c029bcfbaa
This is to allow us to store new policy files in the production TUF repository under a testing delegation, and for clients to opt-in to using this testing delegation when retrieving policy from TUF. If the prefix path is set, it is prepended to every target path on download with path.Join. For example, if the prefix path is testing and we download the target a/b, the TUF client with actually download testing/a/b. Also get the latest testdata from tuf-dev.
40 lines
852 B
Go
40 lines
852 B
Go
package tuf_test
|
|
|
|
import (
|
|
"context"
|
|
"os"
|
|
"path/filepath"
|
|
|
|
"github.com/docker/attest/tuf"
|
|
"github.com/theupdateframework/go-tuf/v2/metadata"
|
|
)
|
|
|
|
func ExampleNewClient_registry() {
|
|
// create a tuf client
|
|
home, err := os.UserHomeDir()
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
tufOutputPath := filepath.Join(home, ".docker", "tuf")
|
|
|
|
opts := tuf.NewDockerDefaultClientOptions(tufOutputPath)
|
|
registryClient, err := tuf.NewClient(context.Background(), opts)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
|
|
// get trusted tuf metadata
|
|
trustedMetadata := registryClient.GetMetadata()
|
|
|
|
// top-level target files
|
|
targets := trustedMetadata.Targets[metadata.TARGETS].Signed.Targets
|
|
|
|
for _, t := range targets {
|
|
// download target files
|
|
_, err := registryClient.DownloadTarget(t.Path, filepath.Join(tufOutputPath, "download"))
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
}
|
|
}
|