theupdateframework
Improve API for setting metadata version of delegated roles
The repo API includes functions for setting the version () of top-level metadata through:
func (r *Repo) SetTimestampVersion(v int64) error {}
func (r *Repo) SetRootVersion(v int64) error {}
func (r *Repo) SetTargetsVersion(v int64) error {}
func (r *Repo) SetSnapshotVersion(v int64) error {}
func (r *Repo) SetTimestampVersion(v int64) error {}
However, we do not yet provide any API for modifying the version of delegated targets roles. This absence of API results in go-tuf users having to implement functions which modify the version number in a file IFF that file isn't a top-level role, for example: https://github.com/sigstore/root-signing/pull/417
We should provide a function to set the version number in a delegated targets role metadata, something like:
func (r *Repo) SetDelegatedTargetsVersion(metaName string, v int64) error {}
How related do you think this is to a sign command that updates the expiration and therefore the version?
That's the main use-case for this command: a metadata refresh near expiration.
I'm mostly referring to:
I think we should have separate
UpdateDelegatedRole...functions for modification.Originally posted by @ethan-lowman-dd in https://github.com/theupdateframework/go-tuf/issues/330#issuecomment-1170077905
I think it's worth considering any proposed changes to the interface for interacting with delegations together.
I think we should have separate UpdateDelegatedRole... functions for modification.
I think versions & expiration are separate from properties of delegated roles: I think I wouldn't use UpdateDelegatedRole to a new version, but I might change the role prpoerties itself. Versions and expirations are properties of refreshing or updating all types of metadata, which is why I see them as different
:/ Ahhhhh how I wish there were repository API models!
Closing since the code base changed and this is no longer valid.
Thanks for raising this 👍
