1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00

golint: trust

contributes to #14756

Signed-off-by: Sevki Hasirci <s@sevki.org>
This commit is contained in:
Sevki Hasirci 2015-07-28 21:18:04 +03:00 committed by Vincent Demeester
parent 6eb03c53db
commit 5572148477
5 changed files with 25 additions and 17 deletions

View file

@ -70,10 +70,10 @@ func (config *Config) InstallFlags(cmd *flag.FlagSet, usageFn func(string) strin
cmd.StringVar(&config.Bridge.Iface, []string{"b", "-bridge"}, "", usageFn("Attach containers to a network bridge"))
cmd.StringVar(&config.Bridge.FixedCIDR, []string{"-fixed-cidr"}, "", usageFn("IPv4 subnet for fixed IPs"))
cmd.StringVar(&config.Bridge.FixedCIDRv6, []string{"-fixed-cidr-v6"}, "", usageFn("IPv6 subnet for fixed IPs"))
cmd.Var(opts.NewIpOpt(&config.Bridge.DefaultGatewayIPv4, ""), []string{"-default-gateway"}, usageFn("Container default gateway IPv4 address"))
cmd.Var(opts.NewIpOpt(&config.Bridge.DefaultGatewayIPv6, ""), []string{"-default-gateway-v6"}, usageFn("Container default gateway IPv6 address"))
cmd.Var(opts.NewIPOpt(&config.Bridge.DefaultGatewayIPv4, ""), []string{"-default-gateway"}, usageFn("Container default gateway IPv4 address"))
cmd.Var(opts.NewIPOpt(&config.Bridge.DefaultGatewayIPv6, ""), []string{"-default-gateway-v6"}, usageFn("Container default gateway IPv6 address"))
cmd.BoolVar(&config.Bridge.InterContainerCommunication, []string{"#icc", "-icc"}, true, usageFn("Enable inter-container communication"))
cmd.Var(opts.NewIpOpt(&config.Bridge.DefaultIP, "0.0.0.0"), []string{"#ip", "-ip"}, usageFn("Default IP when binding container ports"))
cmd.Var(opts.NewIPOpt(&config.Bridge.DefaultIP, "0.0.0.0"), []string{"#ip", "-ip"}, usageFn("Default IP when binding container ports"))
cmd.BoolVar(&config.Bridge.EnableUserlandProxy, []string{"-userland-proxy"}, true, usageFn("Use userland proxy for loopback traffic"))
cmd.BoolVar(&config.EnableCors, []string{"#api-enable-cors", "#-api-enable-cors"}, false, usageFn("Enable CORS headers in the remote API, this is deprecated by --api-cors-header"))
cmd.StringVar(&config.CorsHeaders, []string{"-api-cors-header"}, "", usageFn("Set CORS headers in the remote API"))

View file

@ -40,7 +40,7 @@ type TagStore struct {
pushingPool map[string]chan struct{}
registryService *registry.Service
eventsService *events.Events
trustService *trust.TrustStore
trustService *trust.Store
}
// Repository maps tags to image IDs.
@ -77,7 +77,7 @@ type TagStoreConfig struct {
// Events is the events service to use for logging.
Events *events.Events
// Trust is the trust service to use for push and pull operations.
Trust *trust.TrustStore
Trust *trust.Store
}
// NewTagStore creates a new TagStore at specified path, using the parameters

