repo

Documentation

Index

• Variables
• func BumpMetadataVersion(store tuf.LocalStore, name string) error
• func CreateDb(store tuf.LocalStore) (db *verify.DB, thresholds map[string]int, err error)
• func GetDelegatedTargetsFromStore(store tuf.LocalStore, manifest string) (*data.Targets, error)
• func GetMetaFromStore(msg []byte, name string) (interface{}, error)
• func GetPreviousRootFromStore(store tuf.LocalStore) (*data.Root, error)
• func GetRootFromStore(store tuf.LocalStore) (*data.Root, error)
• func GetSignedMeta(store tuf.LocalStore, name string) (*data.Signed, error)
• func GetSigningKeyIDsForRole(name string, store tuf.LocalStore) (map[string]bool, error)
• func GetTargetsFromStore(store tuf.LocalStore) (*data.Targets, error)
• func IsVersionedManifest(name string) bool
• func MarshalMetadata(v interface{}) ([]byte, error)
• func SetSignedMeta(store tuf.LocalStore, role string, s *data.Signed) error
• func UpdateRoleKeys(repo *tuf.Repo, store tuf.LocalStore, role string, keys []*data.PublicKey, ...) error
• type TargetMetaConfig
  • func SigstoreTargetMetaFromString(b []byte) (*TargetMetaConfig, error)

Variables

var ErrNoPreviousRoot = errors.New("no previous root")

Functions

func BumpMetadataVersion

func BumpMetadataVersion(store tuf.LocalStore, name string) error

BumpMetadataVersion increments the version of the manifest. Note: This does NOT increase expiration! This ONLY handles delegated targets roles! The repo.SetRootVersion, repo.SetTargetsVersion, repo.SetSnapshotVersion, or repo.SetTimestampVersion handle top-level metadata.

func CreateDb

func CreateDb(store tuf.LocalStore) (db *verify.DB, thresholds map[string]int, err error)

func GetDelegatedTargetsFromStore

func GetDelegatedTargetsFromStore(store tuf.LocalStore, manifest string) (*data.Targets, error)

func GetMetaFromStore

func GetMetaFromStore(msg []byte, name string) (interface{}, error)

func GetPreviousRootFromStore

func GetPreviousRootFromStore(store tuf.LocalStore) (*data.Root, error)

func GetRootFromStore

func GetRootFromStore(store tuf.LocalStore) (*data.Root, error)

func GetSignedMeta

func GetSignedMeta(store tuf.LocalStore, name string) (*data.Signed, error)

func GetSigningKeyIDsForRole

func GetSigningKeyIDsForRole(name string, store tuf.LocalStore) (
	map[string]bool, error)

GetSigningKeyIDsForRole returns a map of key IDs for the given role which are valid for signing. When this is a root role, the possible valid signing keys are the previous root role keys (if defined) and the current root role keys.

func GetTargetsFromStore

func GetTargetsFromStore(store tuf.LocalStore) (*data.Targets, error)

func IsVersionedManifest

func IsVersionedManifest(name string) bool

func MarshalMetadata

func MarshalMetadata(v interface{}) ([]byte, error)

func SetSignedMeta

func SetSignedMeta(store tuf.LocalStore, role string, s *data.Signed) error

func UpdateRoleKeys

func UpdateRoleKeys(repo *tuf.Repo, store tuf.LocalStore, role string, keys []*data.PublicKey,
	expiration time.Time) error

UpdateRoleKeys updates the roles keys, and handles the logic for revoking any old keys.

Types

type TargetMetaConfig

type TargetMetaConfig struct {
	Add map[string]*json.RawMessage `json:"add,omitempty"`
	Del map[string]*json.RawMessage `json:"delete,omitempty"`
}

func SigstoreTargetMetaFromString

func SigstoreTargetMetaFromString(b []byte) (*TargetMetaConfig, error)