make bootstrap required and explicit: callers must pass bootstrap=<root_bytes> or bootstrap=None.
also tighten docs, examples, and tests to reflect the explicit trust anchor choice.
Signed-off-by: 1seal <security@1seal.org>
This allows using some more nice annotations from 3.10
while still being compatible with even Python 3.8.
These are all annotation changes, should not modify any functionality.
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
* Remove exectuable flag from a couple of files
* Half of the test files have a shebang (but are
still not executable): remove the shebang
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
Use a "try" block to catch exceptions during failing
subtests and always execute the subtest clean up code.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Reduce the number of function arguments and use
DelegatedRole instead.
When adding a list of delegations to the repository,
move the Targets creation inside the loop to create
a separate Targets object for each delegation.
Create a new Metadata obgect only for delegated roles
which do not exist yet in the repository.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
This commit implements a feature in Repository Simulator to
track the fetch calls to the metadata and targets. This feature was
mentioned in PR #1666 that generated issue #1682.
This commit adds RepositorySimulator.fetch_tracker. It also changes
the tests/test_updater_consistent_snapshot.py to use the
fetch_tracker instead of using mock.
It implements a dataclass that stores the calls to fetch metadata
(_fetch_metadata) in fetch_tracker.metadata and targets
(_fetch_targets) in fetch_tracker.targets.
The fetch calls for metadata, and targets are stored as lists.
Signed-off-by: Kairo de Araujo <kdearaujo@vmware.com>
