Example #1
0
func (k *keyCommander) keysRotate(cmd *cobra.Command, args []string) error {
	if len(args) < 2 {
		cmd.Usage()
		return fmt.Errorf("Must specify a GUN and a key role to rotate")
	}

	config, err := k.configGetter()
	if err != nil {
		return err
	}

	gun := args[0]
	rotateKeyRole := args[1]

	rt, err := getTransport(config, gun, admin)
	if err != nil {
		return err
	}

	trustPin, err := getTrustPinning(config)
	if err != nil {
		return err
	}

	nRepo, err := notaryclient.NewFileCachedNotaryRepository(
		config.GetString("trust_dir"), gun, getRemoteTrustServer(config),
		rt, k.getRetriever(), trustPin)
	if err != nil {
		return err
	}

	if rotateKeyRole == data.CanonicalRootRole {
		cmd.Print("Warning: you are about to rotate your root key.\n\n" +
			"You must use your old key to sign this root rotation. We recommend that\n" +
			"you sign all your future root changes with this key as well, so that\n" +
			"clients can have a smoother update process. Please do not delete\n" +
			"this key after rotating.\n\n" +
			"Are you sure you want to proceed?  (yes/no)  ")

		if !askConfirm(k.input) {
			fmt.Fprintln(cmd.Out(), "\nAborting action.")
			return nil
		}
	}

	if err := nRepo.RotateKey(rotateKeyRole, k.rotateKeyServerManaged); err != nil {
		return err
	}
	cmd.Printf("Successfully rotated %s key for repository %s\n", rotateKeyRole, gun)
	return nil
}
Example #2
0
func loginRegistry(ctx *cobra.Command, args []string) {
	reg := client.INDEX_SERVER
	if len(args) > 0 {
		reg = args[0]
	}

	config, err := client.LoadConfig(configPath)
	if err != nil {
		log.Fatal(err)
	}

	ctx.Printf("Log in to a Docker registry at %s\n", reg)

	registry, _ := config.GetRegistry(reg)

	authConfig := api.AuthConfig{
		ServerAddress: registry.Registry,
	}

	promptDefault := func(prompt string, configDefault string) {
		if configDefault == "" {
			ctx.Printf("%s: ", prompt)
		} else {
			ctx.Printf("%s (%s): ", prompt, configDefault)
		}
	}

	readInput := func() string {
		reader := bufio.NewReader(os.Stdin)
		line, _, err := reader.ReadLine()
		if err != nil {
			log.Fatal(err)
		}
		return string(line)
	}

	promptDefault("Username", registry.Username)
	authConfig.Username = readInput()
	if authConfig.Username == "" {
		authConfig.Username = registry.Username
	}

	ctx.Print("Password: ")
	authConfig.Password = string(gopass.GetPasswdMasked())

	promptDefault("Email", registry.Email)
	authConfig.Email = readInput()
	if authConfig.Email == "" {
		authConfig.Email = registry.Email
	}

	docker, err := client.NewDockerClient(configPath, hostName, ctx.Out())
	if err != nil {
		log.Fatal(err)
	}

	credentials, err := docker.Auth(&authConfig)
	if err != nil {
		log.Fatal(err)
	}

	registry.Username = authConfig.Username
	registry.Email = authConfig.Email
	registry.Credentials = credentials

	config.SetRegistry(registry)

	if err := config.SaveConfig(configPath); err != nil {
		log.Fatal(err)
	}

	ctx.Println("Login Succeeded!")

	listRegistries(ctx, args)
}
Example #3
0
func uploadToContainer(ctx *cobra.Command, args []string) {
	if len(args) < 2 {
		ErrorExit(ctx, "Needs two arguments <PATH> to upload into <(NAME|ID):PATH>")
	}

	srcPath, err := filepath.Abs(args[0])
	if err != nil {
		log.Fatal(err)
	}

	arr := strings.Split(args[1], ":")
	if len(arr) < 2 || (arr[1] == "") {
		ErrorExit(ctx, fmt.Sprint("Needs <(NAME|ID):PATH> for the second argument"))
	}

	var (
		name = arr[0]
		path = arr[1]
	)

	f, err := os.Open(os.DevNull)
	if err != nil {
		log.Fatal(err)
	}

	docker, err := client.NewDockerClient(configPath, hostName, f)
	if err != nil {
		log.Fatal(err)
	}

	info, err := docker.Info()
	if err != nil {
		log.Fatal(err)
	}

	rootDir := ""