View file

@ -10,7 +10,7 @@ func TestIpOptString(t *testing.T) {
var ip net.IP
for _, address := range addresses {
stringAddress := NewIpOpt(&ip, address).String()
stringAddress := NewIPOpt(&ip, address).String()
if stringAddress != address {
t.Fatalf("IpOpt string should be `%s`, not `%s`", address, stringAddress)
}
@ -21,7 +21,7 @@ func TestNewIpOptInvalidDefaultVal(t *testing.T) {
ip := net.IPv4(127, 0, 0, 1)
defaultVal := "Not an ip"
ipOpt := NewIpOpt(&ip, defaultVal)
ipOpt := NewIPOpt(&ip, defaultVal)
expected := "127.0.0.1"
if ipOpt.String() != expected {
@ -33,7 +33,7 @@ func TestNewIpOptValidDefaultVal(t *testing.T) {
ip := net.IPv4(127, 0, 0, 1)
defaultVal := "192.168.1.1"
ipOpt := NewIpOpt(&ip, defaultVal)
ipOpt := NewIPOpt(&ip, defaultVal)
expected := "192.168.1.1"
if ipOpt.String() != expected {
@ -43,7 +43,7 @@ func TestNewIpOptValidDefaultVal(t *testing.T) {
func TestIpOptSetInvalidVal(t *testing.T) {
ip := net.IPv4(127, 0, 0, 1)
ipOpt := &IpOpt{IP: &ip}
ipOpt := &IPOpt{IP: &ip}
invalidIP := "invalid ip"
expectedError := "invalid ip is not an ip address"

View file

@ -8,13 +8,16 @@ import (
"github.com/docker/libtrust"
)
// NotVerifiedError implements the error interface
type NotVerifiedError string
func (e NotVerifiedError) Error() string {
return string(e)
}
func (t *TrustStore) CheckKey(ns string, key []byte, perm uint16) (bool, error) {
// CheckKey verifies that the given public key is allowed to perform
// the given action on the given node according to the trust graph.
func (t *Store) CheckKey(ns string, key []byte, perm uint16) (bool, error) {
if len(key) == 0 {
return false, fmt.Errorf("Missing PublicKey")
}
@ -48,6 +51,8 @@ func (t *TrustStore) CheckKey(ns string, key []byte, perm uint16) (bool, error)
return true, nil
}
func (t *TrustStore) UpdateBase() {
// UpdateBase retrieves updated base graphs. This function cannot error, it
// should only log errors
func (t *Store) UpdateBase() {
t.fetch()
}

View file

@ -17,7 +17,8 @@ import (
"github.com/docker/libtrust/trustgraph"
)
type TrustStore struct {
// Store defines a TrustStore
type Store struct {
path string
caPool *x509.CertPool
graph trustgraph.TrustGraph
@ -38,7 +39,9 @@ const defaultFetchtime = 45 * time.Second
var baseEndpoints = map[string]string{"official": "https://dvjy3tqbc323p.cloudfront.net/trust/official.json"}
func NewTrustStore(path string) (*TrustStore, error) {
// NewTrustStore creates from a given path, if the path is not
// relative, it will be joined with the working directory.
func NewTrustStore(path string) (*Store, error) {
abspath, err := filepath.Abs(path)
if err != nil {
return nil, err
@ -55,7 +58,7 @@ func NewTrustStore(path string) (*TrustStore, error) {
}
// Load grant files
t := &TrustStore{
t := &Store{
path: abspath,
caPool: nil,
httpClient: &http.Client{},
@ -70,7 +73,7 @@ func NewTrustStore(path string) (*TrustStore, error) {
return t, nil
}
func (t *TrustStore) reload() error {
func (t *Store) reload() error {
t.Lock()
defer t.Unlock()
@ -121,7 +124,7 @@ func (t *TrustStore) reload() error {
return nil
}
func (t *TrustStore) fetchBaseGraph(u *url.URL) (*trustgraph.Statement, error) {
func (t *Store) fetchBaseGraph(u *url.URL) (*trustgraph.Statement, error) {
req := &http.Request{
Method: "GET",
URL: u,
@ -148,7 +151,7 @@ func (t *TrustStore) fetchBaseGraph(u *url.URL) (*trustgraph.Statement, error) {
// fetch retrieves updated base graphs. This function cannot error, it
// should only log errors
func (t *TrustStore) fetch() {
func (t *Store) fetch() {
t.Lock()
defer t.Unlock()