centersl/docker-docs
1
0
Fork 0
mirror of https://github.com/docker/docs.git synced 2026-03-31 00:08:55 +07:00
Code Issues Packages Projects Releases Wiki Activity
304 Commits 54 Branches 28 Tags
3debfbca103f33bfb5b4b520ef04a40bccac96c2
Commit Graph

304 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Diogo Monica
3debfbca10 Reissued all certs with correct SANs 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-15 21:42:24 -07:00
Diogo Monica
ddfcd50471 Changing .pem to .crt everywhere 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-15 20:44:09 -07:00
Diogo Monica
3d58e6b810 Added tests for x509Filestore 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-15 19:57:48 -07:00
Diogo Monica
d743dfac6e Fixed config files and trust manager tests to point at new fixtures 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-15 19:46:57 -07:00
Diogo Monica
cdee810942 Changed notary-server to point at new certs 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-15 19:45:34 -07:00
Diogo Monica
9a065a8d40 Adding new testing fixtures 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-15 19:44:58 -07:00
Diogo Monica
76d81563b3 Simplifying AddCertFromPEM to use help functions 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-15 19:44:37 -07:00
Diogo Mónica
7331b3a0e8 Merge pull request #60 from docker/coverage-script 
Adding script to output coverage over all packages
 2015-07-14 20:17:00 -07:00
Diogo Monica
bbc53376ba Removing uneeded push to coveralls 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-14 20:16:17 -07:00
Diogo Monica
dea91dff07 Adding script to output coverage over all packages 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-14 19:23:53 -07:00
Diogo Mónica
0884207464 Merge pull request #59 from docker/keystoremanager 
KeyStoreManager
 2015-07-14 18:47:35 -07:00
Aaron Lehmann
a16581ecc7 Move CryptoService and UnlockedCryptoService into a cryptoservice package 
Move GenRootKey and GetRootCryptoService to KeyStoreManager, now that
they don't depend on client-specific types.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-14 18:39:38 -07:00
Aaron Lehmann
6068f30145 Move caStore and certificateStore into KeyStoreManager 
Refactor validateRoot into KeyStoreManager. It now takes the DNS name as
a parameter. When KeyStoreManager is used with a NotaryRepository, the
DNS name should be the GUN of the repository.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-14 18:39:38 -07:00
Aaron Lehmann
d5c7c40955 Introduce a KeyStoreManager to abstract management of root and non-root key storage 
This structure encapsulates what used to be "rootKeyStore" and
"privKeyStore". These are being moved out of NotaryRepository, so that
operations like listing keys, importing keys, and exporting keys aren't
tied to a NotaryRepository structure.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-14 18:39:38 -07:00
Richard Scothern
3cc3a0d489 Merge pull request #58 from docker/fixing-docker-building 
Working docker build/docker compose
 2015-07-14 16:05:57 -07:00
Diogo Monica
394237cfe6 Adding link to notary-signer in dockerfile 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-14 15:57:11 -07:00
Diogo Monica
657150ca9b Working docker build/docker compose 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-14 15:46:21 -07:00
Diogo Mónica
5490ece809 Merge pull request #56 from dmcgowan/fix-timestamp-algorithm 
Change fallback timestamp algorithtm to supported version
 2015-07-14 15:39:48 -07:00
Diogo Mónica
eb8e868e6d Merge pull request #53 from docker/import-notary-signer 
Import notary signer, refactor notary-signer API again
 2015-07-14 14:33:10 -07:00
Nathan McCauley
79af8434d3 exclude proto gen'd code from go fmt during circle ci 
Signed-off-by: Nathan McCauley <nathan.mccauley@docker.com>
 2015-07-14 14:21:52 -07:00
Nathan McCauley
40fd60264a exclude proto gen'd code from go fmt 
Signed-off-by: Nathan McCauley <nathan.mccauley@docker.com>
 2015-07-14 14:13:19 -07:00
Aaron Lehmann
c82440258f Add documentation for FindKeyByID function 
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-14 14:06:52 -07:00
Derek McGowan
3971955cfe Change fallback timestamp algorithtm to supported version 
ECDSA timestamp keys currently not supported by crypto service, use support ED25519.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
 2015-07-14 11:44:50 -07:00
Aaron Lehmann
e7e9ef4a0d Don't hardcode RSA algorithm 
When we need to find a key from its ID, search all available signing
services. There should only be a few, so this shouldn't have much
overhead. This avoids the need to maintain a persistent mapping between
key ID and the responsible signing service.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-14 10:49:43 -07:00
Diogo Monica
321b155596 Godeps update, removed dependency on rufus 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-14 00:39:03 -07:00
Diogo Monica
f03626a10e Refactored Rufus API 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-14 00:23:38 -07:00
Diogo Monica
9a4c2dc744 Initial copy of notary-signer 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-14 00:23:22 -07:00
Diogo Monica
ead0224526 Removing commented out code 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-13 20:32:51 -07:00
David Lawrence
b8674162f8 Merge pull request #44 from endophage/atomic_update 
Atomic updates of metadata.
 2015-07-13 20:23:01 -07:00
David Lawrence
0f26bdf956 adding errors if role is empty or bad 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 19:50:09 -07:00
David Lawrence
6dd18754b2 Merge pull request #48 from endophage/db_schema 
refactoring database schema out into its own file
 2015-07-13 18:45:45 -07:00
David Lawrence
81ab80d0bf adding sqlmock godep 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 18:19:31 -07:00
David Lawrence
6533da1be4 tests for atomic update 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 18:19:31 -07:00
David Lawrence
5bcd3ff52d reworking the insert check for TUF metadata in the database 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 18:18:33 -07:00
David Lawrence
40921a4bed fixing lint and vet errors 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 18:18:33 -07:00
David Lawrence
ec08d28610 provide an additional handler to allow clients to update any set of TUF metadata atomically 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 18:18:33 -07:00
David Lawrence
c35eed7b36 Merge pull request #50 from dmcgowan/fix-token-type 
Fix access controller resource type
 2015-07-13 17:46:36 -07:00
Derek McGowan
e4bb29a669 Fix access controller resource type 
The token server returns tokens with the type as "repository" not "repo".

