Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Be able to read keys even if they are not in the root/non-root subdirs #981

Merged
merged 2 commits into from
Sep 29, 2016
Merged

Be able to read keys even if they are not in the root/non-root subdirs #981

merged 2 commits into from
Sep 29, 2016

Conversation

cyli
Copy link
Contributor

@cyli cyli commented Sep 28, 2016

This way a 0.4.1 client can read a repo that a client built from master (with the flattened keystore #872) converts

endophage
endophage reviewed Sep 28, 2016
View reviewed changes
CHANGELOG.md
@@ -4,6 +4,7 @@
+ Preliminary Windows support for notary client [#970](https://github.com/docker/notary/pull/970)
+ Output message to CLI when repo changes have been successfully published [#974](https://github.com/docker/notary/pull/974)
+ Improved error messages for client authentication errors and for the witness command [#972](https://github.com/docker/notary/pull/972)
+ Support for finding (but not writing) keys even if they are not in the "root_keys" or "tuf_keys" subdirectories [#981](https://github.com/docker/notary/pull/981)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should probably be more specific because at the moment this reads like "we'll find keys anywhere!" It's that we'll also look one dir up in private/ right?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah true, we only check in the private dir. Fixed, and I've also add that test.

riyazdf
riyazdf approved these changes Sep 29, 2016
View reviewed changes
Copy link
Contributor

@riyazdf riyazdf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is awesome, LGTM on green 👍

trustmanager/keystore_test.go
require.True(t, os.IsNotExist(err), "file should not exist")
}

// removing a non-existant key should not error
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

typo: non-existent

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks. :) I always misspell that - need to re-train my muscle memory for that word. Fixed!

@cyli
Update changelog
128bf0c 
Signed-off-by: Ying Li <[email protected]>
@cyli cyli merged commit 8f0965c into notaryproject:hotfix/0.4.1 Sep 29, 2016
@cyli cyli deleted the read-flattened-keystore branch September 29, 2016 17:18
@cyli cyli mentioned this pull request Sep 30, 2016
Merged
@noderunner
Copy link

Will this allow users to use client certificates when connecting to a remote Docker registry? What kind of keys are read from this location?

@riyazdf
Copy link
Contributor

riyazdf commented Jan 13, 2017

@noderunner this change relates to signing keys used for Notary and Docker Content Trust, for more info about docker registry certificates you might be interested in this documentation: https://docs.docker.com/engine/security/certificates/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@endophage endophage endophage left review comments

@riyazdf riyazdf riyazdf approved these changes

Assignees
No one assigned
Labels
status/0-triage
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@cyli @noderunner @riyazdf @endophage @GordonTheTurtle