func newConfig() *Conf { c := new(Conf) c.ldapViper = viper.New() c.ldapConfig = &LdapConfig{} c.notificationConfigs = []NotificationServiceConfig{} viper.SetConfigName("indispenso") viper.SetEnvPrefix("ind") // Defaults viper.SetDefault("Token", "") viper.SetDefault("Hostname", getDefaultHostName()) viper.SetDefault("UseAutoTag", true) viper.SetDefault("ServerEnabled", false) viper.SetDefault("Home", defaultHomePath) viper.SetDefault("Debug", false) viper.SetDefault("ServerPort", 897) viper.SetDefault("EndpointURI", "") viper.SetDefault("SslCertFile", "cert.pem") viper.SetDefault("SslPrivateKeyFile", "key.pem") viper.SetDefault("AutoGenerateCert", true) viper.SetDefault("ClientPort", 898) viper.SetDefault("EnableLdap", false) viper.SetDefault("LdapConfigFile", "") //Flags c.confFlags = pflag.NewFlagSet(os.Args[0], pflag.ExitOnError) configFile := c.confFlags.StringP("config", "c", "", "Config file location default is /etc/indispenso/indispenso.{json,toml,yaml,yml,properties,props,prop}") c.confFlags.BoolP("serverEnabled", "s", false, "Define if server module should be started or not") c.confFlags.BoolP("debug", "d", false, "Enable debug mode") c.confFlags.StringP("home", "p", defaultHomePath, "Home directory where all config files are located") c.confFlags.StringP("endpointUri", "e", "", "URI of server interface, used by client") c.confFlags.StringP("token", "t", "", "Secret token") c.confFlags.StringP("hostname", "i", getDefaultHostName(), "Hostname that is use to identify itself") c.confFlags.BoolP("enableLdap", "l", false, "Enable LDAP authentication") c.confFlags.BoolP("help", "h", false, "Print help message") c.confFlags.Parse(os.Args[1:]) if len(*configFile) > 2 { viper.SetConfigFile(*configFile) } else { legacyConfigFile := "/etc/indispenso/indispenso.conf" if _, err := os.Stat(legacyConfigFile); err == nil { viper.SetConfigFile(legacyConfigFile) viper.SetConfigType("yaml") } } viper.BindPFlags(c.confFlags) viper.AutomaticEnv() viper.ReadInConfig() c.setupHome(nil, viper.GetString("Home")) c.setupHome(c.ldapViper, viper.GetString("Home")) c.SetupNotificationConfig("slack", &SlackNotifyConfig{}) c.Update() return c }
func setDefaultConfigValuesWithViper(v *viper.Viper, b *BgpConfigSet) error { if v == nil { v = viper.New() } if err := SetDefaultGlobalConfigValues(&b.Global); err != nil { return err } for idx, server := range b.BmpServers { if server.Config.Port == 0 { server.Config.Port = bmp.BMP_DEFAULT_PORT } b.BmpServers[idx] = server } if b.Zebra.Config.Url == "" { b.Zebra.Config.Url = "unix:/var/run/quagga/zserv.api" } list, err := extractArray(v.Get("neighbors")) if err != nil { return err } for idx, n := range b.Neighbors { vv := viper.New() if len(list) > idx { vv.Set("neighbor", list[idx]) } if err := setDefaultNeighborConfigValuesWithViper(vv, &n, b.Global.Config.As); err != nil { return err } b.Neighbors[idx] = n } for idx, r := range b.RpkiServers { if r.Config.Port == 0 { b.RpkiServers[idx].Config.Port = rtr.RPKI_DEFAULT_PORT } } list, err = extractArray(v.Get("policy-definitions")) if err != nil { return err } for idx, p := range b.PolicyDefinitions { vv := viper.New() if len(list) > idx { vv.Set("policy", list[idx]) } if err := setDefaultPolicyConfigValuesWithViper(vv, &p); err != nil { return err } b.PolicyDefinitions[idx] = p } return nil }
