Use the github.com/docker/distribution/context package to get a logger
that adds a unique ID and useful information about each HTTP request.
Use this logger in HTTP handlers instead of using logrus or the log
package directly.
Remove [Notary Server] and [Notary Signer] prefixes from log messages.
The distribution/context package was already vendored, so there are no
Godeps changes necessary.
Sample output:
notaryserver_1 | time="2015-07-31T23:02:01Z" level=debug msg="retrieving timestamp key for docker.com/docker"
notarysigner_1 | time="2015-07-31T23:02:01Z" level=debug msg="generated ECDSA key with keyID: ea89e7dc49a13feab1e5ed349760b148c3c6ebd86968b2bc6cb0d003a8b79f78"
notarysigner_1 | time="2015-07-31T23:02:01Z" level=debug msg="generated new ecdsa key for role: and keyID: ea89e7dc49a13feab1e5ed349760b148c3c6ebd86968b2bc6cb0d003a8b79f78"
notarysigner_1 | time="2015-07-31T23:02:01Z" level=info msg="CreateKey: Created KeyID ea89e7dc49a13feab1e5ed349760b148c3c6ebd86968b2bc6cb0d003a8b79f78"
notaryserver_1 | time="2015-07-31T23:02:01Z" level=debug msg="Creating new timestamp key for docker.com/docker. With algo: ecdsa"
notaryserver_1 | time="2015-07-31T23:02:01Z" level=debug msg="Inserting timestamp key for docker.com/docker"
notaryserver_1 | time="2015-07-31T23:02:01Z" level=debug msg="200 GET timestamp key" docker.com/docker=gun http.request.host="192.168.99.100:4443" http.request.id=a720da02-4312-48ae-b122-6d4bce9d3b20 http.request.method=GET http.request.remoteaddr="192.168.99.1:58178" http.request.uri="/v2/docker.com/docker/_trust/tuf/timestamp.key" http.request.useragent="Go 1.1 package http"
notaryserver_1 | time="2015-07-31T23:02:01Z" level=info msg="response completed" http.request.host="192.168.99.100:4443" http.request.id=a720da02-4312-48ae-b122-6d4bce9d3b20 http.request.method=GET http.request.remoteaddr="192.168.99.1:58178" http.request.uri="/v2/docker.com/docker/_trust/tuf/timestamp.key" http.request.useragent="Go 1.1 package http" http.response.duration=29.703624ms http.response.status=200 http.response.written=181
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
The gotuf library defines a function to check expiration of timestamps which notary will make use of.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Import github.com/docker/distribution/registry/api/v2 to share the
regexps that the registry API uses.
Remove ErrUnauthorized in errors package, since it conflicts with one
defined in v2.
Fixes#92
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
This instantiates a temporary server, publishes some targets to it, and
makes sure we can pull back the correct targets from the server.
Also fixes a few problems with the client unit tests, error reporting in
the client, and logging in the server.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
- Add MemoryFileStore, a partial FileStore implementation that doesn't
persist on disk.
- Create a KeyStore interface that allows pluggable key store types. Use
this interface in the cryptoservice implementation.
- Add KeyMemoryStore, which uses MemoryFileStore to provide a KeyStore.
- Add GetKey and DeleteKey functions to cryptoservice.CryptoService.
- Refactor the hardware RSA signing service as a CryptoService.
- Replace custom ed25519 code with cryptoservice.CryptoService.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Ping endpoint added so clients can get the list of authentication challenges before making an initial request.
Updated MainHandler to return JSON object instead of a string.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
ECDSA timestamp keys currently not supported by crypto service, use support ED25519.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
We now deal with CryptoServices directly instead of passing around
Signers.
UnlockedSigner becomes UnlockedCryptoService because it no longer
contains a Signer.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
