Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow fetching TUF root from HTTP #1185

Merged
merged 1 commit into from
Dec 10, 2021
Merged

Allow fetching TUF root from HTTP #1185

merged 1 commit into from
Dec 10, 2021

Conversation

rgerganov
Copy link
Contributor

This patch allows fetching TUF root from HTTP in addition to GCS. If the
specified mirror is an HTTP link, then HTTPRemoteStore will be used.
Otherwise it defaults to GCS.

@rgerganov rgerganov mentioned this pull request Dec 10, 2021
Closed
hectorj2f
hectorj2f reviewed Dec 10, 2021
View reviewed changes
Copy link
Contributor

@hectorj2f hectorj2f left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@RaD Could you add a test ? So we can validate both use cases.

@hectorj2f
Copy link
Contributor

This PR is related to: #1179

hectorj2f
hectorj2f reviewed Dec 10, 2021
View reviewed changes
Copy link
Contributor

@hectorj2f hectorj2f left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@rgerganov You are also missing to update the command description to be able to use a different mirror in cmd/cosign/cli/initialize.go:
SigStore remote TUF repository is pulled from the GCS mirror at sigstore-tuf-root.

@hectorj2f hectorj2f requested a review from asraa December 10, 2021 13:20
@rgerganov
Copy link
Contributor Author

@rgerganov You are also missing to update the command description to be able to use a different mirror in cmd/cosign/cli/initialize.go: SigStore remote TUF repository is pulled from the GCS mirror at sigstore-tuf-root.

This description is about the default behavior which is not changed (i.e. pulling from GCS)

asraa
asraa reviewed Dec 10, 2021
View reviewed changes
Copy link
Contributor

@asraa asraa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

cmd/cosign/cli/initialize/init.go Outdated Show resolved Hide resolved
@rgerganov
Allow fetching TUF root from HTTP
df2c173 
This patch allows fetching TUF root from HTTP in addition to GCS. If the
specified mirror is an HTTP link, then HTTPRemoteStore will be used.
Otherwise it defaults to GCS.

Signed-off-by: Radoslav Gerganov <rgerganov@vmware.com>
@dlorenc dlorenc merged commit fe3a030 into sigstore:main Dec 10, 2021
@github-actions github-actions bot added this to the v1.4.1 milestone Dec 10, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hectorj2f hectorj2f hectorj2f left review comments

@asraa asraa asraa approved these changes

@dlorenc dlorenc Awaiting requested review from dlorenc

@mattmoor mattmoor Awaiting requested review from mattmoor

Assignees

@rgerganov rgerganov

Labels
None yet
Projects
None yet
Milestone
v1.4.1
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@rgerganov @hectorj2f @asraa @dlorenc