repository_service_tuf_worker package
Subpackages
Submodules
repository_service_tuf_worker.interfaces module
- class repository_service_tuf_worker.interfaces.IKeyVault[source]
Bases:
ABC
- abstract classmethod configure(settings: LazySettings) IKeyVault [source]
Run actions to verify, configure and create object using the settings.
- classmethod from_dynaconf(settings: LazySettings) None [source]
Run actions to verify and configure using the settings.
- abstract classmethod settings() List[ServiceSettings] [source]
Define all the ServiceSettings required in settings.
- class repository_service_tuf_worker.interfaces.IStorage[source]
Bases:
ABC
- abstract classmethod configure(settings: LazySettings) IStorage [source]
Run actions to verify, configure and create object using the settings.
- classmethod from_dynaconf(settings: LazySettings) None [source]
Run actions to verify and configure using the dynaconf settings.
- abstract get(rolename: str, version: Optional[int]) Metadata[T] [source]
Return metadata from specific role name, optionally specific version (latest if None).
- abstract put(file_data: bytes, filename: str) None [source]
Stores file bytes within a file with a specific filename.
- abstract classmethod settings() List[ServiceSettings] [source]
Define all the ServiceSettings required in settings.
repository_service_tuf_worker.repository module
- class repository_service_tuf_worker.repository.MetadataRepository[source]
Bases:
object
A repository service to create and maintain TUF role metadata.
- add_targets(payload: Dict[str, Any], update_state: update_state) Optional[Dict[str, Any]] [source]
Add or update the new target in the SQL DB and submit the task for update_targets
Check the target(s) in the SQL DB; if it doesn’t exist, create a new entry or update it as not published. After changing the SQL DB submit a new publish_target task. This function will wait until all the targets are published.
- bootstrap(payload: Dict[str, Any], update_state: Optional[update_state] = None) Dict[str, Any] [source]
Bootstrap the Metadata Repository
- bump_online_roles(force: Optional[bool] = False) bool [source]
Bump online roles (Snapshot, Timestamp, Targets and BINS).
- Args:
- force: force target roles bump if they don’t match the hours before
expire (self._hours_before_expire)
- bump_snapshot(force: Optional[bool] = False)[source]
Bumps version and expiration date of TUF ‘snapshot’ role metadata.
The version number is incremented by one, the expiration date renewed using a configured expiration interval, and the metadata is signed and persisted using the configured key and storage services.
Updating ‘snapshot’ also updates ‘timestamp’.
- Args:
- force: force snapshot bump if it doesn’t match the hours before
expire (self._hours_before_expire)
- classmethod create_service() MetadataRepository [source]
Class Method for MetadataRepository service creation.
- delete_sign_metadata(payload: Dict[str, Any], update_state: Optional[update_state] = None) Dict[str, Any] [source]
- metadata_rotation(payload: Dict[Literal['metadata'], Dict[Literal['root'], Any]], update_state: Optional[update_state] = None) Dict[str, Any] [source]
- metadata_update(payload: Dict[Literal['metadata'], Dict[Literal['root'], Any]], update_state: Optional[update_state] = None) Dict[str, Any] [source]
Update TUF metadata.
- Args:
- payload: contains new metadata
Supported metadata types: Root example: {“metadata”: {“root”: Any}}
update_state: not used, but required argument by app.py
- publish_targets(payload: Optional[Dict[str, Any]] = None, update_state: Optional[update_state] = None)[source]
Publish targets as persistent TUF Metadata in the backend storage, updating Snapshot and Timestamp.
- refresh_settings(worker_settings: Optional[LazySettings] = None)[source]
Refreshes the MetadataRepository settings.
- remove_targets(payload: Dict[str, Any], update_state: update_state) Dict[str, Any] [source]
Remove targets from the metadata roles.
- save_settings(root: Metadata[Root], settings: Dict[str, Any])[source]
Save settings to the repository settings.
- Args:
root: Root metadata settings: payload settings
- sign_metadata(payload: Dict[str, Any], update_state: Optional[update_state] = None) Dict[str, Any] [source]
Add signature to metadata for pending signing event.
Add signature (from payload) to cached root metadata (from settings), if a signing event exists, and the signature is valid.
Signing event types are ‘bootstrap’ or ‘metadata update’.
If the signature threshold is reached, the signing event is finalized, otherwise it remains in pending state.
- update_settings(payload: Dict[str, Any], update_state: Optional[update_state] = None) Dict[str, Any] [source]
Update repository settings with the new settings.
Supports only updating the expiration policy settings for online roles. Expiration parameters reference: https://repository-service-tuf.readthedocs.io/en/stable/devel/design.html#tuf-repository-settings # noqa
- write_repository_settings(key: str, value: Any)[source]
Writes repository settings.
Repository settings are stored in a dictionary like Dynaconf object and each of them has its own key and value. Additionally, repository settings are persisted in the Redis server so that they can be reused by multiple RSTUF Worker instances.
- Args:
key: key name
value: value for the key
- class repository_service_tuf_worker.repository.Roles(value)[source]
Bases:
Enum
An enumeration.
- BINS = 'bins'
- ROOT = 'root'
- SNAPSHOT = 'snapshot'
- TARGETS = 'targets'
- TIMESTAMP = 'timestamp'
- class repository_service_tuf_worker.repository.TaskName(value)[source]
Bases:
str
,Enum
An enumeration.
- ADD_TARGETS = 'add_targets'
- BOOTSTRAP = 'bootstrap'
- DELETE_SIGN_METADATA = 'delete_sign_metadata'
- METADATA_UPDATE = 'metadata_update'
- PUBLISH_TARGETS = 'publish_targets'
- REMOVE_TARGETS = 'remove_targets'
- SIGN_METADATA = 'sign_metadata'
- UPDATE_SETTINGS = 'update_settings'
- class repository_service_tuf_worker.repository.TaskResult(task: repository_service_tuf_worker.repository.TaskName, status: bool, last_update: datetime.datetime, message: str, error: Optional[str], details: Optional[Dict[str, Any]])[source]
Bases:
object
- details: Optional[Dict[str, Any]]
- error: Optional[str]
- last_update: datetime
- message: str
- status: bool