Closed jku closed 1 year ago
Issue is on _get_signing_status()
: this function uses self._get_keys(rolename)
to collect the signing keys but this gives the correct answer for the signing event metadata (so the new proposed signers), not for the currently valid root.
in signer the same issue was solved by making get_keys a bit more complex:
def _get_keys(self, role: str, known_good:bool = False) -> list[Key]:
"""Return public keys for delegated role
If known_good is True, use the keys defined in known good delegator.
Otherwise use keys defined in the signing event delegator.
"""
Same should work here
Starting point is a repository with a single signer. A new user adds themselves as a root signer in a signing event. Status says:
root is not yet verified. It is signed by 1/2 (1/1) signers (@-someotheruser).
https://github.com/jku/yet-another-test-repo/issues/10The badly worded message is trying to document signers from the proposed new metadata and the current root:
1/2 (1/1)
means 1 out of 2 proposed new signers have signed, 1 out of 1 of current signers have signed. This should actually be1/2 (0/1)
as the current root signer has not signed yet.