| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
Use `Exec` rather than `Query` to update revoked status
`Query` works with MySQL but `Exec` is needed with sqlite
Test that the key is revoked
Correct column ordering
|
|
|
|
|
|
|
|
|
|
This includes ca-certs in the docker image
Fixes #82
|
|
* Fix the gitlab oauth issue.
* Update for gitlab 11.1+
Versions beyond 11.1 (and possibly a few releases before) use a
different method for delivering tokens. They also have disabled
version 3 of the api.
These changes address that and add a debugging mode for the server
that make it easier to debug issues like this in the future.
* Cleanup of PR.
Updated README. Removed code duplication.
|
|
Split runs into lint/test
Remove go 1.9 - coverage does not work with `./...` and go 1.9
|
|
|
|
|
|
|
|
|
|
Merge server setup and helpers from web.go into server.go
Handlers moved to handlers.go
|
|
- Test against 1.11 rc
- Set timeouts on the http client
- Use gofmt instead of goimports
|
|
|
|
Add `lib.Version` to get updated at build time.
Add --version flags to cashier and cashierd
Send client version in the signing request
Send server version in http response headers and in signing response
Set version at build time
|
|
Microsoft uses JSON Web Tokens (JWT) as OAuth tokens. These can run to many thousands of characters which are too long for TTYs. Work around this by base64-encoding the token and chunk it into smaller pieces.
Closes #70
|
|
|
|
|
|
|
|
This hasn't been enabled in a while due to gRPC limitations
|
|
A config file is not required - don't error if one doesn't exist.
Don't overwrite default options with an empty string.
|
|
- Add `fast_finish` to travis config
- Specify that Go 1.9 is supported
- Additional error checking which was previously missed
- Make the migrations test better
-
|
|
In retrospect a primary key that has no relation to the certificate is preferred to using the certificate KeyID. The KeyID is also very large for a primary index.
This is a moderately tricky migration, especially for SQLite which has no means of altering the table in this fashion - it involves creating the new table and copying the data.
Order of commands also matters - index names are global in SQLite, so the `idx_expires_at` index needs to be created at the correct stages.
For MySQL migration the necessary steps are run as a single alter statement to minimise the risk of leaving the migration in an incomplete state if anything aborts.
When tested on a table with 250,000 rows (MySQL 5.7) the migration took 3 seconds to complete. As certificates will be requested infrequently the risk of prolonged locking is minimal.
|
|
|
|
|
|
|
|
Static content generator finds the root of the git repo and executes from there. Packr will scan subdirs for boxes to be packed.
|
|
|
|
Return an error if the store isn't known, instead of defaulting to a mem store
|
|
|
|
It's currently hard to make changes to the database schema. Use sql-migrate to make incremental changes.
Stop hard-coding the database name (the default is still "certs" for backward-compatibility)
The `automigrate()` function will automatically run pending migrations.
Use a different migration directory per database driver. This carries a cost of duplication, but is easier than creating migrations which will cleanly execute in both SQLite and MySQL.
Migrations are shipped using the packr utility.
|
|
|
|
Makefile:
- Use goimports to format
- Regenerate static files
- Check that the git branch is clean
README:
- Remove section on Docker. To be re-added.
- Link to releases
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Support a message to be passed and logged from client to server
|
|
|
