var (
ErrNoRootKeys = errors.New("tuf: no root keys found in local meta store")
ErrInsufficientKeys = errors.New("tuf: insufficient keys to meet threshold")
ErrNoLocalSnapshot = errors.New("tuf: no snapshot stored locally")
)
var DefaultHTTPRetries = &HTTPRemoteRetries{ Delay: time.Second, Total: 10 * time.Second, }
func IsNotFound(err error) bool
Client provides methods for fetching updates from a remote repository and downloading remote target files.
type Client struct {
// MaxDelegations limits by default the number of delegations visited for any
// target
MaxDelegations int
// MaxRootRotations limits the number of downloaded roots in 1.0.19 root updater
MaxRootRotations int
// contains filtered or unexported fields
}
func NewClient(local LocalStore, remote RemoteStore) *Client
func (c *Client) Download(name string, dest Destination) (err error)
Download downloads the given target file from remote storage into dest.
dest will be deleted and an error returned in the following situations:
func (c *Client) Init(rootJSON []byte) error
Init initializes a local repository from root metadata.
The root's keys are extracted from the root and saved in local storage. Root expiration is not checked. It is expected that rootJSON was securely distributed with the software being updated.
func (c *Client) Target(name string) (data.TargetFileMeta, error)
Target returns the target metadata for a specific target if it exists, searching from top-level level targets then through all delegations. If it does not, ErrNotFound will be returned.
func (c *Client) Targets() (data.TargetFiles, error)
Targets returns the complete list of available top-level targets.
func (c *Client) Update() (data.TargetFiles, error)
Update downloads and verifies remote metadata and returns updated targets. It always performs root update (5.2 and 5.3) section of the v1.0.19 spec.
https://theupdateframework.github.io/specification/v1.0.19/index.html#load-trusted-root
func (c *Client) UpdateRoots() error
func (c *Client) VerifyDigest(digest string, digestAlg string, length int64, path string) error
type Destination interface {
io.Writer
Delete() error
}
type ErrDecodeFailed struct {
File string
Err error
}
func (e ErrDecodeFailed) Error() string
type ErrDownloadFailed struct {
File string
Err error
}
func (e ErrDownloadFailed) Error() string
type ErrInvalidURL struct {
URL string
}
func (e ErrInvalidURL) Error() string
type ErrMaxDelegations struct {
Target string
MaxDelegations int
SnapshotVersion int64
}
func (e ErrMaxDelegations) Error() string
type ErrMetaTooLarge struct {
Name string
Size int64
MaxSize int64
}
func (e ErrMetaTooLarge) Error() string
type ErrMissingRemoteMetadata struct {
Name string
}
func (e ErrMissingRemoteMetadata) Error() string
type ErrNotFound struct {
File string
}
func (e ErrNotFound) Error() string
type ErrRoleNotInSnapshot struct {
Role string
SnapshotVersion int64
}
func (e ErrRoleNotInSnapshot) Error() string
type ErrUnknownTarget struct {
Name string
SnapshotVersion int64
}
func (e ErrUnknownTarget) Error() string
type ErrWrongSize struct {
File string
Actual int64
Expected int64
}
func (e ErrWrongSize) Error() string
type FileRemoteStore struct {
// contains filtered or unexported fields
}
func NewFileRemoteStore(fsys fs.FS, targetDir string) (*FileRemoteStore, error)
FileRemoteStore provides a RemoteStore interface compatible implementation that can be used where the RemoteStore is backed by a fs.FS. This is useful for example in air-gapped environments where there's no possibility to make outbound network connections. By having this be a fs.FS instead of directories allows the repository to be backed by something that's not persisted to disk.
func (f *FileRemoteStore) GetMeta(name string) (io.ReadCloser, int64, error)
func (f *FileRemoteStore) GetTarget(name string) (io.ReadCloser, int64, error)
type HTTPRemoteOptions struct {
MetadataPath string
TargetsPath string
UserAgent string
Retries *HTTPRemoteRetries
}
type HTTPRemoteRetries struct {
Delay time.Duration
Total time.Duration
}
LocalStore is local storage for downloaded top-level metadata.
type LocalStore interface {
io.Closer
// GetMeta returns top-level metadata from local storage. The keys are
// in the form `ROLE.json`, with ROLE being a valid top-level role.
GetMeta() (map[string]json.RawMessage, error)
// SetMeta persists the given top-level metadata in local storage, the
// name taking the same format as the keys returned by GetMeta.
SetMeta(name string, meta json.RawMessage) error
// DeleteMeta deletes a given metadata.
DeleteMeta(name string) error
}
func MemoryLocalStore() LocalStore
RemoteStore downloads top-level metadata and target files from a remote repository.
type RemoteStore interface {
// GetMeta downloads the given metadata from remote storage.
//
// `name` is the filename of the metadata (e.g. "root.json")
//
// `err` is ErrNotFound if the given file does not exist.
//
// `size` is the size of the stream, -1 indicating an unknown length.
GetMeta(name string) (stream io.ReadCloser, size int64, err error)
// GetTarget downloads the given target file from remote storage.
//
// `path` is the path of the file relative to the root of the remote
// targets directory (e.g. "/path/to/file.txt").
//
// `err` is ErrNotFound if the given file does not exist.
//
// `size` is the size of the stream, -1 indicating an unknown length.
GetTarget(path string) (stream io.ReadCloser, size int64, err error)
}
func HTTPRemoteStore(baseURL string, opts *HTTPRemoteOptions, client *http.Client) (RemoteStore, error)
| Name | Synopsis |
|---|---|
| .. | |
| filejsonstore | |
| leveldbstore | |