notary: github.com/docker/notary/server/storage Index | Files

package storage

import "github.com/docker/notary/server/storage"

Index

Package Files

errors.go interface.go memory.go rethinkdb.go rethinkdb_models.go sql_models.go sqldb.go tuf_store.go types.go

Constants

const ChangefeedTableName = "changefeed"

ChangefeedTableName returns the name used for the changefeed table

const TUFFileTableName = "tuf_files"

TUFFileTableName returns the name used for the tuf file table

Variables

var (
    // TUFFilesRethinkTable is the table definition of notary server's TUF metadata files
    TUFFilesRethinkTable = rethinkdb.Table{
        Name:       RDBTUFFile{}.TableName(),
        PrimaryKey: "gun_role_version",
        SecondaryIndexes: map[string][]string{

            "gun":                nil,
            "timestamp_checksum": nil,
            // contains filtered or unexported fields
        },

        Config: map[string]string{
            "write_acks": "majority",
        },
        JSONUnmarshaller: rdbTUFFileFromJSON,
    }

    // ChangeRethinkTable is the table definition for changefeed objects
    ChangeRethinkTable = rethinkdb.Table{
        Name:       Change{}.TableName(),
        PrimaryKey: "id",
        SecondaryIndexes: map[string][]string{
            "rdb_created_at_id":     {"created_at", "id"},
            "rdb_gun_created_at_id": {"gun", "created_at", "id"},
        },
        Config: map[string]string{
            "write_acks": "majority",
        },
        JSONUnmarshaller: rdbChangeFromJSON,
    }
)

func CreateChangefeedTable Uses

func CreateChangefeedTable(db gorm.DB) error

CreateChangefeedTable creates the DB table for Changefeed

func CreateTUFTable Uses

func CreateTUFTable(db gorm.DB) error

CreateTUFTable creates the DB table for TUFFile

type Change Uses

type Change struct {
    ID        string    `gorethink:"id,omitempty" gorm:"primary_key" sql:"not null"`
    CreatedAt time.Time `gorethink:"created_at"`
    GUN       string    `gorethink:"gun" gorm:"column:gun" sql:"type:varchar(255);not null"`
    Version   int       `gorethink:"version" sql:"not null"`
    SHA256    string    `gorethink:"sha256" gorm:"column:sha256" sql:"type:varchar(64);"`
    Category  string    `gorethink:"category" sql:"type:varchar(20);not null;"`
}

Change defines the fields required for an object in the changefeed

func (Change) TableName Uses

func (rdb Change) TableName() string

TableName sets a specific table name for Changefeed

type ErrBadQuery Uses

type ErrBadQuery struct {
    // contains filtered or unexported fields
}

ErrBadQuery is used when the parameters provided cannot be appropriately coerced.

func (ErrBadQuery) Error Uses

func (err ErrBadQuery) Error() string

type ErrKeyExists Uses

type ErrKeyExists struct {
    // contains filtered or unexported fields
}

ErrKeyExists is returned when a key already exists

func (ErrKeyExists) Error Uses

func (err ErrKeyExists) Error() string

ErrKeyExists is returned when a key already exists

type ErrNoKey Uses

type ErrNoKey struct {
    // contains filtered or unexported fields
}

ErrNoKey is returned when no timestamp key is found

func (ErrNoKey) Error Uses

func (err ErrNoKey) Error() string

ErrNoKey is returned when no timestamp key is found

type ErrNotFound Uses

type ErrNotFound struct{}

ErrNotFound is returned when TUF metadata isn't found for a specific record

func (ErrNotFound) Error Uses

func (err ErrNotFound) Error() string

Error implements error

type ErrOldVersion Uses

type ErrOldVersion struct{}

ErrOldVersion is returned when a newer version of TUF metadata is already available

func (ErrOldVersion) Error Uses

func (err ErrOldVersion) Error() string

ErrOldVersion is returned when a newer version of TUF metadata is already available

type KeyStore Uses

type KeyStore interface {
    // GetKey returns the algorithm and public key for the given GUN and role.
    // If the GUN+role don't exist, returns an error.
    GetKey(gun, role string) (algorithm string, public []byte, err error)

