updater

package

v0.0.0-...-9d6bfa7 Latest Latest Go to latest Published: Jan 31, 2024 License: BSD-2-Clause Imports: 14 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/rdimitrov/go-tuf-metadata

Links

Open Source Insights

Documentation ¶

Index ¶

type Updater
- func New(config *config.UpdaterConfig) (*Updater, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Updater ¶

type Updater struct {
	// contains filtered or unexported fields
}

Client update workflow implementation

The "Updater" provides an implementation of the TUF client workflow (ref. https://theupdateframework.github.io/specification/latest/#detailed-client-workflow). "Updater" provides an API to query available targets and to download them in a secure manner: All downloaded files are verified by signed metadata. High-level description of "Updater" functionality:

Initializing an "Updater" loads and validates the trusted local root metadata: This root metadata is used as the source of trust for all other metadata.
Refresh() can optionally be called to update and load all top-level metadata as described in the specification, using both locally cached metadata and metadata downloaded from the remote repository. If refresh is not done explicitly, it will happen automatically during the first target info lookup.
Updater can be used to download targets. For each target:
GetTargetInfo() is first used to find information about a specific target. This will load new targets metadata as needed (from local cache or remote repository).
FindCachedTarget() can optionally be used to check if a target file is already locally cached.
DownloadTarget() downloads a target file and ensures it is verified correct by the metadata.

func New ¶

func New(config *config.UpdaterConfig) (*Updater, error)

New creates a new Updater instance and loads trusted root metadata

func (*Updater) DownloadTarget ¶

func (update *Updater) DownloadTarget(targetFile *metadata.TargetFiles, filePath, targetBaseURL string) (string, []byte, error)

DownloadTarget downloads the target file specified by targetFile

func (*Updater) FindCachedTarget ¶

func (update *Updater) FindCachedTarget(targetFile *metadata.TargetFiles, filePath string) (string, []byte, error)

FindCachedTarget checks whether a local file is an up to date target

func (*Updater) GetTargetInfo ¶

func (update *Updater) GetTargetInfo(targetPath string) (*metadata.TargetFiles, error)

GetTargetInfo returns metadata.TargetFiles instance with information for targetPath. The return value can be used as an argument to DownloadTarget() and FindCachedTarget(). If Refresh() has not been called before calling GetTargetInfo(), the refresh will be done implicitly. As a side-effect this method downloads all the additional (delegated targets) metadata it needs to return the target information.

func (*Updater) GetTopLevelTargets ¶

func (update *Updater) GetTopLevelTargets() map[string]*metadata.TargetFiles

GetTopLevelTargets returns the top-level target files

func (*Updater) GetTrustedMetadataSet ¶

func (update *Updater) GetTrustedMetadataSet() trustedmetadata.TrustedMetadata

GetTrustedMetadataSet returns the trusted metadata set

func (*Updater) Refresh ¶

func (update *Updater) Refresh() error

Refresh loads and possibly refreshes top-level metadata. Downloads, verifies, and loads metadata for the top-level roles in the specified order (root -> timestamp -> snapshot -> targets) implementing all the checks required in the TUF client workflow. A Refresh() can be done only once during the lifetime of an Updater. If Refresh() has not been explicitly called before the first GetTargetInfo() call, it will be done implicitly at that time. The metadata for delegated roles is not updated by Refresh(): that happens on demand during GetTargetInfo(). However, if the repository uses consistent snapshots (ref. https://theupdateframework.github.io/specification/latest/#consistent-snapshots), then all metadata downloaded by the Updater will use the same consistent repository state.

If UnsafeLocalMode is set, no network interaction is performed, only the cached files on disk are used. If the cached data is not complete, this call will fail.

Source Files ¶

View all Source files

updater.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL