Skip to content

Commit 7731e4f

Browse files
joshuagljoshuagl
committed
Describe adding targets to a repository
Add a sub=section to the "Repository operations" section of the specification which describes how updates should occur on the repository side when adding or updating targets metadata. Based on the text in PEP 458: https://github.com/python/peps/blob/master/pep-0458.txt#L1008-L1019 Signed-off-by: Joshua Lock <jlock@vmware.com>
1 parent 1211c96 commit 7731e4f

File tree

1 file changed

+45
-0
lines changed

1 file changed

+45
-0
lines changed

tuf-spec.md

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1620,6 +1620,51 @@ so that outdated clients can update to the latest available root.
16201620

16211621
See [[#detailed-client-workflow]] for more details.
16221622

1623+
## Adding and updating targets ## {#adding-updating-targets}
1624+
1625+
The following subsections describe how to update metadata on the repository
1626+
when adding targets to the repository, or updating existing targets.
1627+
1628+
### Update targets metadata ### {#update-targets-metadata}
1629+
1630+
1. Add the new (or update an existing) <a>TARGETS</a> object in the relevant
1631+
targets metadata (either the top-level targets metadata, or a delegated
1632+
targets metadata).
1633+
2. Increment the <a for="role">VERSION</a> number in the updated targets
1634+
metadata.
1635+
3. Sign the updated targets metadata with at least a <a>THRESHOLD</a> of keys
1636+
for the associated targets role (either the top-level targets role, or a
1637+
delegated targets role).
1638+
4. Write the updated targets metadata, ensuring the targets metadata filename is
1639+
prefixed with the <a for="role">VERSION</a> number if consistent snapshots
1640+
are enabled for the repository.
1641+
1642+
### Update snapshot metadata ### {#update-snapshot-metadata}
1643+
1644+
1. Update the <a for="metapath">VERSION</a> number and, when in use,
1645+
<a for="metapath">LENGTH</a> and <a for="metapath">HASHES</a> for any targets
1646+
metadata modified during [[#update-targets-metadata]] within the
1647+
<a>METAFILES</a> object of the snapshot metadata.
1648+
2. Increment the <a for="role">VERSION</a> number of the snapshot metadata.
1649+
3. Sign the snapshot metadata with at least a <a>THRESHOLD</a> of keys for the
1650+
snapshot role.
1651+
4. Write the updated snapshot metadata, ensuring the snapshot metadata filename
1652+
is prefixed with the <a for="role">VERSION</a> number if consistent
1653+
snapshots are enabled for the repository.
1654+
1655+
### Update timestamp metadata ### {#update-timestamp-metadata}
1656+
1657+
1. Update the <a for="metapath">VERSION</a> and, when in use, the
1658+
<a for="metapath">LENGTH</a> and <a for="metapath">HASHES</a> for the
1659+
snapshot metadata within the <a>METAFILES</a> object of the timestamp
1660+
metadata.
1661+
2. Increment the <a for="role">VERSION</a> number of the timestamp metadata.
1662+
3. Sign the timestamp metadata with at least a <a>THRESHOLD</a> of keys for the
1663+
timestamp role.
1664+
4. Write the updated timestamp metadata, ensuring the timestamp metadata
1665+
filename is prefixed with the <a for="role">VERSION</a> number if consistent
1666+
snapshots are enabled for the repository.
1667+
16231668
# Future directions and open questions # {#future-directions-and-open-questions}
16241669

16251670
## Support for bogus clocks ## {#support-for-bogus-clocks}

0 commit comments

Comments
 (0)