asraa

It likely is! They go hand in hand: https://github.com/sigstore/rekor/pull/956 There's probably another place this is happening.

We may have seen this happen again recently, but I'm trying to pinpoint if it's occuring after the rollout https://github.com/slsa-framework/slsa-verifier/issues/285

> because the process logging the tree heads is the same as the log itself. I thought this watcher was meant for anyone to spin up? I guess I can...

Thanks for starting this! Do you need any help? Happy to set up a chat or a sync

> @asraa It is breaking the signer.go. Should that also be removed? Yes!

> Unless there is some abstraction AFAIK. Enabling a test env var `SIGSTORE_NO_CACHE` disables the filesystem, but the problem is that the filesystem cache has had bugs before (and is...

Hi! What was your reproducing steps and error messages? I can run the go install successfully: ``` $ go install -v github.com/sigstore/rekor/cmd/rekor-cli@latest ```

Some more details: Currently, we use those functions after we create a `verifier` in functionality like `keys.GetVerifier` or a `signer` through `keys.GetSigner` https://github.com/theupdateframework/go-tuf/blob/355e39cb2df220fc3961396a6d0e30bcf2c9ac12/pkg/keys/keys.go#L57-L69 So as long as they're verified during...

How related do you think this is to a sign command that updates the expiration and therefore the version? That's the main use-case for this command: a metadata refresh near...

> I think we should have separate UpdateDelegatedRole... functions for modification. I think versions & expiration are separate from properties of delegated roles: I think I wouldn't use `UpdateDelegatedRole` to...