Port to securesystemslib with abstract files and directories (securesystemslib PR 232) #1024
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
9 tasks
joshuagl
force-pushed
the
joshuagl/abstract-filesystem
branch
2 times, most recently
from
32b221c
to
37aac14
Compare
3 tasks
Support for compressed files was removed in tuf v0.10.x leaving behind some vestiges like the test logic in test_repository_lib, which is duplicated below and carries a redundant comment, and setting compression on in generate_project_data.py Signed-off-by: Joshua Lock <jlock@vmware.com>
tuf removed support for compressed metadata in v0.10.x, therefore it is confusing to carry comments referring to compressed versions of metadata. Signed-off-by: Joshua Lock <jlock@vmware.com>
Switch to using the new abstract files and directories support in securesystemslib by taking an object which implements securesystemslib.storage.StorageBackendInterface in the Repository constructor, passed in by tuf.repository_tool.create_new_repository() and tuf.repository_tool.load_repository() The Updater class in tuf.client.updater does not specify a storage backend and instead allows the functions in securesystemslib to perform the default action of instantiating a LocalFilesystemBackend, that is the updater does not currently support abstract filesystem backends and always defaults to using local storage. Finally we drop support for tuf.settings.CONSISTENT_METHOD as it's not as clear how different copying modes should work when the details of the underlying storage are abstracted away. Signed-off-by: Joshua Lock <jlock@vmware.com>
Rather than check for the existence of metadata files before trying to load them in _load_top_level_metadata, we should just try and load them. This is more idiomatic Python through employing EAFP (Easier to Ask Forgiveness than Permission) principles. Signed-off-by: Joshua Lock <jlock@vmware.com>
joshuagl
force-pushed
the
joshuagl/abstract-filesystem
branch
from
37aac14
to
3cad2c8
Compare
|
Now that we have a securesystemslib release with the |
mnm678
approved these changes
May 19, 2020
joshuagl
force-pushed
the
joshuagl/abstract-filesystem
branch
from
a4193c1
to
40a81bb
Compare
woodruffw
reviewed
May 19, 2020
The specification lists four fundamental roles: root, targets, snapshot and timestamp. Loading a repository where those roles are not present should not be supported, therefore convert debug messages on the absence of metadata files for these fundamental roles into a RepositoryError exception. Signed-off-by: Joshua Lock <jlock@vmware.com>
Utilise the abstract files and directories support to enable generating targets metadata for files which aren't necessarily locally accessible, rather than requiring that metadata for non-local files be provided via existing fileinfo structures. Signed-off-by: Joshua Lock <jlock@vmware.com>
We need the recently released securesystemslib 0.15.0 or newer for abstract storage support. Signed-off-by: Joshua Lock <jlock@vmware.com>
joshuagl
force-pushed
the
joshuagl/abstract-filesystem
branch
from
40a81bb
to
be3c541
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Please fill in the fields below to submit a pull request. The more information
that is provided, the better.
Fixes issue #: this PR encapsulates step three of #1009
Description of the changes being introduced by the pull request:
tuf.settings.CONSISTENT_METHODNOTE: this change shouldn't land until we've merged secure-systems-lab/securesystemslib#232 and made a release.
UPDATE: prior to this PR
_delete_obsolete_metadata()wouldos.walk()the metadata directory, thus picking up any metadata files in subdirectories of the metadata directory. The change in this PR to uselist_folder()from theStorageBackendInterfacemeans that should there be any sub-directories of the metadata directory which contain metadata, the metadata in those directories would not be removed by the changed version of_delete_obsolete_metadata().This should not be a problem because, by default, all metadata files exist as children of the metadata directory, rather than in subdirectories.
Please verify and check that the pull request fulfils the following
requirements: