mirrors/redoctober
1
0
Fork 0
mirror of https://github.com/cloudflare/redoctober.git synced 2026-01-09 07:33:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
270 Commits 12 Branches 0 Tags
014590054a950e2f9650aa46dc0372e36b613bf2
Commit Graph

270 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Kyle Isom
014590054a Fix vendoring, round 2. (#166) 
Remove submodule.
 2016-08-10 12:24:36 -07:00
Kyle Isom
e7cb6d7d5e Update vendored packages. (#165) 2016-08-08 14:14:50 -07:00
jkroll-cf
7dacca1d9c Merge pull request #163 from cloudflare/kyle/keycache-interface 
kyle/keycache_feedback
 2016-08-05 16:19:29 -07:00
Kyle Isom
5396cdc899 Address @jkroll-cf's feedback on keycache interface. 
+ persistLabels moved from cryptor to persist package global.
+ Restore now explicitly checks for the case where there aren't enough
  shares to return `ErrRestoreDelegations`.
+ The users responsible for restoring the cache are now logged.
 2016-08-05 15:23:10 -07:00
Kyle Isom
510b7ba9f6 Implementation of a file-backed persistence store. (#160) 
This is a rather large change. It consists of the following changes:

+ Direct access to the keycache has been removed from the core
  package. This forces all interaction with the cache to go
  through the Cryptor, which is required for persistence. The
  Cryptor needs to know when the cache has changed, and the only
  way to do this effectively is to make the Cryptor responsible
  for managing the keycache.

+ A new persist package has been added. This provides a Store
  interface, for which two implementations are provided. The
  first is a null persister: this is used when no persistence
  is configured. The second is a file-backed persistence store.

+ The Cryptor now persists the cache every time it changes.

Additionally, a number of missing returns in a function in the core
package have been added.
 2016-08-04 17:12:08 -07:00
Kyle Isom
1cf72b1f6d Vendor dependencies. (#162) 2016-08-04 15:52:25 -07:00
jkroll-cf
7546ac3c76 Add a CreateUser function to the ro command line tool, to match the one in the client library. Previously, the ro tool mapped user creation onto /create, which is for creating the disk vault and admin user. (#161) 2016-08-04 12:53:09 -07:00
Zi Lin
c230e7a0c9 Merge pull request #157 from cloudflare/kyle/no-merge 
Don't merge configurations.
 2016-07-21 16:06:36 -07:00
Kyle Isom
8735061583 Don't merge configurations. 
In practice, this introduced more problems than it solved.
 2016-07-15 15:38:42 -07:00
Kyle Isom
79eda1eea1 Switch to string fields for key and certificate paths. (#154) 
This simplifies our deployment process, allowing us to use existing
configuration management tools designed for templating command-line
parameters to template the config files in a straightforward manner.
 2016-07-14 09:42:32 -07:00
jkroll-cf
a11d1e51d3 Merge pull request #153 from cloudflare/kyle/status-endpoint 
Add a status endpoint to the server.
 2016-07-13 11:30:09 -07:00
Kyle Isom
cb16b159f3 Add a status endpoint to the server. 
This pull request adds a status endpoint to the Red October server; as
of this pull request, the status endpoint only returns the current
delegation persistence state. The HTTP UI has not been updated, as
this is scoped out for a future request; however, the CLI utility now
features a status command to fetch this information.
 2016-07-13 10:20:06 -07:00
Kyle Isom
941cdb4e96 Initial persistent delegation fields in config file. (#152) 2016-07-08 14:16:09 -07:00
Kyle Isom
a082c88a3c Add support for config files. (#151) 2016-06-29 10:22:53 -07:00
Kyle Isom
8aa5b84f9c Merge pull request #145 from cloudflare/kyle/prometheus 
Add initial prometheus support to redoctober.
 2016-06-08 11:32:17 -07:00
Kyle Isom
a63eaba58f Re-add integration tests. 
This uses the prometheus endpoint to determine whether the redoctober
server has started.
 2016-06-06 13:22:53 -07:00
Kyle Isom
79269824ee Add initial prometheus support to redoctober. 
This doesn't add any redoctober-specific metrics yet; it's primarily
intended to be a healthcheck at this point.
 2016-05-27 14:01:41 -07:00
jkroll-cf
9cf4858c21 Merge pull request #144 from cloudflare/jkroll-cf/copy-profile 
Copy predicate when re-encrypting. Fixes #143.
 2016-05-10 13:19:41 -07:00
Joshua Kroll
ef19255714 Copy predicate when re-encrypting. Fixes #143. 2016-05-06 23:28:21 -07:00
Kyle Isom
f0590e3df8 Merge pull request #141 from cloudflare/kyle/limit-listener 
Remove LimitListener.
 2016-05-06 15:08:26 -07:00
Kyle Isom
31fddde23b Remove LimitListener. 2016-05-06 14:59:35 -07:00
Kyle Isom
2e3c4f4940 Merge pull request #137 from cloudflare/kyle/remove-integration-test 
Remove integration test.
 2016-05-05 18:46:58 -07:00
Kyle Isom
ab9de37fad Remove integration test. 
The servers are unreliable, and an improved test suite should be
built. The tests as they stand now aren't helping.
 2016-05-04 23:27:21 -07:00
Zi Lin
297594b3ac Merge pull request #136 from cloudflare/kyle/no-http2 
redoctober: disable HTTP/2.
 2016-05-04 23:21:36 -07:00
Kyle Isom
6a38dec38d redoctober: disable HTTP/2. 
There is an issue connecting to the HTTPS UI with HTTP/2 support.
Debugging is ongoing, but the immediate fix is to disable HTTP/2.
 2016-05-04 18:32:35 -07:00
Kyle Isom
5b4b4644f8 Merge pull request #135 from APTy/travis-go1.5 
Upgrade to Go 1.5 in Testing
 2016-04-13 11:36:51 -07:00
Tyler J
2200e27fef travis: Upgrade to Go 1.5 and remove install of x/tools/cmd/vet 2016-04-13 10:31:37 -07:00
Kyle Isom
577d9570b1 Merge pull request #132 from jfrazelle/cleanup-some 
moved some things around
 2016-03-11 13:31:13 -08:00
Jessica Frazelle
2e6fdf15c6 add script to validate nothing was changed that needed to re-run go generate 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
 2016-03-09 18:58:08 -08:00
Jessica Frazelle
4340039d5b use go generate so index.html contents are not in redoctober.go 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
 2016-03-09 18:58:05 -08:00
Jessica Frazelle
382a6afe07 move flag parsing into init 
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
 2016-03-09 18:29:05 -08:00
Zi Lin
1aedf3d1b3 Merge pull request #129 from cloudflare/zi/fix-reencrypt 
fix re-encrypt cli tool for new access structure requirement
 2016-02-26 08:31:31 -08:00
Zi Lin
1d61a4511b fix re-encrypt cli tool for new access structure requirement 2016-02-26 08:23:53 -08:00
Zi Lin
7a299a1897 Merge pull request #128 from cloudflare/nick/nodrone 
Remove drone.io badge from README.
 2016-02-22 11:56:12 -08:00
Nick Sullivan
19d3852ff3 Remove drone.io badge from README. 2016-02-19 13:38:30 -08:00
Kyle Isom
8afbf91e09 Merge pull request #127 from cloudflare/zi/fix-minimum 
Access structure should be invalide when Minimum == 0 with non-nil Names
 2016-02-19 11:53:09 -08:00
Kyle Isom
324728f6c8 Merge pull request #126 from cloudflare/zi/owners-request-client-support 
add support to Owners request to server
 2016-02-19 11:52:43 -08:00
Zi Lin
7a806308d3 Access structure should be invalide when Minimum == 0 with non-nil Names 2016-02-19 10:17:45 -08:00
Zi Lin
a03c794895 add support to Owners request to server 2016-02-19 09:50:25 -08:00
Jacob H. Haven
080ee17d75 Merge pull request #124 from pra85/patch-1 
Fix typos in Readme
 2016-02-19 06:39:28 -08:00
Prayag Verma
287b889e64 Fix typos in Readme 
`enviroment` → `environment`
`ecrypted` → `encrypted`
 2016-02-19 13:08:36 +05:30
Kyle Isom
71ddc45764 Merge pull request #123 from ejcx/ej/wrongPort 
Use port 8080...
 2016-02-18 13:04:37 -08:00
ejcx
d4a814fcec Don't use this port. Tests depend on 8080 2016-02-18 13:06:41 -08:00
Nick Sullivan
18b5ac859f Merge pull request #122 from ejcx/nonReqHipchatName 
Don't require a hipchat name
 2016-02-01 19:31:25 -08:00
ejcx
7c95b54aa8 Don't require a hipchat name for create user 2016-02-01 18:41:49 -08:00
Nick Sullivan
8a2a0396f7 Merge pull request #120 from benburkert/simplify-newserver 
redoctober: simplify the NewServer signature
 2016-02-01 17:29:56 -08:00
Nick Sullivan
122b185baf Merge pull request #121 from ejcx/hipchatMessage 
Send a message. Not a notification
 2016-02-01 09:54:42 -08:00
ejcx
c6388feb57 Send a message. Not a notification 2016-02-01 09:55:06 -08:00
Ben Burkert
6f8424ad38 redoctober: simplify the NewServer signature 
Remove the unexported type used in the NewServer func so that it may be
used outside this package, which allows for integration style tests that
start an instance of a RO server.

The channel based request locking has been replaced with LimitListener,
which prevents simultaneous handling of TCP connections.
 2016-01-30 00:24:34 +00:00
Nick Sullivan
cac6da28c4 Merge pull request #106 from ejcx/ordermsp 
Add hipchat and ordering support to redoctober
 2016-01-29 15:57:16 -08:00