-
Notifications
You must be signed in to change notification settings - Fork 114
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for file based remote stores for airgap mode. #715
Conversation
theupdateframework/go-tuf#397 sigstore/sigstore#715 Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks, changes lgtm. Agree this is majorly useful, even for test cases. I'll head over to go-tuf to review that PR when it's ready
theupdateframework/go-tuf#397 sigstore/sigstore#715 Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
FWIW, this has been wired in through sigstore here: And finally in scaffolding I use a local filesystem based custom TUF root here: https://github.com/sigstore/scaffolding/actions/runs/3139401394/jobs/5099778521 |
Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice!!
theupdateframework/go-tuf#397 sigstore/sigstore#715 Signed-off-by: Ville Aikas <vaikas@chainguard.dev>
Signed-off-by: Ville Aikas vaikas@chainguard.dev
Summary
Add support for TUF remote that's backed by local filesystem, or anything that implements golang io/fs.FS. Motivation is to support airgapped environments which can not fetch from HTTP remotes.
This is to pick up: theupdateframework/go-tuf#397
Release Note
Documentation
Add support for specifying file:// based remote TUF mirror. Add support for airgap mode by bringing in the root via filesystem .