62 lines
2 KiB
Go
62 lines
2 KiB
Go
|
package daemon // import "github.com/docker/docker/daemon"
|
||
|
|
||
|
import (
|
||
|
"os"
|
||
|
|
||
|
"github.com/docker/docker/pkg/ioutils"
|
||
|
"github.com/docker/libtrust"
|
||
|
"github.com/google/uuid"
|
||
|
"github.com/pkg/errors"
|
||
|
"github.com/sirupsen/logrus"
|
||
|
)
|
||
|
|
||
|
// loadOrCreateID loads the engine's ID from idPath, or generates a new ID
|
||
|
// if it doesn't exist. It returns the ID, and any error that occurred when
|
||
|
// saving the file.
|
||
|
//
|
||
|
// Note that this function expects the daemon's root directory to already have
|
||
|
// been created with the right permissions and ownership (usually this would
|
||
|
// be done by daemon.CreateDaemonRoot().
|
||
|
func loadOrCreateID(idPath string) (string, error) {
|
||
|
var id string
|
||
|
idb, err := os.ReadFile(idPath)
|
||
|
if os.IsNotExist(err) {
|
||
|
id = uuid.New().String()
|
||
|
if err := ioutils.AtomicWriteFile(idPath, []byte(id), os.FileMode(0600)); err != nil {
|
||
|
return "", errors.Wrap(err, "error saving ID file")
|
||
|
}
|
||
|
} else if err != nil {
|
||
|
return "", errors.Wrapf(err, "error loading ID file %s", idPath)
|
||
|
} else {
|
||
|
id = string(idb)
|
||
|
}
|
||
|
return id, nil
|
||
|
}
|
||
|
|
||
|
// migrateTrustKeyID migrates the daemon ID of existing installations. It returns
|
||
|
// an error when a trust-key was found, but we failed to read it, or failed to
|
||
|
// complete the migration.
|
||
|
//
|
||
|
// We migrate the ID so that engines don't get a new ID generated on upgrades,
|
||
|
// which may be unexpected (and users may be using the ID for various purposes).
|
||
|
func migrateTrustKeyID(deprecatedTrustKeyPath, idPath string) error {
|
||
|
if _, err := os.Stat(idPath); err == nil {
|
||
|
// engine ID file already exists; no migration needed
|
||
|
return nil
|
||
|
}
|
||
|
trustKey, err := libtrust.LoadKeyFile(deprecatedTrustKeyPath)
|
||
|
if err != nil {
|
||
|
if err == libtrust.ErrKeyFileDoesNotExist {
|
||
|
// no existing trust-key found; no migration needed
|
||
|
return nil
|
||
|
}
|
||
|
return err
|
||
|
}
|
||
|
id := trustKey.PublicKey().KeyID()
|
||
|
if err := ioutils.AtomicWriteFile(idPath, []byte(id), os.FileMode(0600)); err != nil {
|
||
|
return errors.Wrap(err, "error saving ID file")
|
||
|
}
|
||
|
logrus.Info("successfully migrated engine ID")
|
||
|
return nil
|
||
|
}
|