When pushing an image to Distribution server with Notary enabled at the
first time, client will try to get the root.json and it will fail since
there is nothing in Notary yet.
This patch enhances the error message by adding the error detail.
- "404 GET notary-distribution:5678/busybox:root"
Signed-off-by: Hu Keping <hukeping@huawei.com>
Use the github.com/docker/distribution/context package to get a logger
that adds a unique ID and useful information about each HTTP request.
Use this logger in HTTP handlers instead of using logrus or the log
package directly.
Remove [Notary Server] and [Notary Signer] prefixes from log messages.
The distribution/context package was already vendored, so there are no
Godeps changes necessary.
Sample output:
notaryserver_1 | time="2015-07-31T23:02:01Z" level=debug msg="retrieving timestamp key for docker.com/docker"
notarysigner_1 | time="2015-07-31T23:02:01Z" level=debug msg="generated ECDSA key with keyID: ea89e7dc49a13feab1e5ed349760b148c3c6ebd86968b2bc6cb0d003a8b79f78"
notarysigner_1 | time="2015-07-31T23:02:01Z" level=debug msg="generated new ecdsa key for role: and keyID: ea89e7dc49a13feab1e5ed349760b148c3c6ebd86968b2bc6cb0d003a8b79f78"
notarysigner_1 | time="2015-07-31T23:02:01Z" level=info msg="CreateKey: Created KeyID ea89e7dc49a13feab1e5ed349760b148c3c6ebd86968b2bc6cb0d003a8b79f78"
notaryserver_1 | time="2015-07-31T23:02:01Z" level=debug msg="Creating new timestamp key for docker.com/docker. With algo: ecdsa"
notaryserver_1 | time="2015-07-31T23:02:01Z" level=debug msg="Inserting timestamp key for docker.com/docker"
notaryserver_1 | time="2015-07-31T23:02:01Z" level=debug msg="200 GET timestamp key" docker.com/docker=gun http.request.host="192.168.99.100:4443" http.request.id=a720da02-4312-48ae-b122-6d4bce9d3b20 http.request.method=GET http.request.remoteaddr="192.168.99.1:58178" http.request.uri="/v2/docker.com/docker/_trust/tuf/timestamp.key" http.request.useragent="Go 1.1 package http"
notaryserver_1 | time="2015-07-31T23:02:01Z" level=info msg="response completed" http.request.host="192.168.99.100:4443" http.request.id=a720da02-4312-48ae-b122-6d4bce9d3b20 http.request.method=GET http.request.remoteaddr="192.168.99.1:58178" http.request.uri="/v2/docker.com/docker/_trust/tuf/timestamp.key" http.request.useragent="Go 1.1 package http" http.response.duration=29.703624ms http.response.status=200 http.response.written=181
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Ping endpoint added so clients can get the list of authentication challenges before making an initial request.
Updated MainHandler to return JSON object instead of a string.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
ECDSA timestamp keys currently not supported by crypto service, use support ED25519.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
We now deal with CryptoServices directly instead of passing around
Signers.
UnlockedSigner becomes UnlockedCryptoService because it no longer
contains a Signer.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
