GitList

Browse code

golint: trust

contributes to #14756

Signed-off-by: Sevki Hasirci <s@sevki.org>

Sevki Hasirci authored on 2015/07/29 03:18:04
Showing 5 changed files

daemon/config_unix.go index b5d160d..d4f127c 100644
graph/tags.go index 9deb463..f477cd2 100644
opts/ip_test.go index 0bbee76..1027d84 100644
trust/service.go index 6a804fa..b02eca6 100644
trust/trusts.go index dd30869..1205c2d 100644

@@ -70,10 +70,10 @@ func (config *Config) InstallFlags(cmd *flag.FlagSet, usageFn func(string) strin
                      	cmd.StringVar(&config.Bridge.Iface, []string{"b", "-bridge"}, "", usageFn("Attach containers to a network bridge"))
                      	cmd.StringVar(&config.Bridge.FixedCIDR, []string{"-fixed-cidr"}, "", usageFn("IPv4 subnet for fixed IPs"))
                      	cmd.StringVar(&config.Bridge.FixedCIDRv6, []string{"-fixed-cidr-v6"}, "", usageFn("IPv6 subnet for fixed IPs"))
                     -	cmd.Var(opts.NewIpOpt(&config.Bridge.DefaultGatewayIPv4, ""), []string{"-default-gateway"}, usageFn("Container default gateway IPv4 address"))
                     -	cmd.Var(opts.NewIpOpt(&config.Bridge.DefaultGatewayIPv6, ""), []string{"-default-gateway-v6"}, usageFn("Container default gateway IPv6 address"))
                     +	cmd.Var(opts.NewIPOpt(&config.Bridge.DefaultGatewayIPv4, ""), []string{"-default-gateway"}, usageFn("Container default gateway IPv4 address"))
                     +	cmd.Var(opts.NewIPOpt(&config.Bridge.DefaultGatewayIPv6, ""), []string{"-default-gateway-v6"}, usageFn("Container default gateway IPv6 address"))
                      	cmd.BoolVar(&config.Bridge.InterContainerCommunication, []string{"#icc", "-icc"}, true, usageFn("Enable inter-container communication"))
                     -	cmd.Var(opts.NewIpOpt(&config.Bridge.DefaultIP, "0.0.0.0"), []string{"#ip", "-ip"}, usageFn("Default IP when binding container ports"))
                     +	cmd.Var(opts.NewIPOpt(&config.Bridge.DefaultIP, "0.0.0.0"), []string{"#ip", "-ip"}, usageFn("Default IP when binding container ports"))
                      	cmd.BoolVar(&config.Bridge.EnableUserlandProxy, []string{"-userland-proxy"}, true, usageFn("Use userland proxy for loopback traffic"))
                      	cmd.BoolVar(&config.EnableCors, []string{"#api-enable-cors", "#-api-enable-cors"}, false, usageFn("Enable CORS headers in the remote API, this is deprecated by --api-cors-header"))
                      	cmd.StringVar(&config.CorsHeaders, []string{"-api-cors-header"}, "", usageFn("Set CORS headers in the remote API"))

graph/tags.go

History View file @ 5572148

@@ -40,7 +40,7 @@ type TagStore struct {
                      	pushingPool     map[string]chan struct{}
                      	registryService *registry.Service
                      	eventsService   *events.Events
                     -	trustService    *trust.TrustStore
                     +	trustService    *trust.Store
+                     }
                      // Repository maps tags to image IDs.
@@ -77,7 +77,7 @@ type TagStoreConfig struct {
                      	// Events is the events service to use for logging.
                      	Events *events.Events
                      	// Trust is the trust service to use for push and pull operations.
                     -	Trust *trust.TrustStore
                     +	Trust *trust.Store
+                     }
                      // NewTagStore creates a new TagStore at specified path, using the parameters

opts/ip_test.go

History View file @ 5572148

@@ -10,7 +10,7 @@ func TestIpOptString(t *testing.T) {
                      	var ip net.IP
                      	for _, address := range addresses {
                     -		stringAddress := NewIpOpt(&ip, address).String()
                     +		stringAddress := NewIPOpt(&ip, address).String()
                      		if stringAddress != address {
                      			t.Fatalf("IpOpt string should be `%s`, not `%s`", address, stringAddress)
+                     		}
@@ -21,7 +21,7 @@ func TestNewIpOptInvalidDefaultVal(t *testing.T) {
                      	ip := net.IPv4(127, 0, 0, 1)
                      	defaultVal := "Not an ip"
                     -	ipOpt := NewIpOpt(&ip, defaultVal)
                     +	ipOpt := NewIPOpt(&ip, defaultVal)
                      	expected := "127.0.0.1"
                      	if ipOpt.String() != expected {
@@ -33,7 +33,7 @@ func TestNewIpOptValidDefaultVal(t *testing.T) {
                      	ip := net.IPv4(127, 0, 0, 1)
                      	defaultVal := "192.168.1.1"
                     -	ipOpt := NewIpOpt(&ip, defaultVal)
                     +	ipOpt := NewIPOpt(&ip, defaultVal)
                      	expected := "192.168.1.1"
                      	if ipOpt.String() != expected {
@@ -43,7 +43,7 @@ func TestNewIpOptValidDefaultVal(t *testing.T) {
                      func TestIpOptSetInvalidVal(t *testing.T) {
                      	ip := net.IPv4(127, 0, 0, 1)
                     -	ipOpt := &IpOpt{IP: &ip}
                     +	ipOpt := &IPOpt{IP: &ip}
                      	invalidIP := "invalid ip"
                      	expectedError := "invalid ip is not an ip address"

trust/service.go

History View file @ 5572148

@@ -8,13 +8,16 @@ import (
 	"github.com/docker/libtrust"
 )
 
