Closed ChevronTango closed 1 year ago
@rdimitrov can we get an update on when the latest changes that have been merged in are likely to make it into a release?
@rdimitrov can we get an update on when the latest changes that have been merged in are likely to make it into a release?
Hey, apologies. We decided to cut a release with the old code base this week which will probably happen tomorrow.
When coming up with my solution for AWS KMS signing in https://github.com/theupdateframework/go-tuf/issues/525 I found the add-signature tool quite painful to use as it requires a file with a specific format. Instead it would be useful to be able to either pipe in that file as outlined in https://github.com/theupdateframework/go-tuf/issues/529 or to instead specify the key manually.
I propose the following
the inclusion of the format will help to support users making use of tools like AWS KMS to do their signing and will give us a bit more flexibility going forward
One thing to think about would be how to support backwards compatibility with the current setup that expects a full json file as input. For this I suggest we have
--format
default to "json" which will then cause--key-id
to be redundant and will expect the signature to be a full valid json string as it is now. That way the existing approaches will continue to work as expected.