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
 2015-07-13 16:22:05 -07:00
Diogo Mónica
935b9a9366 Merge pull request #47 from docker/cryptoservice-refactor 
Refactor crypto service
 2015-07-13 15:29:59 -07:00
Diogo Monica
8dcea65731 Adding new gotuf 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-13 15:28:33 -07:00
Aaron Lehmann
e4704f9729 Update notary for removal of signed.Signer 
We now deal with CryptoServices directly instead of passing around
Signers.

UnlockedSigner becomes UnlockedCryptoService because it no longer
contains a Signer.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-13 15:18:02 -07:00
Aaron Lehmann
ea298b4999 Update gotuf to 875881b1d0ce625f54318e3ebfd79414a6b5e285 
This brings in the Signer removal.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
 2015-07-13 14:42:24 -07:00
David Lawrence
bfdb5f72b0 refactoring database schema out into its own file for easier use outside of containers 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 14:41:51 -07:00
David Lawrence
76478a52ab Merge pull request #11 from docker/authentication 
Auth mechanisms
 2015-07-13 14:33:11 -07:00
David Lawrence
12dd2c2273 challenge.ServeHTTP doesn't set Unauthorized status code 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 14:21:14 -07:00
David Lawrence
da59198191 adding htpasswd auth to support the same set of mechanisms as distribution 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2015-07-13 14:17:24 -07:00
Diogo Monica
a139807d89 Fixing lint 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-13 14:01:26 -07:00
Diogo Monica
765a2cf661 Refactor crypto service 
Signed-off-by: Diogo Monica <diogo@docker.com>
 2015-07-13 13:53:47 -07:00
David Lawrence
17af21f00c Merge pull request #46 from dmcgowan/use-distribution-uuid 
Use uuid library from distribution
 2015-07-13 10:56:13 -07:00
Derek McGowan
c87caf3979 Use uuid library from distribution 
Distribution updated context library to use its own uuid library which does not panic on entropy exhaustion.
Updated to use latest context library from distribution.
Updated auth to match context and uuid library version.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
 2015-07-13 10:09:06 -07:00