centersl/docker-docs
1
0
Fork 0
mirror of https://github.com/docker/docs.git synced 2026-04-06 03:08:58 +07:00
Code Issues Packages Projects Releases Wiki Activity
1,347 Commits 56 Branches 28 Tags
befd30e9a4e2d3db0fed29f91c396c474ecfd23a
Commit Graph

1347 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ying Li
befd30e9a4 Add tests for updating if server has metadata corruption such that the checksum was valid. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-29 11:01:31 -08:00
Ying Li
bb5f9cc170 Update swizzler so that if messing up the root file, we can still get the pub keys and sign. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-29 11:01:31 -08:00
Ying Li
f8a0e46b6c Add test for when any downloaded metadata has an invalid checksum compared to snapshot or timestamp. 
Signed-off-by: Ying Li <ying.li@docker.com>

Conflicts:
	client/client_update_test.go
 2016-01-29 11:01:31 -08:00
Ying Li
a969db7a13 Add swizzler method to just change the checksum by adding a space. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-29 11:01:31 -08:00
Diogo Mónica
e0b507bfc2 Merge pull request #501 from HuKeping/work-branch 
Use seperate databases for notary server and signer
 2016-01-29 10:13:18 -08:00
HuKeping
4b77c49401 Tiny rework on mysql start scripts. 
Fix some typo and update some comments.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-01-29 10:10:25 +08:00
HuKeping
c739428591 [PATCH 4/4] Add docs for notary mysql 
This patch add the recommendation to guide people deploying a more
secure MySQL for notary.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-01-29 10:10:25 +08:00
HuKeping
91d66f5e7a [PATHC 3/4] Only create the needed tables 
Make database notaryserver and notarysigner only create the tables they
need.

The signer only needs the private_keys table, and the server only needs
the timestamp_keys and tuf_files tables.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-01-29 10:10:25 +08:00
HuKeping
9427c372af [PATCH 2/4] Add check for old database notary 
Check whether the database `notary` exist or not and warn people
to manually migrate those tables if it exist.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-01-29 10:10:25 +08:00
HuKeping
e77db8a308 [PATCH 1/4] Use seperate databases for notary server and signer 
For security, server should not be able to access the `private_key` table
and we can go further more, say, use seperate databases for the server
and signer.

This patch creates two users corresponding to the different databases.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-01-29 10:10:25 +08:00
Diogo Mónica
54667d1254 Merge pull request #520 from endophage/add_logf_docs 
adding doc for notary-server -logf option
 2016-01-28 17:59:33 -08:00
Diogo Mónica
96d451e1c5 Merge pull request #495 from docker/filestore-getmeta-size 
ensure filestore GetMeta only returns up to size bytes.  Add max size constant
 2016-01-28 17:36:35 -08:00
Diogo Mónica
32d9cd7c4a Merge pull request #485 from docker/passphrase-change 
passwd command and tests
 2016-01-28 17:35:44 -08:00
Diogo Mónica
ab389c6849 Merge pull request #517 from docker/changelog-doc 
Add a doc about how to upgrade to v0.2.
 2016-01-28 17:34:15 -08:00
David Lawrence
80fb9f2e12 adding doc for notary-server -logf option 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-28 17:32:35 -08:00
Ying Li
8c895747c5 Add a doc about how to upgrade to v0.2. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-28 16:21:22 -08:00
Riyaz Faizullabhoy
8f0a3c3975 Merge pull request #512 from HuKeping/tiny 
Tiny refactor: to keep code style consistent
 2016-01-28 14:20:26 -08:00
Riyaz Faizullabhoy
9c59af1397 passwd command and tests 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-28 10:36:05 -08:00
Riyaz Faizullabhoy
41643d4a9c make -1 read up to 100MB of data, use for non-timestamps. Reduce 
timestamp to 1MB max

Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-28 10:17:17 -08:00
Riyaz Faizullabhoy
660c4a5f23 Add slow tests for downloading very large snapshot and targets meta files, comment on max size const 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-28 10:16:19 -08:00
Riyaz Faizullabhoy
a6159a45d1 ensure filestore GetMeta only returns up to size bytes. Standardize constant for max size 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-28 10:16:19 -08:00
HuKeping
6b31789fe5 Tiny refactor: to keep code style consistent 
The other CLI commands about tuf are all begin with cmdTufXXX
which I think `verify` should be the same too.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-01-28 20:13:39 +08:00
David Lawrence
a5df40762d Merge pull request #510 from endophage/better_401 
return a better error message if the HTTP status code was 401
 2016-01-27 16:04:21 -08:00
David Lawrence
6fa388b467 return a better error message if the HTTP status code was 401 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-27 11:52:23 -08:00
Diogo Mónica
c4277dd221 Merge pull request #508 from docker/log-level 
move verifier and update logs down to debug level
 2016-01-27 08:55:44 -08:00
Diogo Mónica
f4311b3a27 Merge pull request #509 from docker/reject-short-keys 
Add check for RSA key len before adding delegation
 2016-01-27 08:54:27 -08:00
Ying Li
c90e1bd8c8 Merge pull request #500 from docker/speed-up-tests 
Don't run all the tests with yubikey
 2016-01-27 08:53:45 -08:00
Riyaz Faizullabhoy
83c5ed255b Add check for RSA key len before adding 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-26 23:27:06 -08:00
Riyaz Faizullabhoy
ceca4c233e move verifier and update logs down to debug level 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-26 23:02:54 -08:00
Diogo Mónica
7eb86f7a64 Merge pull request #493 from docker/delegation-cli-text 
delegations CLI UX improvements
 2016-01-26 15:32:20 -08:00
Ying Li
c1f3550b54 Merge pull request #499 from jfrazelle/update-url 
change url from jfrazelle/go to docker/go
 2016-01-26 10:53:26 -08:00
Jessica Frazelle
a64db12c04 change url from jfrazelle/go to docker/go 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
 2016-01-26 08:43:38 -08:00
Ying Li
c583063014 Do not run all the tests when testing yubikey hardware. 
The tests take forever, since it *cannot* be parallelized at all, and there
can only be one build at a time.

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-25 22:03:39 -08:00
Riyaz Faizullabhoy
87cc809f18 Merge pull request #491 from docker/tuf-update-logs 
allow for configurable log level, change default for CLI
 2016-01-25 17:24:32 -08:00
Riyaz Faizullabhoy
774b66c9fe delegations CLI UX improvements 
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-25 16:14:02 -08:00
Riyaz Faizullabhoy
12d3eb49ae Change default log level to fatal, change verbose to error level and add 
debug flag for debug level

Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
 2016-01-25 16:13:42 -08:00
Diogo Mónica
ffe603a968 Merge pull request #498 from docker/integration-test-fix 
Root is always on disk unless restored from backup, in which case it may only be on a yubikey
 2016-01-25 15:56:35 -08:00
Ying Li
a1aa4d7078 Attempt to simplify pushing to codecov, since codecov can do merges. 
Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-25 15:18:24 -08:00
Ying Li
b51d1e8cf8 Root is always on disk unless restored from backup. 
(In which case if Yubikey is available, it will only be on the Yubikey and not on disk.)

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-25 13:37:39 -08:00
Riyaz Faizullabhoy
20648f18e9 Merge pull request #497 from HuKeping/work-branch 
Tiny refactor
 2016-01-25 09:21:06 -08:00
HuKeping
3cd3614de6 Tiny refactor 
Just to keep consistent with the others.

Signed-off-by: Hu Keping <hukeping@huawei.com>
 2016-01-25 15:14:08 +08:00
David Lawrence
3c874f3080 Merge pull request #474 from endophage/consistent 
Consistent TUF Files
 2016-01-24 11:10:31 -08:00
David Lawrence
d38d7ceb89 moving checksum after role in urls. We're breaking with spec for an easier to manage filename system 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-24 10:38:55 -08:00
David Lawrence
adfbe6938e cleaning up logging 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-24 10:38:55 -08:00
David Lawrence
27961b010e negative tests for get by checksum 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-24 10:38:55 -08:00
David Lawrence
4738760794 get by checksum 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-24 10:38:55 -08:00
David Lawrence
6f7acb6ddf adding server logic for clients to request consistent TUF files 
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
 2016-01-24 10:38:55 -08:00
Diogo Mónica
341bd335f5 Merge pull request #475 from docker/repo-info-lib 
get all current role information for a repo
 2016-01-22 16:31:28 -08:00
Ying Li
08deb7f8ef Merge pull request #484 from docker/update-when-server-error-tests 
Add tests for when the server 404's or 50X's when updating
 2016-01-22 15:37:45 -08:00
Ying Li
499d5a7c0c Add an extra targets/b delegation chain to the tests. 
Also, shorten some of the options (do not specify false, since that's default).

Signed-off-by: Ying Li <ying.li@docker.com>
 2016-01-21 16:34:53 -08:00