+// NotVerifiedError implements the error interface
 type NotVerifiedError string
 
 func (e NotVerifiedError) Error() string {
 	return string(e)
 }
 
-func (t *TrustStore) CheckKey(ns string, key []byte, perm uint16) (bool, error) {
+// CheckKey verifies that the given public key is allowed to perform
+// the given action on the given node according to the trust graph.
+func (t *Store) CheckKey(ns string, key []byte, perm uint16) (bool, error) {
 	if len(key) == 0 {
 		return false, fmt.Errorf("Missing PublicKey")
 	}
@@ -48,6 +51,8 @@ func (t *TrustStore) CheckKey(ns string, key []byte, perm uint16) (bool, error)
 	return true, nil
 }
 
-func (t *TrustStore) UpdateBase() {
+// UpdateBase retrieves updated base graphs.  This function cannot error, it
+// should only log errors
+func (t *Store) UpdateBase() {
 	t.fetch()
 }

trust/trusts.go

History View file @ 5572148

@@ -17,7 +17,8 @@ import (
                      	"github.com/docker/libtrust/trustgraph"
+                     )
                     -type TrustStore struct {
                     +// Store defines a TrustStore
                     +type Store struct {
                      	path          string
                      	caPool        *x509.CertPool
                      	graph         trustgraph.TrustGraph
@@ -38,7 +39,9 @@ const defaultFetchtime = 45 * time.Second
                      var baseEndpoints = map[string]string{"official": "https://dvjy3tqbc323p.cloudfront.net/trust/official.json"}
                     -func NewTrustStore(path string) (*TrustStore, error) {
                     +// NewTrustStore creates from a given path, if the path is not
                     +// relative, it will be joined with the working directory.
                     +func NewTrustStore(path string) (*Store, error) {
                      	abspath, err := filepath.Abs(path)
                      	if err != nil {
                      		return nil, err
@@ -55,7 +58,7 @@ func NewTrustStore(path string) (*TrustStore, error) {
+                     	}
                      	// Load grant files
                     -	t := &TrustStore{
                     +	t := &Store{
                      		path:          abspath,
                      		caPool:        nil,
                      		httpClient:    &http.Client{},
@@ -70,7 +73,7 @@ func NewTrustStore(path string) (*TrustStore, error) {
                      	return t, nil
+                     }
                     -func (t *TrustStore) reload() error {
                     +func (t *Store) reload() error {
                      	t.Lock()
                      	defer t.Unlock()
@@ -121,7 +124,7 @@ func (t *TrustStore) reload() error {
                      	return nil
+                     }
                     -func (t *TrustStore) fetchBaseGraph(u *url.URL) (*trustgraph.Statement, error) {
                     +func (t *Store) fetchBaseGraph(u *url.URL) (*trustgraph.Statement, error) {
                      	req := &http.Request{
                      		Method:     "GET",
                      		URL:        u,
@@ -148,7 +151,7 @@ func (t *TrustStore) fetchBaseGraph(u *url.URL) (*trustgraph.Statement, error) {
                      // fetch retrieves updated base graphs.  This function cannot error, it
                      // should only log errors
                     -func (t *TrustStore) fetch() {
                     +func (t *Store) fetch() {
                      	t.Lock()
                      	defer t.Unlock()

...	...	@@ -8,13 +8,16 @@ import (
8	8	"github.com/docker/libtrust"
9	9	)
10	10
	11	+// NotVerifiedError implements the error interface
11	12	type NotVerifiedError string
12	13
13	14	func (e NotVerifiedError) Error() string {
14	15	return string(e)
15	16	}
16	17
17		-func (t *TrustStore) CheckKey(ns string, key []byte, perm uint16) (bool, error) {
	18	+// CheckKey verifies that the given public key is allowed to perform
	19	+// the given action on the given node according to the trust graph.
	20	+func (t *Store) CheckKey(ns string, key []byte, perm uint16) (bool, error) {
18	21	if len(key) == 0 {
19	22	return false, fmt.Errorf("Missing PublicKey")
20	23	}
...	...	@@ -48,6 +51,8 @@ func (t *TrustStore) CheckKey(ns string, key []byte, perm uint16) (bool, error)
48	48	return true, nil
49	49	}
50	50
51		-func (t *TrustStore) UpdateBase() {
	51	+// UpdateBase retrieves updated base graphs. This function cannot error, it
	52	+// should only log errors
	53	+func (t *Store) UpdateBase() {
52	54	t.fetch()
53	55	}