search

theupdateframework / tuf-on-ci

A TUF repository and signing tool
Other
20 stars 11 forks source link

import: bump timestamp/snapshot for some scheduling leeway #395

Closed jku closed 6 days ago

jku commented 1 month ago

During a repository import there is a scheduling annoyance where the "legacy" repository may still bump timestamp/snapshot while the initial signing event is being constructed. This seems like it sets a tight limit to the initial signing event...

There is a simple solution to this since timestamp/snapshot versions do not have to be sequential (they only have to be increasing): We can just make a significant bump to snapshot and timestamp versions during the import . This ensures a few "legacy updates" won't make the signing event invalid.

jku commented 1 month ago

I've been reviewing the code for this: online-sign should just work as there is no checks that online role versions move sequentially. The "blockers" are:

That said, I think we can handle this by just rebasing the signing event PR when the signing event is ready: I think it just works.

I will test this out in a test repo

jku commented 1 month ago

Wait, I'm actually wrong: We don't need to do anything since the signing-event does not modify online roles* even in the import signing event! So the merge to main should be clean automatically if we don't modify online roles in main... I will still test this but we should be fine

(*) at some point this was not true, and I kept remembering that

jku commented 1 month ago

So the merge to main should be clean automatically if we don't modify online roles in main

Right, playing the update through "on paper" this requirement means:

signing-event PR then merges cleanly and repo should be 100% correct even if legacy online signing happened

jku commented 6 days ago

the process in the last comment worked fine