00
Ying Li 3c72ef762b Merge pull request #482 from docker/random-lint-fix 
Add some comments about the notary constants, and other lint fixes.
 2016-01-19 23:39:11 -08:00
Ying Li 6f2e851b29 Merge pull request #479 from docker/remove_to_lower 
Do not lowercase role names when adding a change
 2016-01-19 16:22:41 -08:00
Ying Li 2ff7bf6375 Add some comments about the notary constants, and other lint fixes. 
It seems that `make vet` sometimes disagrees locally vs on CircleCI.  This
just fixes my local `make vet` complaints.

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-19 15:55:47 -08:00
Ying Li a3b9a5543f Do not lowercase role names when adding a change 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-19 14:32:00 -08:00
Ying Li cf0bb5a9be Merge pull request #440 from docker/diogo-cli-adding-delegations 
delegation command for notary-cli
 2016-01-19 13:54:56 -08:00
Riyaz Faizullabhoy ca67f1e71a client library deletion functionality, and integration into remove cert 
CLI

Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-19 11:18:33 -08:00
Riyaz Faizullabhoy 138d6cea09 Add, remove, and list delegation command. TUF changelist action change 
for deletions (force vs. individual items)
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-18 16:24:45 -08:00
David Lawrence c0fb05584e fixing incorrect comments 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-15 11:30:32 -08:00
David Lawrence 9e80ad8158 remove certs.NewManager function 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-15 11:30:32 -08:00
David Lawrence a8b21cafe0 CertManager is completely removed 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-15 11:30:32 -08:00
Ying Li d4820c5756 Translate ErrMetaNotFound when updating, so long as it's on root, to ErrRepositoryNotExist. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-14 15:27:11 -08:00
Ying Li f57f2beb08 Factor marshalling a SignedRoot into JSON into TUF/data/root.go, and 
add an injectable serializer (so we can test JSON marshalling/unmarshalling
error propagation).

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-14 10:51:24 -08:00
Ying Li b74f1835b7 Ensure that we do not unnecessarily re-sign/serialize a root.json file on publish 
Adds additional tests to ensure that keys aren't unnecessarily created on error,
and that only the required keys to sign are used.

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-14 10:51:24 -08:00
Diogo Mónica 26d3f3f92b Merge pull request #413 from endophage/fix_root_download 
fixing bootstrapClient to prefer cached root
 2016-01-13 15:48:39 -08:00
David Lawrence 06d23e14c9 add test for invalid remote URL 
add offline store for use when we can't initialize a remote store
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-13 15:26:57 -08:00