	for _, pair := range info.DriverStatus {
		if pair[0] == "Root Dir" {
			rootDir = pair[1]
		}
	}

	if rootDir == "" {
		if info.DockerRootDir == "" {
			log.Fatal("Can't get the root dir for the container")
		}
		rootDir = filepath.Join(info.DockerRootDir, info.Driver)
	}

	containerInfo, err := docker.InspectContainer(name)
	if err != nil {
		log.Fatal(err)
	}

	switch info.Driver {
	case "aufs":
		rootDir = filepath.Join(rootDir, "mnt", containerInfo.Id)
	case "btrfs":
		rootDir = filepath.Join(rootDir, "subvolumes", containerInfo.Id)
	case "devicemapper":
		rootDir = filepath.Join(rootDir, "mnt", containerInfo.Id, "rootfs")
	case "overlay":
		rootDir = filepath.Join(rootDir, containerInfo.Id, "merged")
	case "vfs":
		rootDir = filepath.Join(rootDir, "dir", containerInfo.Id)
	default:
		log.Fatalf("Unknown driver: %s", info.Driver)
	}

	dstPath := filepath.Join(rootDir, path)
	dstPath = filepath.Clean(dstPath)
	if !strings.HasPrefix(dstPath, rootDir) {
		log.Fatal("Can't upload to outside of the container")
	}

	ctx.Printf("Uploading %s into %s\n", args[0], args[1])

	message, err := docker.Upload(srcPath, true)
	if err != nil {
		log.Fatal(err)
	}

	var (
		config     api.Config
		hostConfig api.HostConfig
	)

	if _, err := fmt.Sscanf(message, "Successfully built %s", &config.Image); err != nil {
		log.Fatal(err)
	}

	defer docker.RemoveImage(config.Image, true, false)

	hostConfig.Binds = []string{dstPath + ":/.destination"}

	cid, err := docker.CreateContainer("", config, hostConfig)
	if err != nil {
		log.Fatal(err)
	}
	defer docker.RemoveContainer(cid, true)

	if err := docker.StartContainer(cid); err != nil {
		log.Fatal(err)
	}

	if _, err := docker.WaitContainer(cid); err != nil {
		log.Fatal(err)
	}

	ctx.Print("Successfully uploaded\n")
}
Example #4
0
func uploadToVolume(ctx *cobra.Command, args []string) {
	if len(args) < 2 {
		ErrorExit(ctx, "Needs two arguments <PATH> to upload into <ID:PATH>")
	}

	srcPath, err := filepath.Abs(args[0])
	if err != nil {
		log.Fatal(err)
	}

	arr := strings.Split(args[1], ":")
	if len(arr) < 2 || (arr[1] == "") {
		ErrorExit(ctx, fmt.Sprint("Needs <ID:PATH> for the second argument"))
	}

	var (
		id   = arr[0]
		path = arr[1]
	)

	volumes, err := getVolumes(ctx)
	if err != nil {
		log.Fatal(err)
	}

	volume := volumes.Find(id)
	if volume == nil {
		log.Fatalf("No such volume: %s", id)
	}

	dstPath := filepath.Join(volume.Path, path)
	dstPath = filepath.Clean(dstPath)
	if !strings.HasPrefix(dstPath, volume.Path) {
		log.Fatal("Can't upload to outside of the volume")
	}

	f, err := os.Open(os.DevNull)
	if err != nil {
		log.Fatal(err)
	}

	docker, err := client.NewDockerClient(configPath, hostName, f)
	if err != nil {
		log.Fatal(err)
	}

	ctx.Printf("Uploading %s into %s\n", args[0], args[1])

	message, err := docker.Upload(srcPath, true)
	if err != nil {
		log.Fatal(err)
	}

	var (
		config     api.Config
		hostConfig api.HostConfig
	)

	if _, err := fmt.Sscanf(message, "Successfully built %s", &config.Image); err != nil {
		log.Fatal(err)
	}

	defer docker.RemoveImage(config.Image, true, false)

	hostConfig.Binds = []string{dstPath + ":/.destination"}

	cid, err := docker.CreateContainer("", config, hostConfig)
	if err != nil {
		log.Fatal(err)
	}
	defer docker.RemoveContainer(cid, true)

	if err := docker.StartContainer(cid); err != nil {
		log.Fatal(err)
	}

	if _, err := docker.WaitContainer(cid); err != nil {
		log.Fatal(err)
	}

	ctx.Print("Successfully uploaded\n")
}