Skip to content

Commit 6ae3ea6

Browse files
sechkovasechkova
committed
Add TOP_LEVEL_ROLES as a global variable
Add TOP_LEVEL_ROLES as a global variable in roledb. Signed-off-by: Teodora Sechkova <[email protected]>
1 parent a69208c commit 6ae3ea6

File tree

4 files changed

+11
-11
lines changed

4 files changed

+11
-11
lines changed

tuf/client/updater.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -755,7 +755,7 @@ def __init__(self, repository_name, repository_mirrors):
755755

756756
# Load current and previous metadata.
757757
for metadata_set in ['current', 'previous']:
758-
for metadata_role in ['root', 'targets', 'snapshot', 'timestamp']:
758+
for metadata_role in tuf.roledb.TOP_LEVEL_ROLES:
759759
self._load_metadata_from_file(metadata_set, metadata_role)
760760

761761
# Raise an exception if the repository is missing the required 'root'
@@ -2435,7 +2435,7 @@ def all_targets(self):
24352435
# all roles available on the repository.
24362436
delegated_targets = []
24372437
for role in tuf.roledb.get_rolenames(self.repository_name):
2438-
if role in ['root', 'snapshot', 'targets', 'timestamp']:
2438+
if role in tuf.roledb.TOP_LEVEL_ROLES:
24392439
continue
24402440

24412441
else:

tuf/repository_lib.py

Lines changed: 5 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -175,7 +175,7 @@ def _generate_and_write_metadata(rolename, metadata_filename,
175175
else:
176176
logger.debug('Not incrementing ' + repr(rolename) + '\'s version number.')
177177

178-
if rolename in ['root', 'targets', 'snapshot', 'timestamp'] and not allow_partially_signed:
178+
if rolename in tuf.roledb.TOP_LEVEL_ROLES and not allow_partially_signed:
179179
# Verify that the top-level 'rolename' is fully signed. Only a delegated
180180
# role should not be written to disk without full verification of its
181181
# signature(s), since it can only be considered fully signed depending on
@@ -394,18 +394,15 @@ def _delete_obsolete_metadata(metadata_directory, snapshot_metadata,
394394
else:
395395
logger.debug(repr(metadata_role) + ' found in the snapshot role.')
396396

397-
398-
399397
# Strip metadata extension from filename. The role database does not
400398
# include the metadata extension.
401399
if metadata_role.endswith(METADATA_EXTENSION):
402400
metadata_role = metadata_role[:-len(METADATA_EXTENSION)]
403-
404401
else:
405402
logger.debug(repr(metadata_role) + ' does not match'
406403
' supported extension ' + repr(METADATA_EXTENSION))
407404

408-
if metadata_role in ['root', 'targets', 'snapshot', 'timestamp']:
405+
if metadata_role in tuf.roledb.TOP_LEVEL_ROLES:
409406
logger.debug('Not removing top-level metadata ' + repr(metadata_role))
410407
return
411408

@@ -850,7 +847,7 @@ def get_delegated_roles_metadata_filenames(metadata_directory,
850847
continue
851848

852849
# Skip top-level roles, only interested in delegated roles.
853-
if metadata_name in ['root', 'snapshot', 'targets', 'timestamp']:
850+
if metadata_name in tuf.roledb.TOP_LEVEL_ROLES:
854851
continue
855852

856853
# Prevent reloading duplicate versions if consistent_snapshot is True
@@ -1131,7 +1128,7 @@ def generate_root_metadata(version, expiration_date, consistent_snapshot,
11311128
# Extract the role, threshold, and keyid information of the top-level roles,
11321129
# which Root stores in its metadata. The necessary role metadata is generated
11331130
# from this information.
1134-
for rolename in ['root', 'targets', 'snapshot', 'timestamp']:
1131+
for rolename in tuf.roledb.TOP_LEVEL_ROLES:
11351132

11361133
# If a top-level role is missing from 'tuf.roledb.py', raise an exception.
11371134
if not tuf.roledb.role_exists(rolename, repository_name):
@@ -1507,7 +1504,7 @@ def generate_snapshot_metadata(metadata_directory, version, expiration_date,
15071504
# snapshot and timestamp roles are not listed in snapshot.json, do not
15081505
# list these roles found in the metadata directory.
15091506
if tuf.roledb.role_exists(rolename, repository_name) and \
1510-
rolename not in ['root', 'snapshot', 'timestamp', 'targets']:
1507+
rolename not in tuf.roledb.TOP_LEVEL_ROLES:
15111508
fileinfodict[metadata_name] = get_metadata_versioninfo(rolename,
15121509
repository_name)
15131510

tuf/repository_tool.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -295,7 +295,7 @@ def writeall(self, consistent_snapshot=False, use_existing_fileinfo=False):
295295
for dirty_rolename in dirty_rolenames:
296296

297297
# Ignore top-level roles, they will be generated later in this method.
298-
if dirty_rolename in ['root', 'targets', 'snapshot', 'timestamp']:
298+
if dirty_rolename in tuf.roledb.TOP_LEVEL_ROLES:
299299
continue
300300

301301
dirty_filename = os.path.join(self._metadata_directory,

tuf/roledb.py

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -73,6 +73,9 @@
7373
_dirty_roles['default'] = set()
7474

7575

76+
TOP_LEVEL_ROLES = ['root', 'targets', 'snapshot', 'timestamp']
77+
78+
7679
def create_roledb_from_root_metadata(root_metadata, repository_name='default'):
7780
"""
7881
<Purpose>

0 commit comments

Comments
 (0)