    // SetKey sets the algorithm and public key for the given GUN and role if
    // it doesn't already exist.  Otherwise an error is returned.
    SetKey(gun, role, algorithm string, public []byte) error
}

KeyStore provides a minimal interface for managing key persistence

type MemStorage Uses

type MemStorage struct {
    // contains filtered or unexported fields
}

MemStorage is really just designed for dev and testing. It is very inefficient in many scenarios

func NewMemStorage Uses

func NewMemStorage() *MemStorage

NewMemStorage instantiates a memStorage instance

func (*MemStorage) Delete Uses

func (st *MemStorage) Delete(gun data.GUN) error

Delete deletes all the metadata for a given GUN

func (*MemStorage) GetChanges Uses

func (st *MemStorage) GetChanges(changeID string, records int, filterName string) ([]Change, error)

GetChanges returns a []Change starting from but excluding the record identified by changeID. In the context of the memory store, changeID is simply an index into st.changes. The ID of a change is its index+1, both to match the SQL implementations, and so that the first change can be retrieved by providing ID 0.

func (*MemStorage) GetChecksum Uses

func (st *MemStorage) GetChecksum(gun data.GUN, role data.RoleName, checksum string) (*time.Time, []byte, error)

GetChecksum returns the createupdate date and metadata for a given role, under a GUN.

func (*MemStorage) GetCurrent Uses

func (st *MemStorage) GetCurrent(gun data.GUN, role data.RoleName) (*time.Time, []byte, error)

GetCurrent returns the createupdate date metadata for a given role, under a GUN.

func (*MemStorage) GetVersion Uses

func (st *MemStorage) GetVersion(gun data.GUN, role data.RoleName, version int) (*time.Time, []byte, error)

GetVersion gets a specific TUF record by its version

func (*MemStorage) UpdateCurrent Uses

func (st *MemStorage) UpdateCurrent(gun data.GUN, update MetaUpdate) error

UpdateCurrent updates the meta data for a specific role

func (*MemStorage) UpdateMany Uses

func (st *MemStorage) UpdateMany(gun data.GUN, updates []MetaUpdate) error

UpdateMany updates multiple TUF records

type MetaStore Uses

type MetaStore interface {
    // UpdateCurrent adds new metadata version for the given GUN if and only
    // if it's a new role, or the version is greater than the current version
    // for the role. Otherwise an error is returned.
    UpdateCurrent(gun data.GUN, update MetaUpdate) error

    // UpdateMany adds multiple new metadata for the given GUN.  It can even
    // add multiple versions for the same role, so long as those versions are
    // all unique and greater than any current versions.  Otherwise,
    // none of the metadata is added, and an error is be returned.
    UpdateMany(gun data.GUN, updates []MetaUpdate) error

    // GetCurrent returns the modification date and data part of the metadata for
    // the latest version of the given GUN and role.  If there is no data for
    // the given GUN and role, an error is returned.
    GetCurrent(gun data.GUN, tufRole data.RoleName) (created *time.Time, data []byte, err error)

    // GetChecksum returns the given TUF role file and creation date for the
    // GUN with the provided checksum. If the given (gun, role, checksum) are
    // not found, it returns storage.ErrNotFound
    GetChecksum(gun data.GUN, tufRole data.RoleName, checksum string) (created *time.Time, data []byte, err error)

    // GetVersion returns the given TUF role file and creation date for the
    // GUN with the provided version. If the given (gun, role, version) are
    // not found, it returns storage.ErrNotFound
    GetVersion(gun data.GUN, tufRole data.RoleName, version int) (created *time.Time, data []byte, err error)

    // Delete removes all metadata for a given GUN.  It does not return an
    // error if no metadata exists for the given GUN.
    Delete(gun data.GUN) error

    // GetChanges returns an ordered slice of changes. It starts from
    // the change matching changeID, but excludes this change from the results
    // on the assumption that if a user provides an ID, they've seen that change.
    // If changeID is 0, it starts from the
    // beginning, and if changeID is -1, it starts from the most recent
    // change. The number of results returned is limited by records.
    // If records is negative, we will return that number of changes preceding
    // the given changeID.
    // The returned []Change should always be ordered oldest to newest.
    GetChanges(changeID string, records int, filterName string) ([]Change, error)
}

MetaStore holds the methods that are used for a Metadata Store

type MetaUpdate Uses

type MetaUpdate struct {
    Role    data.RoleName
    Version int
    Data    []byte
}

MetaUpdate packages up the fields required to update a TUF record

type RDBTUFFile Uses

type RDBTUFFile struct {
    rethinkdb.Timing
    GunRoleVersion []interface{} `gorethink:"gun_role_version"`
    Gun            string        `gorethink:"gun"`
    Role           string        `gorethink:"role"`
    Version        int           `gorethink:"version"`
    SHA256         string        `gorethink:"sha256"`
    Data           []byte        `gorethink:"data"`
    TSchecksum     string        `gorethink:"timestamp_checksum"`
}

RDBTUFFile is a TUF file record

func (RDBTUFFile) TableName Uses

func (r RDBTUFFile) TableName() string

TableName returns the table name for the record type

type RethinkDB Uses

type RethinkDB struct {
    // contains filtered or unexported fields
}

RethinkDB implements a MetaStore against the Rethink Database

func NewRethinkDBStorage Uses

func NewRethinkDBStorage(dbName, user, password string, sess *gorethink.Session) RethinkDB

NewRethinkDBStorage initializes a RethinkDB object

func (RethinkDB) Bootstrap Uses

func (rdb RethinkDB) Bootstrap() error

Bootstrap sets up the database and tables, also creating the notary server user with appropriate db permission

func (RethinkDB) CheckHealth Uses

func (rdb RethinkDB) CheckHealth() error

CheckHealth checks that all tables and databases exist and are query-able

func (RethinkDB) Delete Uses

func (rdb RethinkDB) Delete(gun data.GUN) error

Delete removes all metadata for a given GUN. It does not return an error if no metadata exists for the given GUN.

func (RethinkDB) GetChanges Uses

func (rdb RethinkDB) GetChanges(changeID string, pageSize int, filterName string) ([]Change, error)

GetChanges returns up to pageSize changes starting from changeID. It uses the blackout to account for RethinkDB's eventual consistency model

func (RethinkDB) GetChecksum Uses

func (rdb RethinkDB) GetChecksum(gun data.GUN, role data.RoleName, checksum string) (created *time.Time, data []byte, err error)

GetChecksum returns the given TUF role file and creation date for the GUN with the provided checksum. If the given (gun, role, checksum) are not found, it returns storage.ErrNotFound

func (RethinkDB) GetCurrent Uses

func (rdb RethinkDB) GetCurrent(gun data.GUN, role data.RoleName) (created *time.Time, data []byte, err error)

GetCurrent returns the modification date and data part of the metadata for the latest version of the given GUN and role. If there is no data for the given GUN and role, an error is returned.

func (RethinkDB) GetVersion Uses

func (rdb RethinkDB) GetVersion(gun data.GUN, role data.RoleName, version int) (*time.Time, []byte, error)

GetVersion gets a specific TUF record by its version

func (RethinkDB) UpdateCurrent Uses

func (rdb RethinkDB) UpdateCurrent(gun data.GUN, update MetaUpdate) error

UpdateCurrent adds new metadata version for the given GUN if and only if it's a new role, or the version is greater than the current version for the role. Otherwise an error is returned.

func (RethinkDB) UpdateMany Uses

func (rdb RethinkDB) UpdateMany(gun data.GUN, updates []MetaUpdate) error

UpdateMany adds multiple new metadata for the given GUN. RethinkDB does not support transactions, therefore we will attempt to insert the timestamp last as this represents a published version of the repo. However, we will insert all other role data in alphabetical order first, and also include the associated timestamp checksum so that we can easily roll back this pseudotransaction

type SQLChange Uses

type SQLChange struct {
    ID        uint `gorm:"primary_key" sql:"not null" json:",string"`
    CreatedAt time.Time
    GUN       string `gorm:"column:gun" sql:"type:varchar(255);not null"`
    Version   int    `sql:"not null"`
    SHA256    string `gorm:"column:sha256" sql:"type:varchar(64);"`
    Category  string `sql:"type:varchar(20);not null;"`
}

