Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove securesystemslib.settings #219

Closed
joshuagl opened this issue Mar 6, 2020 · 1 comment · Fixed by #772
Closed

Remove securesystemslib.settings #219

joshuagl opened this issue Mar 6, 2020 · 1 comment · Fixed by #772
Labels
legacy Issues related to legacy interfaces (obsolete with #731)

Comments

@joshuagl
Copy link
Collaborator

joshuagl commented Mar 6, 2020

NOTE: this is a meta-bug/milestone.

Description of issue or feature request:

The settings module is a legacy of securesystemslib originating as part of the tuf reference implementation and results in awkward cohesion between securesystemslib and its users.

The settings module is a prime example of this, there are places in securesystemslib where modifying the behaviour of a function requires changing values in securesystemslib.settings, which is non-intuitive. Particularly as many of the settings are only documented as comments in that file.

This meta-bug tracks the goal/milestone of removing securesystemslib.settings and should be linked to smaller, more tractable and more specific issues.

Current behavior:

Users have to modify securesystemslib internal settings, rather than being able to pass all required information as arguments to library functions.

Expected behavior:

Users are not required to modify internal library settings and can pass all required configuration values as arguments to the functions they are using.
@joshuagl joshuagl mentioned this issue Mar 6, 2020
Closed
@JustinCappos
Copy link

Makes sense to me. Thanks for suggesting this!

@joshuagl joshuagl mentioned this issue May 15, 2020
Merged
3 tasks
This was referenced Feb 4, 2021
Merged
Closed
@lukpueh lukpueh mentioned this issue Mar 25, 2021
Closed
lukpueh added a commit to lukpueh/securesystemslib that referenced this issue Feb 9, 2023
@lukpueh
Move and increase gpg command timeout
f349b5c 
Prior to this commit, settings.SUBPROCESS_TIMEOUT=3 (seconds) was
used as default and also to configure timeouts for any subprocess
spawned via the securesystemslib process interface, including
running the gpg command to sign, export keys and check version.

The small timeout regularly lead to test failures on slow test
runners. Furthermore, configuring the timeout via global is bad
practice and error-prone (see secure-systems-lab#219, secure-systems-lab#345).

This patch defines a custom constant, to be used only for gpg
subprocesses and increases its value to 10 seconds.

To override this default, an optional timeout argument will be
added to relevant gpg interfaces in a subsequent commit.

Signed-off-by: Lukas Puehringer <[email protected]>
lukpueh added a commit to lukpueh/securesystemslib that referenced this issue Feb 9, 2023
@lukpueh
Add optional timeout arg to gpg interface
1985ac4 
Prior to this change, configuring timeouts for gpg required
patching the default-specifying global. This is bad practice and
error-prone (see secure-systems-lab#219, secure-systems-lab#345).

To allow overriding default timeout in an intuitive way, this commit
adds optional arguments to the relevant gpg interface functions.

Signed-off-by: Lukas Puehringer <[email protected]>
lukpueh added a commit to lukpueh/securesystemslib that referenced this issue Feb 9, 2023
@lukpueh
Move and increase gpg command timeout
c8a3f73 
Prior to this commit, settings.SUBPROCESS_TIMEOUT=3 (seconds) was
used as default and also to configure timeouts for any subprocess
spawned via the securesystemslib process interface, including
running the gpg command to sign, export keys and check version.

The small timeout regularly lead to test failures on slow test
runners. Furthermore, configuring the timeout via global is bad
practice and error-prone (see secure-systems-lab#219, secure-systems-lab#345).

This patch defines a custom constant, to be used only for gpg
subprocesses and increases its value to 10 seconds.

To override this default, an optional timeout argument will be
added to relevant gpg interfaces in a subsequent commit.

Signed-off-by: Lukas Puehringer <[email protected]>
lukpueh added a commit to lukpueh/securesystemslib that referenced this issue Feb 9, 2023
@lukpueh
Add optional timeout arg to gpg interface
fd3c71f 
Prior to this change, configuring timeouts for gpg required
patching the default-specifying global. This is bad practice and
error-prone (see secure-systems-lab#219, secure-systems-lab#345).

To allow overriding default timeout in an intuitive way, this commit
adds optional arguments to the relevant gpg interface functions.

Signed-off-by: Lukas Puehringer <[email protected]>
lukpueh added a commit to lukpueh/securesystemslib that referenced this issue Feb 10, 2023
@lukpueh
Move and increase gpg command timeout
9b639c1 
Prior to this commit, settings.SUBPROCESS_TIMEOUT=3 (seconds) was
used as default and also to configure timeouts for any subprocess
spawned via the securesystemslib process interface, including
running the gpg command to sign, export keys and check version.

The small timeout regularly lead to test failures on slow test
runners. Furthermore, configuring the timeout via global is bad
practice and error-prone (see secure-systems-lab#219, secure-systems-lab#345).

This patch defines a custom constant, to be used only for gpg
subprocesses and increases its value to 10 seconds.

To override this default, an optional timeout argument will be
added to relevant gpg interfaces in a subsequent commit.

Signed-off-by: Lukas Puehringer <[email protected]>
lukpueh added a commit to lukpueh/securesystemslib that referenced this issue Feb 10, 2023
@lukpueh
Add optional timeout arg to gpg interface
a2f877f 
Prior to this change, configuring timeouts for gpg required
patching the default-specifying global. This is bad practice and
error-prone (see secure-systems-lab#219, secure-systems-lab#345).

To allow overriding default timeout in an intuitive way, this commit
adds optional arguments to the relevant gpg interface functions.

Signed-off-by: Lukas Puehringer <[email protected]>
@lukpueh lukpueh mentioned this issue Mar 15, 2023
Closed
3 tasks
@lukpueh lukpueh mentioned this issue Feb 7, 2024
Closed
@lukpueh lukpueh added legacy Issues related to legacy interfaces (obsolete with #731) and removed enhancement labels Mar 14, 2024
lukpueh added a commit to lukpueh/securesystemslib that referenced this issue Apr 10, 2024
@lukpueh
Remove obsolete settings module
0d4e055 
With the removal of legacy key modules, settings is no longer used or
needed.

fixes secure-systems-lab#219

Signed-off-by: Lukas Puehringer <[email protected]>
@lukpueh lukpueh mentioned this issue Apr 10, 2024
Merged
lukpueh added a commit to lukpueh/securesystemslib that referenced this issue Apr 12, 2024
@lukpueh
Remove obsolete settings module
68046f1 
With the removal of legacy key modules, settings is no longer used or
needed.

fixes secure-systems-lab#219

Signed-off-by: Lukas Puehringer <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
legacy Issues related to legacy interfaces (obsolete with #731)
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Remove legacy key modules, tests and references lukpueh/securesystemslib
3 participants
@lukpueh @JustinCappos @joshuagl