[lxc-devel] [lxd/master] Bugfixes
stgraber on Github
lxc-bot at linuxcontainers.org
Tue Jun 28 15:00:55 UTC 2016
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 301 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20160628/fd761307/attachment.bin>
-------------- next part --------------
From a733a77580f9c3e677c85dc51f05c8e5af1b5a80 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Tue, 28 Jun 2016 10:59:26 -0400
Subject: [PATCH 1/2] Use the daemon provided fingerprint on image copy
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Fallback on client provided fingerprint if no daemon provided
fingerprint can be found in operation metadata.
Closes #2162
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
client.go | 28 +++++++++++++++++++++++++---
1 file changed, 25 insertions(+), 3 deletions(-)
diff --git a/client.go b/client.go
index 1950fe3..3567127 100644
--- a/client.go
+++ b/client.go
@@ -710,6 +710,8 @@ func (c *Client) CopyImage(image string, dest *Client, copy_aliases bool, aliase
go dest.Monitor([]string{"operation"}, handler)
}
+ fingerprint := info.Fingerprint
+
for _, addr := range addresses {
sourceUrl := "https://" + addr
@@ -723,11 +725,18 @@ func (c *Client) CopyImage(image string, dest *Client, copy_aliases bool, aliase
operation = resp.Operation
- err = dest.WaitForSuccess(resp.Operation)
+ op, err := dest.WaitForSuccessOp(resp.Operation)
if err != nil {
return err
}
+ if op.Metadata != nil {
+ value, err := op.Metadata.GetString("fingerprint")
+ if err == nil {
+ fingerprint = value
+ }
+ }
+
break
}
@@ -739,7 +748,7 @@ func (c *Client) CopyImage(image string, dest *Client, copy_aliases bool, aliase
if copy_aliases {
for _, alias := range info.Aliases {
dest.DeleteAlias(alias.Name)
- err = dest.PostAlias(alias.Name, alias.Description, info.Fingerprint)
+ err = dest.PostAlias(alias.Name, alias.Description, fingerprint)
if err != nil {
return fmt.Errorf("Error adding alias %s: %s", alias.Name, err)
}
@@ -749,7 +758,7 @@ func (c *Client) CopyImage(image string, dest *Client, copy_aliases bool, aliase
/* add new aliases */
for _, alias := range aliases {
dest.DeleteAlias(alias)
- err = dest.PostAlias(alias, alias, info.Fingerprint)
+ err = dest.PostAlias(alias, alias, fingerprint)
if err != nil {
return fmt.Errorf("Error adding alias %s: %s\n", alias, err)
}
@@ -1864,6 +1873,19 @@ func (c *Client) WaitForSuccess(waitURL string) error {
return fmt.Errorf(op.Err)
}
+func (c *Client) WaitForSuccessOp(waitURL string) (*shared.Operation, error) {
+ op, err := c.WaitFor(waitURL)
+ if err != nil {
+ return nil, err
+ }
+
+ if op.StatusCode == shared.Success {
+ return op, nil
+ }
+
+ return op, fmt.Errorf(op.Err)
+}
+
func (c *Client) RestoreSnapshot(container string, snapshotName string, stateful bool) (*Response, error) {
if c.Remote.Public {
return nil, fmt.Errorf("This function isn't supported by public remotes.")
From fcd0f83452184ef0a3edf9752b110ae137c5dd27 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Mon, 27 Jun 2016 19:16:38 -0400
Subject: [PATCH 2/2] doc: Fix certificates json examples
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
doc/rest-api.md | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/doc/rest-api.md b/doc/rest-api.md
index 3db16a2..4c1b10c 100644
--- a/doc/rest-api.md
+++ b/doc/rest-api.md
@@ -310,7 +310,7 @@ Input:
{
"type": "client", # Certificate type (keyring), currently only client
"certificate": "PEM certificate", # If provided, a valid x509 certificate. If not, the client certificate of the connection will be used
- "name": "foo" # An optional name for the certificate. If nothing is provided, the host in the TLS header for the request is used.
+ "name": "foo", # An optional name for the certificate. If nothing is provided, the host in the TLS header for the request is used.
"password": "server-trust-password" # The trust password for that server (only required if untrusted)
}
@@ -325,7 +325,8 @@ Output:
{
"type": "client",
- "certificate": "PEM certificate"
+ "certificate": "PEM certificate",
+ "name": "foo",
"fingerprint": "SHA256 Hash of the raw certificate"
}
More information about the lxc-devel
mailing list