As 'repository_tool' and 'repository_lib' are being deprecated,
hash bin delegation interfaces are no longer available in this
implementation. The example code in this file demonstrates how to
easily implement those interfaces, and how to use them together
with the TUF metadata API, to perform hash bin delegation.
Note, the hash bin delegation logic in this example is largely
copied from repository_{lib, tool}, and modernized and simplified
for this purpose.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
The examples folder currently contains a repository example and it's
good if we start linting its content and as a result add type
annotations.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
As 'repository_tool' and 'repository_lib' are being deprecated,
repository metadata must to be created and maintained manually
using the low-level Metadata API. The added example code shall
serve as temporary replacement until a new repository tool is
available.
The sample code contains the following repo workflows:
- creation of top-level metadata
- target file handling
- consistent snapshots
- key management
- top-level delegation and signing thresholds
- target delegation
- in-band and out-of-band metadata signing
- writing and reading metadata files
- root key rotation
Co-authored-by: Teodora Sechkova <tsechkova@vmware.com>
Co-authored-by: Joshua Lock <jlock@vmware.com>
Co-authored-by: Jussi Kukkonen <jku@goto.fi>
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