// Non-roles and delegation keys can't be rotated with the command line func TestRotateKeyInvalidRoles(t *testing.T) { setUp(t) invalids := []string{ "notevenARole", "targets/a", } for _, role := range invalids { for _, serverManaged := range []bool{true, false} { k := &keyCommander{ configGetter: func() (*viper.Viper, error) { return viper.New(), nil }, getRetriever: func() notary.PassRetriever { return passphrase.ConstantRetriever("pass") }, rotateKeyRole: role, rotateKeyServerManaged: serverManaged, } commands := []string{"gun", role} if serverManaged { commands = append(commands, "-r") } err := k.keysRotate(&cobra.Command{}, commands) require.Error(t, err) require.Contains(t, err.Error(), fmt.Sprintf("does not currently permit rotating the %s key", role)) } } }
func TestGetTrustPinningErrors(t *testing.T) { setUp(t) invalidTrustPinConfig := tempDirWithConfig(t, `{ "trust_pinning": { "certs": { "repo3": [60, "abc", [1, 2, 3]] } } }`) defer os.RemoveAll(invalidTrustPinConfig) tc := &tufCommander{ // returns a nil pointer configGetter: func() (*viper.Viper, error) { v := viper.New() v.SetConfigFile(filepath.Join(invalidTrustPinConfig, "config.json")) v.ReadInConfig() return v, nil }, } require.Error(t, tc.tufStatus(&cobra.Command{}, []string{"gun"})) tc.resetAll = true require.Error(t, tc.tufReset(&cobra.Command{}, []string{"gun"})) require.Error(t, tc.tufDeleteGUN(&cobra.Command{}, []string{"gun"})) require.Error(t, tc.tufInit(&cobra.Command{}, []string{"gun"})) require.Error(t, tc.tufPublish(&cobra.Command{}, []string{"gun"})) require.Error(t, tc.tufVerify(&cobra.Command{}, []string{"gun", "target", "file"})) require.Error(t, tc.tufLookup(&cobra.Command{}, []string{"gun", "target"})) require.Error(t, tc.tufList(&cobra.Command{}, []string{"gun"})) require.Error(t, tc.tufAdd(&cobra.Command{}, []string{"gun", "target", "file"})) require.Error(t, tc.tufRemove(&cobra.Command{}, []string{"gun", "target", "file"})) require.Error(t, tc.tufWitness(&cobra.Command{}, []string{"gun", "targets/role"})) tc.sha256 = "88b76b34ab83a9e4d5abe3697950fb73f940aab1aa5b534f80cf9de9708942be" require.Error(t, tc.tufAddByHash(&cobra.Command{}, []string{"gun", "test1", "100"})) }
func TestStatusUnstageAndReset(t *testing.T) { setUp(t) tempBaseDir := tempDirWithConfig(t, "{}") defer os.RemoveAll(tempBaseDir) tc := &tufCommander{ configGetter: func() (*viper.Viper, error) { v := viper.New() v.SetDefault("trust_dir", tempBaseDir) return v, nil }, } // run a reset with an empty changelist and make sure it succeeds tc.resetAll = true err := tc.tufReset(&cobra.Command{}, []string{"gun"}) require.NoError(t, err) // add some targets tc.sha256 = "88b76b34ab83a9e4d5abe3697950fb73f940aab1aa5b534f80cf9de9708942be" err = tc.tufAddByHash(&cobra.Command{}, []string{"gun", "test1", "100"}) require.NoError(t, err) tc.sha256 = "4a7c203ce63b036a1999ea74eebd307c338368eb2b32218b722de6c5fdc7f016" err = tc.tufAddByHash(&cobra.Command{}, []string{"gun", "test2", "100"}) require.NoError(t, err) tc.sha256 = "64bd0565907a6a55fc66fd828a71dbadd976fa875d0a3869f53d02eb8710ecb4" err = tc.tufAddByHash(&cobra.Command{}, []string{"gun", "test3", "100"}) require.NoError(t, err) tc.sha256 = "9d9e890af64dd0f44b8a1538ff5fa0511cc31bf1ab89f3a3522a9a581a70fad8" err = tc.tufAddByHash(&cobra.Command{}, []string{"gun", "test4", "100"}) require.NoError(t, err) out, err := runCommand(t, tempBaseDir, "status", "gun") require.NoError(t, err) require.Contains(t, out, "test1") require.Contains(t, out, "test2") require.Contains(t, out, "test3") require.Contains(t, out, "test4") _, err = runCommand(t, tempBaseDir, "reset", "gun", "-n", "-1,1,3,10") require.NoError(t, err) out, err = runCommand(t, tempBaseDir, "status", "gun") require.NoError(t, err) require.Contains(t, out, "test1") require.NotContains(t, out, "test2") require.Contains(t, out, "test3") require.NotContains(t, out, "test4") _, err = runCommand(t, tempBaseDir, "reset", "gun", "--all") require.NoError(t, err) out, err = runCommand(t, tempBaseDir, "status", "gun") require.NoError(t, err) require.NotContains(t, out, "test1") require.NotContains(t, out, "test2") require.NotContains(t, out, "test3") require.NotContains(t, out, "test4") }
func init() { c := viper.New() c.SetEnvPrefix("Q") c.AutomaticEnv() flag.StringVar(&configFile, "config", "", "") flag.Parse() c.BindPFlag("config", flag.Lookup("config")) if c.GetString("config") == "" { // Read from "default" configuration path c.SetConfigName("config") c.AddConfigPath("/etc/qurid") c.AddConfigPath("$HOME/.quarid") c.AddConfigPath(".") } else { c.SetConfigFile(c.GetString("config")) } if err := c.ReadInConfig(); err != nil { panic(fmt.Errorf("Unable to read any configuration file: %s\n", err)) } location, err := time.LoadLocation(c.GetString("timezone")) if err == nil { c.Set("timezone", location) } else { c.Set("timezone", time.UTC) } config = c }
func TestExportKeysByID(t *testing.T) { setUp(t) tempBaseDir, err := ioutil.TempDir("", "notary-test-") require.NoError(t, err) defer os.RemoveAll(tempBaseDir) output, err := ioutil.TempFile("", "notary-test-import-") require.NoError(t, err) defer os.RemoveAll(output.Name()) k := &keyCommander{ configGetter: func() (*viper.Viper, error) { v := viper.New() v.SetDefault("trust_dir", tempBaseDir) return v, nil }, } k.outFile = output.Name() err = output.Close() // close so export can open require.NoError(t, err) k.exportKeyIDs = []string{"one", "three"} b := &pem.Block{} b.Bytes = make([]byte, 1000) rand.Read(b.Bytes) b2 := &pem.Block{} b2.Bytes = make([]byte, 1000) rand.Read(b2.Bytes) c := &pem.Block{} c.Bytes = make([]byte, 1000) rand.Read(c.Bytes) bBytes := pem.EncodeToMemory(b) b2Bytes := pem.EncodeToMemory(b2) cBytes := pem.EncodeToMemory(c) fileStore, err := store.NewPrivateKeyFileStorage(tempBaseDir, notary.KeyExtension) require.NoError(t, err) err = fileStore.Set("one", bBytes) require.NoError(t, err) err = fileStore.Set("two", b2Bytes) require.NoError(t, err) err = fileStore.Set("three", cBytes) require.NoError(t, err) err = k.exportKeys(&cobra.Command{}, nil) require.NoError(t, err) outRes, err := ioutil.ReadFile(k.outFile) require.NoError(t, err) block, rest := pem.Decode(outRes) require.Equal(t, b.Bytes, block.Bytes) require.Equal(t, "one", block.Headers["path"]) block, rest = pem.Decode(rest) require.Equal(t, c.Bytes, block.Bytes) require.Equal(t, "three", block.Headers["path"]) require.Len(t, rest, 0) }
func GetConfig() *viper.Viper { env := os.Getenv("VIPER_ENV") if len(env) == 0 { env = "development" } config := viper.New() config.SetConfigName(env) // name of config file (without extension) configPath := os.Getenv("VIPER_CONFIG") if len(configPath) == 0 { configPath = "config" } config.AddConfigPath(configPath) err := config.ReadInConfig() // Find and read the config file if err != nil { // Handle errors reading the config file panic(fmt.Errorf("Fatal error config file [%s]: %s \n", configPath, err)) } return config }