SQLChange defines the fields required for an object in the changefeed

func (SQLChange) TableName Uses

func (c SQLChange) TableName() string

TableName sets a specific table name for Changefeed

type SQLStorage Uses

type SQLStorage struct {
    gorm.DB
}

SQLStorage implements a versioned store using a relational database. See server/storage/models.go

func NewSQLStorage Uses

func NewSQLStorage(dialect string, args ...interface{}) (*SQLStorage, error)

NewSQLStorage is a convenience method to create a SQLStorage

func (*SQLStorage) CheckHealth Uses

func (db *SQLStorage) CheckHealth() error

CheckHealth asserts that the tuf_files table is present

func (*SQLStorage) Delete Uses

func (db *SQLStorage) Delete(gun data.GUN) error

Delete deletes all the records for a specific GUN - we have to do a hard delete using Unscoped otherwise we can't insert for that GUN again

func (*SQLStorage) GetChanges Uses

func (db *SQLStorage) GetChanges(changeID string, records int, filterName string) ([]Change, error)

GetChanges returns up to pageSize changes starting from changeID.

func (*SQLStorage) GetChecksum Uses

func (db *SQLStorage) GetChecksum(gun data.GUN, tufRole data.RoleName, checksum string) (*time.Time, []byte, error)

GetChecksum gets a specific TUF record by its hex checksum

func (*SQLStorage) GetCurrent Uses

func (db *SQLStorage) GetCurrent(gun data.GUN, tufRole data.RoleName) (*time.Time, []byte, error)

GetCurrent gets a specific TUF record

func (*SQLStorage) GetVersion Uses

func (db *SQLStorage) GetVersion(gun data.GUN, tufRole data.RoleName, version int) (*time.Time, []byte, error)

GetVersion gets a specific TUF record by its version

func (*SQLStorage) UpdateCurrent Uses

func (db *SQLStorage) UpdateCurrent(gun data.GUN, update MetaUpdate) error

UpdateCurrent updates a single TUF.

func (*SQLStorage) UpdateMany Uses

func (db *SQLStorage) UpdateMany(gun data.GUN, updates []MetaUpdate) error

UpdateMany atomically updates many TUF records in a single transaction

type TUFFile Uses

type TUFFile struct {
    gorm.Model
    Gun     string `sql:"type:varchar(255);not null"`
    Role    string `sql:"type:varchar(255);not null"`
    Version int    `sql:"not null"`
    SHA256  string `gorm:"column:sha256" sql:"type:varchar(64);"`
    Data    []byte `sql:"type:longblob;not null"`
}

TUFFile represents a TUF file in the database

func (TUFFile) TableName Uses

func (g TUFFile) TableName() string

TableName sets a specific table name for TUFFile

type TUFMetaStorage Uses

type TUFMetaStorage struct {
    MetaStore
    // contains filtered or unexported fields
}

TUFMetaStorage wraps a MetaStore in order to walk the TUF tree for GetCurrent in a consistent manner, by always starting from a current timestamp and then looking up other data by hash

func NewTUFMetaStorage Uses

func NewTUFMetaStorage(m MetaStore) *TUFMetaStorage

NewTUFMetaStorage instantiates a TUFMetaStorage instance

func (TUFMetaStorage) Bootstrap Uses

func (tms TUFMetaStorage) Bootstrap() error

Bootstrap the store with tables if possible

func (TUFMetaStorage) GetChecksum Uses

func (tms TUFMetaStorage) GetChecksum(gun data.GUN, tufRole data.RoleName, checksum string) (*time.Time, []byte, error)

GetChecksum gets a specific TUF record by checksum, also checking the internal cache

func (TUFMetaStorage) GetCurrent Uses

func (tms TUFMetaStorage) GetCurrent(gun data.GUN, tufRole data.RoleName) (*time.Time, []byte, error)

GetCurrent gets a specific TUF record, by walking from the current Timestamp to other metadata by checksum

Package storage imports 18 packages (graph) and is imported by 20 packages. Updated 2019-04-03. Refresh now. Tools for package owners.