Clarify generate_targets_metadata() #1033
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -1173,8 +1173,14 @@ def generate_targets_metadata(targets_directory, target_files, version, | |
|
|
||
| target_files: | ||
| The target files tracked by 'targets.json'. 'target_files' is a | ||
| dictionary mapping target paths (relative to the targets directory) to | ||
| a dict matching tuf.formats.LOOSE_FILEINFO_SCHEMA. LOOSE_FILEINFO_SCHEMA | ||
| can support multiple different value patterns: | ||
| 1) an empty dictionary - for when fileinfo should be generated | ||
| 2) a dictionary matching tuf.formats.CUSTOM_SCHEMA - for when fileinfo | ||
| should be generated, with the supplied custom metadata attached | ||
| 3) a dictionary matching tuf.formats.FILEINFO_SCHEMA - for when full | ||
| fileinfo is provided in conjunction with use_existing_fileinfo | ||
|
|
||
| version: | ||
| The metadata version number. Clients use the version number to | ||
|
|
@@ -1192,11 +1198,16 @@ def generate_targets_metadata(targets_directory, target_files, version, | |
| write_consistent_targets: | ||
| Boolean that indicates whether file digests should be prepended to the | ||
| target files. | ||
| NOTE: when use_existing_fileinfo is True, this parameter will not cause | ||
| consistent targets to be written. It is assumed that the consistent | ||
| targets already exist in the targets directory of the repository. | ||
|
|
||
| use_existing_fileinfo: | ||
| Boolean that indicates whether to use the complete fileinfo, including | ||
| hashes, as already exists in the roledb (True) or whether to generate | ||
| hashes (False). | ||
| NOTE: if write_consistent_targets is True, the caller is responsible for | ||
| ensuring the consistent files exist in the targets directory. | ||
|
|
||
| storage_backend: | ||
| An object which implements | ||
|
|
@@ -1240,9 +1251,12 @@ def generate_targets_metadata(targets_directory, target_files, version, | |
| securesystemslib.formats.BOOLEAN_SCHEMA.check_match(write_consistent_targets) | ||
| securesystemslib.formats.BOOLEAN_SCHEMA.check_match(use_existing_fileinfo) | ||
|
|
||
| # If the caller requested consistent targets *and* supplied their own fileinfo | ||
| # consistent versions of the targets can not be created, because target | ||
| # files and their storage are not accessed when using existing fileinfo. | ||
| if write_consistent_targets and use_existing_fileinfo: | ||
| logger.info('Consistent targets will not be created because targets ' | ||
| 'metadata is being generated from existing fileinfo.') | ||
|
|
||
| if delegations is not None: | ||
| tuf.formats.DELEGATIONS_SCHEMA.check_match(delegations) | ||
|
|
@@ -1253,20 +1267,25 @@ def generate_targets_metadata(targets_directory, target_files, version, | |
| filedict = {} | ||
|
|
||
| if use_existing_fileinfo: | ||
| # Use the provided fileinfo dicts, conforming to FILEINFO_SCHEMA, rather than | ||
| # generating fileinfo | ||
| for target, fileinfo in six.iteritems(target_files): | ||
|
|
||
| # Ensure all fileinfo entries in target_files have a non-empty hashes dict | ||
| if not fileinfo.get('hashes', None): | ||
| raise securesystemslib.exceptions.Error('use_existing_hashes option set' | ||
| ' but no hashes exist in roledb for ' + repr(target)) | ||
|
|
||
| # and a non-empty, non-zero, length | ||
| if fileinfo.get('length', -1) < 1: | ||
|
There was a problem hiding this comment. I think it doesn't make sense to have zero length targets files, but maybe this should be restored to the prior check of: There was a problem hiding this comment.
@joshuagl, the classical There was a problem hiding this comment. You're right, thanks for pointing out that case @lukpueh. In which case I should restore this to the prior There was a problem hiding this comment. Oh, I already restored the behaviour for checking There was a problem hiding this comment. No need to apologize. I have no business commenting on closed PRs. :D |
||
| raise securesystemslib.exceptions.Error('use_existing_hashes option set' | ||
| ' but fileinfo\'s length is not set') | ||
|
|
||
| filedict[target] = fileinfo | ||
|
|
||
| else: | ||
| # Generate the fileinfo dicts by accessing the target files on storage. | ||
| # Default to accessing files on local storage. | ||
| if storage_backend is None: | ||
| storage_backend = securesystemslib.storage.FilesystemBackend() | ||
|
|
||
|
|
||
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.