func init() { cfg = viper.New() cfg.SetDefault("agent.analyzers", "127.0.0.1:8082") cfg.SetDefault("agent.listen", "127.0.0.1:8081") cfg.SetDefault("agent.flowtable_expire", 300) cfg.SetDefault("agent.flowtable_update", 30) cfg.SetDefault("ovs.ovsdb", "127.0.0.1:6400") cfg.SetDefault("graph.backend", "memory") cfg.SetDefault("graph.gremlin", "ws://127.0.0.1:8182") cfg.SetDefault("sflow.bind_address", "127.0.0.1:6345") cfg.SetDefault("sflow.port_min", 6345) cfg.SetDefault("sflow.port_max", 6355) cfg.SetDefault("analyzer.listen", "127.0.0.1:8082") cfg.SetDefault("analyzer.flowtable_expire", 600) cfg.SetDefault("analyzer.flowtable_update", 60) cfg.SetDefault("storage.elasticsearch", "127.0.0.1:9200") cfg.SetDefault("ws_pong_timeout", 5) cfg.SetDefault("docker.url", "unix:///var/run/docker.sock") cfg.SetDefault("etcd.data_dir", "/tmp/skydive-etcd") cfg.SetDefault("etcd.embedded", true) cfg.SetDefault("etcd.port", 2379) cfg.SetDefault("etcd.servers", []string{"http://127.0.0.1:2379"}) cfg.SetDefault("auth.type", "noauth") cfg.SetDefault("auth.keystone.tenant", "admin") }
func (env *Env) AddSettings(frontmatter string) (*Env, error) { v := viper.New() v.SetConfigType("yaml") err := v.ReadConfig(bytes.NewBufferString(frontmatter)) env.AddPairs(v.AllSettings()) return env, err }
func Build() (err error) { err = AppSettings.UnmarshalKey(AppSettings.GetString("env"), Config) if err != nil { return } Config.Address = AppSettings.GetString("address") Config.Port = AppSettings.GetString("port") s3Config := &S3Config{} err = S3Settings.UnmarshalKey(S3Settings.GetString("env"), s3Config) if err != nil { return } Config.S3Config = s3Config sizes := viper.New() sizes.SetConfigName("sizes") sizes.AddConfigPath("./") err = sizes.ReadInConfig() if err != nil { return } mapSizes := &ValidSizes{} err = sizes.UnmarshalKey(AppSettings.GetString("env"), mapSizes) if err != nil { return } Config.ValidSizes = mapSizes return }
func TestEnvSlice(t *testing.T) { envVar := "ORDERER_INNER_SLICE" envVal := "[a, b, c]" os.Setenv(envVar, envVal) defer os.Unsetenv(envVar) config := viper.New() config.SetEnvPrefix(Prefix) config.AutomaticEnv() replacer := strings.NewReplacer(".", "_") config.SetEnvKeyReplacer(replacer) config.SetConfigType("yaml") data := "---\nInner:\n Slice: [d,e,f]" err := config.ReadConfig(bytes.NewReader([]byte(data))) if err != nil { t.Fatalf("Error reading %s plugin config: %s", Prefix, err) } var uconf testSlice err = ExactWithDateUnmarshal(config, &uconf) if err != nil { t.Fatalf("Failed to unmarshal with: %s", err) } expected := []string{"a", "b", "c"} if !reflect.DeepEqual(uconf.Inner.Slice, expected) { t.Fatalf("Did not get back the right slice, expeced: %v got %v", expected, uconf.Inner.Slice) } }
func loadConfig() (config *viper.Viper) { config = viper.New() // for environment variables config.SetEnvPrefix(configPrefix) config.AutomaticEnv() replacer := strings.NewReplacer(".", "_") config.SetEnvKeyReplacer(replacer) config.SetConfigName("config") config.AddConfigPath("./") config.AddConfigPath("../consensus/obcpbft/") config.AddConfigPath("../../consensus/obcpbft") // Path to look for the config file in based on GOPATH gopath := os.Getenv("GOPATH") for _, p := range filepath.SplitList(gopath) { obcpbftpath := filepath.Join(p, "src/github.com/hyperledger/fabric/consensus/obcpbft") config.AddConfigPath(obcpbftpath) } err := config.ReadInConfig() if err != nil { panic(fmt.Errorf("Error reading %s plugin config: %s", configPrefix, err)) } return }
// GetReplicaHash returns the crypto IDs of the current replica and the whole network // TODO func (h *Helper) GetReplicaHash() (self []byte, network [][]byte, err error) { // ATTN: Until the crypto package is integrated, this functions returns // the <IP:port>s of the current replica and the whole network instead func (h *Helper) GetReplicaHash() (self string, network []string, err error) { // v, _ := h.coordinator.GetValidator() // self = v.GetID() peer, err := peer.GetPeerEndpoint() if err != nil { return "", nil, err } self = peer.Address config := viper.New() config.SetConfigName("openchain") config.AddConfigPath("./") err = config.ReadInConfig() if err != nil { err = fmt.Errorf("Fatal error reading root config: %s", err) return self, nil, err } // encodedHashes := config.GetStringSlice("peer.validator.replicas.hashes") /* network = make([][]byte, len(encodedHashes)) for i, v := range encodedHashes { network[i], _ = base64.StdEncoding.DecodeString(v) } */ network = config.GetStringSlice("peer.validator.replicas.ips") return self, network, nil }
