tuf

package

v0.15.1 Latest Latest Go to latest Published: Mar 26, 2026 License: Apache-2.0 Imports: 25 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/sigstore/policy-controller

Links

Open Source Insights

Documentation ¶

Index ¶

func CompressFS(fsys fs.FS, buf io.Writer, skipDirs map[string]bool) error
func FromContextOrDefaults(ctx context.Context) time.Duration
func GetTrustedRoot(ctx context.Context) (*root.TrustedRoot, error)
func ToContext(ctx context.Context, duration time.Duration) context.Context
func Uncompress(src io.Reader, dst string) error
func UncompressMemFS(src io.Reader, stripPrefix string) (fs.FS, error)
type TUFClient
- func ClientFromRemote(_ context.Context, mirror string, rootJSON []byte, targets string) (*TUFClient, error)
- func ClientFromSerializedMirror(_ context.Context, repo, rootJSON []byte, targets, stripPrefix string) (*TUFClient, error)
- func (c *TUFClient) GetTarget(target string) ([]byte, error)
- func (c *TUFClient) GetTopLevelTargets() (map[string]*metadata.TargetFiles, error)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CompressFS ¶

func CompressFS(fsys fs.FS, buf io.Writer, skipDirs map[string]bool) error

func FromContextOrDefaults ¶ added in v0.13.0

func FromContextOrDefaults(ctx context.Context) time.Duration

FromContextOrDefaults returns a stored trustrootResyncPeriod if attached. If not found, it returns a default duration

func GetTrustedRoot ¶ added in v0.13.0

func GetTrustedRoot(ctx context.Context) (*root.TrustedRoot, error)

GetTrustedRoot returns the trusted root for the TUF repository.

func ToContext ¶ added in v0.13.0

func ToContext(ctx context.Context, duration time.Duration) context.Context

ToContext returns a context that includes a key trustrootResyncPeriod set to the included duration

func Uncompress ¶

func Uncompress(src io.Reader, dst string) error

func UncompressMemFS ¶

func UncompressMemFS(src io.Reader, stripPrefix string) (fs.FS, error)

UncompressMemFS takes a TUF repository that's been compressed with CompressFS and returns FS backed by memory.

Types ¶

type TUFClient ¶ added in v0.15.1

type TUFClient struct {
	// contains filtered or unexported fields
}

TUFClient wraps a sigstore-go TUF client for delegation-aware target retrieval and provides lazy access to a raw go-tuf v2 updater for legacy target enumeration via GetTopLevelTargets.

func ClientFromRemote ¶

func ClientFromRemote(_ context.Context, mirror string, rootJSON []byte, targets string) (*TUFClient, error)

ClientFromRemote will construct a TUF client from a root and mirror.

func ClientFromSerializedMirror ¶

func ClientFromSerializedMirror(_ context.Context, repo, rootJSON []byte, targets, stripPrefix string) (*TUFClient, error)

ClientFromSerializedMirror will construct a TUF client by unzip/untar the repository and constructing an in-memory TUF client for it.

func (*TUFClient) GetTarget ¶ added in v0.15.1

func (c *TUFClient) GetTarget(target string) ([]byte, error)

GetTarget downloads a target by name, correctly traversing TUF delegations.

func (*TUFClient) GetTopLevelTargets ¶ added in v0.15.1

func (c *TUFClient) GetTopLevelTargets() (map[string]*metadata.TargetFiles, error)

GetTopLevelTargets returns the top-level target files metadata. This does not traverse delegations and should only be used for legacy fallback paths. The raw updater is lazily initialized on first call to avoid a double TUF refresh when only GetTarget is needed.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL