centersl/docker-docs
1
0
Fork 0
mirror of https://github.com/docker/docs.git synced 2026-04-05 02:38:52 +07:00
Code Issues Packages Projects Releases Wiki Activity
1,566 Commits 56 Branches 28 Tags
4898d252ee16d7a49635efe656fa69397e90d770
Commit Graph

310 Commits

Author SHA1 Message Date
Ying Li
44cccbb4db Make all key rotations publish immediately, not just remote key rotations 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-15 18:35:30 -07:00
Ying Li
fa5edc40af Publish only the key rotation changes after a remote key rotation 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-15 18:17:27 -07:00
Ying Li
b6c4840231 Update comments, and publish in the CLI after remote key rotation 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-15 18:17:27 -07:00
Ying Li
e3716f0be9 Change the CLI for rotate key to require a role type 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-15 18:17:27 -07:00
Ying Li
07b9f504e4 Update the CLI and client to no longer reject remote timestamp rotations. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-15 18:17:27 -07:00
Ying Li
4022e97b08 Use 'require' instead of 'assert' in client and TUF client tests 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-15 13:52:48 -07:00
Ying Li
e25746dac3 Use a CacheControlHandler that wraps other handlers instead 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-14 17:19:13 -07:00
HuKeping
6b96c7e56d [PATCH 3/8] Add sha512 when creating target, snapshot and timestamp 
Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-03-11 10:44:42 +08:00
Ying Li
1bfafa0b77 Add test to check that if a key is rotated, but the requisite piece of 
metadata hasn't been resigned, that an update fails because the
cached version is no longer valid.

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-03-03 09:22:26 -08:00
David Lawrence
cb2dd07edc the server was not setting the longer snapshot expiry time. When generating a timestamp it was also retriving the snapshot directly from the database and only validating the checksum still matched what was in the timestamp. Due to the addition of consistent downloads, this mean a new snapshot never got generated. It is necessary for GetOrCreateTimestamp to call GetOrCreateSnapshot to ensure a new snapshot is generated as and when required 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-02-24 15:51:31 -08:00
Riyaz Faizullabhoy
bde878cdb6 changing API for updating delegations 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-23 11:57:08 -08:00
Riyaz Faizullabhoy
729bb88537 addressing review comments 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-23 11:55:31 -08:00
Riyaz Faizullabhoy
06e34e825a walk for updating/creating delegations, validate changes to paths 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-23 11:55:31 -08:00
Riyaz Faizullabhoy
fe1c8ea1d8 More robust errors for visitor and walker, improve comments 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-23 11:55:31 -08:00
Riyaz Faizullabhoy
a7153aeccb WalkTargets on tuf repo, use in getting targets/roles 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-23 11:55:31 -08:00
Ying Li
be3520c011 Update the integration tests after rebase 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-02-22 19:52:18 -08:00
Ying Li
4b13e7d358 Refactor RootRole verification into a helper function used by root and targets validation 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-02-22 19:16:32 -08:00
Ying Li
36ea1f6901 Add root metadata validation to the root data structure 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-02-22 19:16:32 -08:00
Ying Li
b8866877b0 Clarify test comment 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-02-18 18:59:14 -08:00
Riyaz Faizullabhoy
14edbe33e1 add snapshot meta check in download root, update tests 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-17 19:40:11 -08:00
Ying Li
9dfaee1add Refactor and add to per-metadata-type mutation tests 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-02-17 19:39:57 -08:00
Ying Li
edb70b5474 Fix test bug where root role mutations weren't being tested 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-02-17 19:35:03 -08:00
Ying Li
401690d621 Include client update tests to test updating non-root metadata that are missing pieces 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-02-17 19:35:03 -08:00
Ying Li
95325cd19b Include client update tests to test updating roots that are missing roles 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-02-17 19:35:03 -08:00
Riyaz Faizullabhoy
0d10758c32 Merge pull request #566 from docker/role-types-getters 
Role types with keys, remove keyDB
 2016-02-17 18:17:34 -08:00
David Lawrence
1db128778d completely removing KeyDB 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-02-16 21:11:13 -08:00
Riyaz Faizullabhoy
5931f93134 fix current typos 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-16 13:36:57 -08:00
Ying Li
aaef008706 Add test function to ensure that fixture expiry dates are all far far in the future. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-02-04 17:14:00 -08:00
Ying Li
00203f7785 Update the previous backwards compatibility test, and add a new test for downloading. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-02-04 11:51:20 -08:00
Riyaz Faizullabhoy
0369344a78 split client.go into delegations.go 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-02 17:10:07 -08:00
Riyaz Faizullabhoy
9c84547853 Add tests against old style changes and clear paths 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-02 17:01:35 -08:00
Riyaz Faizullabhoy
70ee4f8670 PoC broken down client api for delegations 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-02-02 17:01:35 -08:00
David Lawrence
c07c7b49c2 removing last vestiges of target download code 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-02-02 11:39:17 -08:00
David Lawrence
637a2331d4 client side of consistent downloads 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-29 16:52:58 -08:00
Riyaz Faizullabhoy
a16e6b58b5 use only canonical IDs for display on delegation CLI commands, translate to TUF key IDs for metadata usage under the hood 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-29 16:00:42 -08:00
Ying Li
5a39366f75 Clarify comments w.r.t. having an 'extra space' as being corrupted in transit. 
Also, we are not sure if we want to support thresholds, so make sure the comments
reflect that.

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-29 11:07:01 -08:00
Ying Li
1baf3c781c Add test that update fails if the local root is corrupt AND the remote root is corrupt. 
Signed-off-by: Ying Li <ying.li@docker.com>

Conflicts:
	client/client_update_test.go
 2016-01-29 11:07:01 -08:00
Ying Li
237561a2a9 Fixed timestamp downloading so if verification fails, we fall back to cached. 
Signed-off-by: Ying Li <ying.li@docker.com>

Conflicts:
	tuf/client/client.go
 2016-01-29 11:05:21 -08:00
Ying Li
befd30e9a4 Add tests for updating if server has metadata corruption such that the checksum was valid. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-29 11:01:31 -08:00
Ying Li
f8a0e46b6c Add test for when any downloaded metadata has an invalid checksum compared to snapshot or timestamp. 
Signed-off-by: Ying Li <ying.li@docker.com>

Conflicts:
	client/client_update_test.go
 2016-01-29 11:01:31 -08:00
Riyaz Faizullabhoy
41643d4a9c make -1 read up to 100MB of data, use for non-timestamps. Reduce 
timestamp to 1MB max

Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-28 10:17:17 -08:00
Riyaz Faizullabhoy
a6159a45d1 ensure filestore GetMeta only returns up to size bytes. Standardize constant for max size 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-28 10:16:19 -08:00
Jessica Frazelle
a64db12c04 change url from jfrazelle/go to docker/go 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
 2016-01-26 08:43:38 -08:00
HuKeping
3cd3614de6 Tiny refactor 
Just to keep consistent with the others.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-01-25 15:14:08 +08:00
Diogo Mónica
341bd335f5 Merge pull request #475 from docker/repo-info-lib 
get all current role information for a repo
 2016-01-22 16:31:28 -08:00
Ying Li
499d5a7c0c Add an extra targets/b delegation chain to the tests. 
Also, shorten some of the options (do not specify false, since that's default).

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-21 16:34:53 -08:00
Ying Li
e79839b216 Add better error reporting for update tests. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-21 13:23:30 -08:00
Ying Li
dde9531b4a Fix an error where we get a JSON syntax error on server 404 or 50X. 
We were testing to see if the cached metadata was nil, but we actually
set it to an empty data.Signed object, but didn't always set it to nil
if we failed to get local metadata.

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-21 13:23:30 -08:00
Ying Li
36684a3290 Use cached timestamp if we get a 404 when updating timestamp. 
We use the cached timestamp for all other errors, so this makes the
error consistent.  The only special metadata is the root.json, where a 404
signifies that the repository doesn't exist.  Also update the message
when a cached timestamp is used.

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-21 13:23:16 -08:00
Riyaz Faizullabhoy
25a1e9aed7 change to ListRoles, and GetAllLoadedRoles 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-20 15:58:55 -08:00