func init() { v := viper.New() v.SetDefault("env", "dev") v.BindEnv("env") env := v.GetString("env") Viper = &config{EnvironmentSpecificConfig(v, env)} }
// The command line uses NotaryRepository's RotateKey - this is just testing // that the correct config variables are passed for the client to request a key // from the remote server. func TestRotateKeyRemoteServerManagesKey(t *testing.T) { // Temporary directory where test files will be created tempBaseDir, err := ioutil.TempDir("/tmp", "notary-test-") defer os.RemoveAll(tempBaseDir) assert.NoError(t, err, "failed to create a temporary directory: %s", err) gun := "docker.com/notary" ret := passphrase.ConstantRetriever("pass") ts, initialKeys := setUpRepo(t, tempBaseDir, gun, ret) defer ts.Close() k := &keyCommander{ configGetter: func() (*viper.Viper, error) { v := viper.New() v.SetDefault("trust_dir", tempBaseDir) v.SetDefault("remote_server.url", ts.URL) return v, nil }, getRetriever: func() passphrase.Retriever { return ret }, rotateKeyRole: data.CanonicalSnapshotRole, rotateKeyServerManaged: true, } err = k.keysRotate(&cobra.Command{}, []string{gun}) assert.NoError(t, err) repo, err := client.NewNotaryRepository(tempBaseDir, gun, ts.URL, nil, ret) assert.NoError(t, err, "error creating repo: %s", err) cl, err := repo.GetChangelist() assert.NoError(t, err, "unable to get changelist: %v", err) assert.Len(t, cl.List(), 1) // no keys have been created, since a remote key was specified assert.Equal(t, initialKeys, repo.CryptoService.ListAllKeys()) }
// initializes a viper object with test configuration func configure(jsonConfig string) *viper.Viper { config := viper.New() SetupViper(config, envPrefix) config.SetConfigType("json") config.ReadConfig(bytes.NewBuffer([]byte(jsonConfig))) return config }
func bindViper(cmd *cobra.Command) error { v := viper.New() collectFlags(v, cmd) for _, key := range v.AllKeys() { if envkey, ok := envMap[key]; ok { v.BindEnv(key, "OMISE_"+envkey) } else { v.BindEnv(key, "OMISE_"+strings.Replace(strings.ToUpper(key), "-", "_", -1)) } } configPath := os.Getenv("HOME") + "/.omise" if configFile, e := os.Open(configPath); e == nil { defer configFile.Close() v.SetConfigType("json") if e := v.ReadConfig(configFile); e != nil { return e } } if e := v.Unmarshal(config); e != nil { return e } config.viper = v return nil }
// EnvironmentSpecificConfig sets the configuration to match the given env. func EnvironmentSpecificConfig(v *viper.Viper, env string) *viper.Viper { if v == nil { v = viper.New() v.SetDefault("env", env) } // Read common config v.AddConfigPath(".") v.AddConfigPath("../") v.AddConfigPath("config/") v.AddConfigPath("../config/") v.SetConfigName("config-common") v.SetConfigType("yml") if err := v.ReadInConfig(); err != nil { panic(fmt.Errorf("Fatal error reading common config file: %s \n", err)) } // Merge in environment specific config mergeInConfig(v, "config-"+env+".yml", "yml") // Merge in version config mergeInConfig(v, "version.properties", "properties") // Read config from consul // v.AddRemoteProvider("consul", "http://someconsul/endpoint", "some/path/to/config.json") // v.SetConfigType("yaml") // err = v.ReadRemoteConfig() // Find and read the config file // if err != nil { // Handle errors reading the config file // panic(fmt.Errorf("Fatal error reading remote config file: %s \n", err)) // } return v }
// NewManager creates the main new configuration for all scopes: default, website and store func NewManager() *Manager { s := &Manager{ v: viper.New(), } s.v.Set(newArg(Path(PathCSBaseURL)).scopePath(), CSBaseURL) return s }
func LoadPackage(fileName string) (*definitions.Package, error) { log.Info("Loading eris-pm Package Definition File.") var pkg = definitions.BlankPackage() var epmJobs = viper.New() // setup file abs, err := filepath.Abs(fileName) if err != nil { return nil, fmt.Errorf("Sorry, the marmots were unable to find the absolute path to the eris-pm jobs file.") } path := filepath.Dir(abs) file := filepath.Base(abs) extName := filepath.Ext(file) bName := file[:len(file)-len(extName)] log.WithFields(log.Fields{ "path": path, "name": bName, }).Debug("Loading eris-pm file") epmJobs.AddConfigPath(path) epmJobs.SetConfigName(bName) // load file if err := epmJobs.ReadInConfig(); err != nil { return nil, fmt.Errorf("Sorry, the marmots were unable to load the eris-pm jobs file. Please check your path.\nERROR =>\t\t\t%v", err) } // marshall file if err := epmJobs.Unmarshal(pkg); err != nil { return nil, fmt.Errorf("Sorry, the marmots could not figure that eris-pm jobs file out.\nPlease check your epm.yaml is properly formatted.\n") } return pkg, nil }
func newConfigObj() *config { return &config{ v: viper.New(), flagSets: map[string]*pflag.FlagSet{}, disableEnvVarSubstitution: DisableEnvVarSubstitution, } }
// Initializes the internal state for a new service. func (s *Service) init() { if s.Logger == nil { s.Logger = newLogger(os.Stderr) } if s.Handler == nil { s.Handler = &HandlerFunc{handle: s.Handle} } // Initialize a UUID if not set. if s.UUID == uuid.Nil { s.UUID = uuid.NewV4() } // A pre-defined flagset may be supplied. if s.Flags == nil { flags := pflag.NewFlagSet(s.Name, pflag.ExitOnError) // Initialize the base set of options. All other configuration should // be specified and driven by the contents of the `config`. flags.String("host", "127.0.0.1", "Host of the service.") flags.Int("port", 5000, "Port of the service.") flags.Bool("debug", false, "Toggle debug mode.") flags.String("consul", "", "Host of Consul agent.") flags.String("config", "", "Path to the service config.") s.Flags = flags } // Bind the CLI arguments for the service. cli := viper.New() cli.SetDefault("host", "127.0.0.1") cli.SetDefault("port", 5000) s.cli = cli cli.BindPFlag("host", s.Flags.Lookup("host")) cli.BindPFlag("port", s.Flags.Lookup("port")) cli.BindPFlag("debug", s.Flags.Lookup("debug")) cli.BindPFlag("consul", s.Flags.Lookup("consul")) cli.BindPFlag("config", s.Flags.Lookup("config")) mux := newServeMux() s.Mux = mux // Bind the root endpoint with info about the service. mux.Get("/", func(cxt *echo.Context) error { return cxt.JSON(http.StatusOK, s.Info()) }) // Top-level context. cxt, cancel := context.WithCancel(context.Background()) s.cxt = cxt s.cancel = cancel // Configuration. s.Config = newConfig(cxt, s.Name) }
func TestParseViperWithInvalidFile(t *testing.T) { v := viper.New() SetupViper(v, envPrefix) err := ParseViper(v, "Chronicle_Of_Dark_Secrets.json") require.Error(t, err) require.Contains(t, err.Error(), "Could not read config") }
