-
Notifications
You must be signed in to change notification settings - Fork 275
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
support updating individual metadata upon addition of target file #1048
Comments
Hopefully, this is not too hard to do. Happy to help on weeknights and weekends. |
We have to decide if we make this a stand-alone tool, or integrate it with the current repo_tool + repo_lib + roledb + keydb stack, or if we do a combination of both. That latter seems the most feasible for PEP 485 work. I am thinking of something like a "detached head mode" (apologies for the subpar analogy), where we use some of the existing infrastructure, but don't interfere with functions like If we go for a stand-alone tool, we should make use of the thoughts @joshuagl, @sechkova and I have jotted down with the goal to clean up above mentioned stack: https://docs.google.com/document/d/13cY0MD3uzwFYGnj_GkPS_rwvDEzzNpDu6cteyeYP6fY |
@woodruffw @lukpueh @joshuagl @sechkova @MVrachev @mnm678 @SantiagoTorres Will and I sketched what we hope is a super-simple API for a TUF repo... WDYT? |
I will start hacking on this |
Move repository_tool._find_bin_for_hash() and helper functions it uses to non-protected functions in repository_lib. These functions will be useful to adopters using the WIP low-level API for updating metadata files (see theupdateframework#1048) Signed-off-by: Joshua Lock <[email protected]>
Move repository_tool._find_bin_for_hash() and helper functions it uses to non-protected functions in repository_lib. _find_bin_for_hash() becomes find_bin_for_target_hash() These functions will be useful to adopters using the WIP low-level API for updating metadata files (see theupdateframework#1048) Signed-off-by: Joshua Lock <[email protected]>
WIP in #1112 |
For the purposes of the PEP 458 integration this has been resolved by the merging of #1112. |
The repository_tool and the underlying repository_lib and roledb modules seem to live on the assumption that all roles (top-level roles and delegated targets roles) are required in memory.
In large repositories, and this is the case for the implementation of PEP 458, it might not be feasible nor necessary to load and/or have the entire repository metadata in memory at all times.
To be more specific, during ongoing operations, when adding a new target file the following operations are required:
The repository tool should provide API function to support above activities without requiring any other TUF metadata on disk or in memory.
The text was updated successfully, but these errors were encountered: