Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Repository.writeall() may not need to write all dirty roles #964

Closed
lukpueh opened this issue Dec 2, 2019 · 2 comments
Closed

Repository.writeall() may not need to write all dirty roles #964

lukpueh opened this issue Dec 2, 2019 · 2 comments

Comments

@lukpueh
Copy link
Member

lukpueh commented Dec 2, 2019

Description of issue or feature request:

TUF marks roles as dirty if they are changed in roledb. This information is then used by writeall to update role metadata on disk. But not all changes in roledb require updating metadata on disk. E.g. loading a signing key does not.

Current behavior:
At least one function, i.e. load_signing_key marks a role as dirty, although it shouldn't update the corresponding metadata on disk.

Expected behavior:
Reliably track the state of the repository in memory and on disk to know if role metadata needs to be updated. Also see #958.
lukpueh added a commit to lukpueh/tuf that referenced this issue Dec 2, 2019
@lukpueh
doc: Explicitly mark roles dirty in tutorial
1e3d5a7 
TUF does not reliably mark roles as dirty whose metadata needs
to be re-generated.

Only roles that have changed are marked as dirty, but sometimes
roles metadata needs to be updated, although the role wasn't
changed directly (see theupdateframework#958).

Furthermore, the tutorial assumes at one point that the reader
leaves and re-enter the interpreter session, being forced to reload the
signing keys, roles that later need to be re-written, are marked as
dirty. If the reader does not leave the interpreter, the roles are
not marked as dirty (see theupdateframework#964).

To not confuse the reader with flawed state-keeping, and to never
write an inconsistent repository to disk, the tutorial lets the
reader explicitly mark all roles that need to be re-written as
"dirty".

This can be changed once above issues are fixed.

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
@lukpueh
Copy link
Member Author

lukpueh commented Dec 2, 2019

When fixing this issue, we may remove the explicit mark_dirty()-calls in the tutorial code snippets (and the comments that point to this issue and to #958). Ideally writeall() will know by itself which metadata to update.

lukpueh added a commit that referenced this issue Dec 11, 2019
@lukpueh
doc: Explicitly mark roles dirty in tutorial
8154055 
TUF does not reliably mark roles as dirty whose metadata needs
to be re-generated.

Only roles that have changed are marked as dirty, but sometimes
roles metadata needs to be updated, although the role wasn't
changed directly (see #958).

Furthermore, the tutorial assumes at one point that the reader
leaves and re-enter the interpreter session, being forced to reload the
signing keys, roles that later need to be re-written, are marked as
dirty. If the reader does not leave the interpreter, the roles are
not marked as dirty (see #964).

To not confuse the reader with flawed state-keeping, and to never
write an inconsistent repository to disk, the tutorial lets the
reader explicitly mark all roles that need to be re-written as
"dirty".

This can be changed once above issues are fixed.

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
lukpueh added a commit that referenced this issue Dec 16, 2019
@lukpueh
doc: Explicitly mark roles dirty in tutorial
7e8b7e5 
TUF does not reliably mark roles as dirty whose metadata needs
to be re-generated.

Only roles that have changed are marked as dirty, but sometimes
roles metadata needs to be updated, although the role wasn't
changed directly (see #958).

Furthermore, the tutorial assumes at one point that the reader
leaves and re-enter the interpreter session, being forced to reload the
signing keys, roles that later need to be re-written, are marked as
dirty. If the reader does not leave the interpreter, the roles are
not marked as dirty (see #964).

To not confuse the reader with flawed state-keeping, and to never
write an inconsistent repository to disk, the tutorial lets the
reader explicitly mark all roles that need to be re-written as
"dirty".

This can be changed once above issues are fixed.

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
@lukpueh lukpueh mentioned this issue Mar 11, 2020
Merged
3 tasks
@joshuagl joshuagl mentioned this issue May 19, 2020
Closed
@sechkova sechkova mentioned this issue May 27, 2020
Closed
3 tasks
@joshuagl joshuagl added this to the Refactor milestone Jul 7, 2020
@joshuagl joshuagl removed this from the Refactor milestone Sep 8, 2020
@lukpueh lukpueh mentioned this issue Mar 9, 2021
Merged
17 tasks
@jku
Copy link
Member

jku commented Feb 16, 2022

Closing this issue as it was filed against (what is now known as) the legacy codebase: issue seems to not be relevant anymore. Please re-open or file a new issue if you feel that the issue is revelant to current python-tuf.

More details

Current source code (and upcoming 1.0 release) only contains the modern components

  • a low-level Metadata API (tuf.api) and
  • tuf.ngclient that implements the client workflow,

Legacy components (e.g. tuf.client, tuf.repository_tool, tuf.repository_lib as well as the repo and client scripts) are no longer included. See announcement and API reference for more details.

@jku jku closed this as completed Feb 16, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@jku @lukpueh @joshuagl