// New creates registry instance func New(server server.Handler) Handler { c := viper.New() r := ®istry{ config: c, } r.server = server return r }
func init() { Config.Viper = viper.New() Config.SetDefault("login", map[interface{}]interface{}{"accounts": make(map[interface{}]interface{})}) Config.SetDefault("update", map[string]interface{}{"check": true}) Config.SetEnvPrefix(app.Name) Config.SetEnvKeyReplacer(strings.NewReplacer(".", "_")) Config.AutomaticEnv() }
func TestChangeKeyPassphraseInvalidNumArgs(t *testing.T) { k := &keyCommander{ configGetter: func() (*viper.Viper, error) { return viper.New(), nil }, getRetriever: func() passphrase.Retriever { return passphrase.ConstantRetriever("pass") }, } err := k.keyPassphraseChange(&cobra.Command{}, []string{}) assert.Error(t, err) assert.Contains(t, err.Error(), "must specify the key ID") }
func TestChangeKeyPassphraseInvalidID(t *testing.T) { k := &keyCommander{ configGetter: func() (*viper.Viper, error) { return viper.New(), nil }, getRetriever: func() passphrase.Retriever { return passphrase.ConstantRetriever("pass") }, } err := k.keyPassphraseChange(&cobra.Command{}, []string{"too_short"}) assert.Error(t, err) assert.Contains(t, err.Error(), "invalid key ID provided") }
// NewManager creates the main new configuration for all scopes: default, website and store func NewManager() *Manager { m := &Manager{ v: viper.New(), pubSub: newPubSub(), } m.v.Set(mustNewArg(Path(PathCSBaseURL)).scopePath(), CSBaseURL) go m.publish() return m }
// The command line uses NotaryRepository's RotateKey - this is just testing // that multiple keys can be rotated at once locally func TestRotateKeyBothKeys(t *testing.T) { setUp(t) // Temporary directory where test files will be created tempBaseDir, err := ioutil.TempDir("/tmp", "notary-test-") defer os.RemoveAll(tempBaseDir) require.NoError(t, err, "failed to create a temporary directory: %s", err) gun := "docker.com/notary" ret := passphrase.ConstantRetriever("pass") ts, initialKeys := setUpRepo(t, tempBaseDir, gun, ret) defer ts.Close() k := &keyCommander{ configGetter: func() (*viper.Viper, error) { v := viper.New() v.SetDefault("trust_dir", tempBaseDir) v.SetDefault("remote_server.url", ts.URL) return v, nil }, getRetriever: func() notary.PassRetriever { return ret }, } require.NoError(t, k.keysRotate(&cobra.Command{}, []string{gun, data.CanonicalTargetsRole})) require.NoError(t, k.keysRotate(&cobra.Command{}, []string{gun, data.CanonicalSnapshotRole})) repo, err := client.NewNotaryRepository(tempBaseDir, gun, ts.URL, nil, ret, trustpinning.TrustPinConfig{}) require.NoError(t, err, "error creating repo: %s", err) cl, err := repo.GetChangelist() require.NoError(t, err, "unable to get changelist: %v", err) require.Len(t, cl.List(), 0) // two new keys have been created, and the old keys should still be gone newKeys := repo.CryptoService.ListAllKeys() // there should be 3 keys - snapshot, targets, and root require.Len(t, newKeys, 3) // the old snapshot/targets keys should be gone for keyID, role := range initialKeys { r, ok := newKeys[keyID] switch r { case data.CanonicalSnapshotRole, data.CanonicalTargetsRole: require.False(t, ok, "original key %s still there", keyID) case data.CanonicalRootRole: require.Equal(t, role, r) require.True(t, ok, "old root key has changed") } } found := make(map[string]bool) for _, role := range newKeys { found[role] = true } require.True(t, found[data.CanonicalTargetsRole], "targets key was not created") require.True(t, found[data.CanonicalSnapshotRole], "snapshot key was not created") require.True(t, found[data.CanonicalRootRole], "root key was removed somehow") }