Registry upload

go.mod

@@ -3,10 +3,70 @@ module github.com/notaryproject/tuf/tuf-notary
 go 1.17
 
 require (
+	github.com/distribution/distribution/v3 v3.0.0-20210926092439-1563384b69df
+	github.com/opencontainers/image-spec v1.0.1
+	github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2
+	github.com/stretchr/testify v1.7.0
+	github.com/theupdateframework/go-tuf v0.0.0-20211018203538-5908a16987fa
+	oras.land/oras-go v0.5.0
+)
+
+require (
+	github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78 // indirect
+	github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d // indirect
+	github.com/beorn7/perks v1.0.1 // indirect
+	github.com/bshuster-repo/logrus-logstash-hook v1.0.0 // indirect
+	github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd // indirect
+	github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b // indirect
+	github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0 // indirect
+	github.com/cespare/xxhash/v2 v2.1.1 // indirect
+	github.com/containerd/containerd v1.5.7 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/docker/cli v20.10.9+incompatible // indirect
+	github.com/docker/distribution v2.7.1+incompatible // indirect
+	github.com/docker/docker v20.10.9+incompatible // indirect
+	github.com/docker/docker-credential-helpers v0.6.4 // indirect
+	github.com/docker/go-connections v0.4.0 // indirect
+	github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c // indirect
+	github.com/docker/go-metrics v0.0.1 // indirect
+	github.com/docker/go-units v0.4.0 // indirect
+	github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1 // indirect
 	github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815 // indirect
+	github.com/felixge/httpsnoop v1.0.1 // indirect
 	github.com/flynn/go-docopt v0.0.0-20140912013429-f6dd2ebbb31e // indirect
+	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/gomodule/redigo v1.8.2 // indirect
+	github.com/gorilla/handlers v1.5.1 // indirect
+	github.com/gorilla/mux v1.8.0 // indirect
+	github.com/inconshreveable/mousetrap v1.0.0 // indirect
+	github.com/klauspost/compress v1.11.13 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
+	github.com/moby/locker v1.0.1 // indirect
+	github.com/moby/term v0.0.0-20200312100748-672ec06f55cd // indirect
+	github.com/morikuni/aec v1.0.0 // indirect
+	github.com/opencontainers/go-digest v1.0.0 // indirect
+	github.com/pkg/errors v0.9.1 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/prometheus/client_golang v1.7.1 // indirect
+	github.com/prometheus/client_model v0.2.0 // indirect
+	github.com/prometheus/common v0.10.0 // indirect
+	github.com/prometheus/procfs v0.6.0 // indirect
+	github.com/sirupsen/logrus v1.8.1 // indirect
+	github.com/spf13/cobra v1.2.1 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/tent/canonical-json-go v0.0.0-20130607151641-96e4ba3a7613 // indirect
-	github.com/theupdateframework/go-tuf v0.0.0-20211018203538-5908a16987fa // indirect
-	golang.org/x/crypto v0.0.0-20190424203555-c05e17bb3b2d // indirect
-	golang.org/x/sys v0.0.0-20190412213103-97732733099d // indirect
+	github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43 // indirect
+	github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50 // indirect
+	github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f // indirect
+	golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 // indirect
+	golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4 // indirect
+	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect
+	golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1 // indirect
+	golang.org/x/text v0.3.5 // indirect
+	google.golang.org/genproto v0.0.0-20210602131652-f16073e35f0c // indirect
+	google.golang.org/grpc v1.38.0 // indirect
+	google.golang.org/protobuf v1.26.0 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
 )

tuf-notary/cmd/init.go

@@ -1,7 +1,10 @@
 package main
 
 import (
+	"fmt"
+
 	"github.com/notaryproject/tuf/tuf-notary/tuf-notary"
+	docopt "github.com/docopt/docopt-go"
 )
 
 func init() {
@@ -16,13 +19,32 @@ Options:
   `)
 }
 
-func cmdInit(args map[string]interface{}) error {
+func cmdInit(args []string, opts docopt.Opts) error {
 	repository := "tuf-repo"
-	if r := args["--repo"]; r != nil {
+	if r := opts["--repo"]; r != nil {
 		repository = r.(string)
 	}
+
+	registry := args[0]
+
 	err := tufnotary.Init(repository)
 
-	//TODO upload to registry
+	if err != nil {
+		return err
+	}
+
+	root_desc, err := tufnotary.UploadTUFMetadata(registry, repository, "root", "")
+	if err != nil {
+		return err
+	}
+	fmt.Println("uploaded root " + root_desc.Digest.String())
+
+	targets_desc, err := tufnotary.UploadTUFMetadata(registry, repository, "targets", "")
+	if err != nil {
+		return err
+	}
+	fmt.Println("uploaded targets " + targets_desc.Digest.String())
+
+
 	return err
 }

tuf-notary/cmd/main.go

@@ -11,7 +11,7 @@ func main() {
 	usage := `
 Usage:
   tuf-notary <command> [<args>....]
-  tuf-notary <command> [--registry=<registry>] [--repo=<repository>]
+  tuf-notary <command> [<args>....] [--repo=<repository>]
 
 Commands:
   help          Show usage for a specific command
@@ -32,13 +32,13 @@ Commands:
 		}
 	}
 
-	if err := runCommand(cmd, cmdArgs); err != nil {
+	if err := runCommand(cmd, cmdArgs, args); err != nil {
 		log.Fatalln("ERROR:", err)
 	}
 
 }
 
-type cmdFunc func(map[string]interface{}) error
+type cmdFunc func([]string, docopt.Opts) error
 
 type command struct {
 	usage string
@@ -51,7 +51,7 @@ func register(name string, f cmdFunc, usage string) {
 	commands[name] = &command{usage: usage, f: f}
 }
 
-func runCommand(name string, args []string) error {
+func runCommand(name string, args []string, opts docopt.Opts) error {
 	argv := make([]string, 1, 1+len(args))
 	argv[0] = name
 	argv = append(argv, args...)
@@ -61,10 +61,10 @@ func runCommand(name string, args []string) error {
 		return fmt.Errorf("%s is not a tuf-notary command. See 'tuf-notary help'", name)
 	}
 
-	parsedArgs, err := docopt.Parse(cmd.usage, argv, true, "", true)
+	_, err := docopt.ParseDoc(cmd.usage)
 	if err != nil {
 		return err
 	}
 
-	return cmd.f(parsedArgs)
+	return cmd.f(args, opts)
 }

tuf-notary/registry-access.go

@@ -0,0 +1,56 @@
+package tufnotary
+
+import (
+	"context"
+	"io/ioutil"
+
+	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
+
+    "oras.land/oras-go/pkg/content"
+    "oras.land/oras-go/pkg/oras"
+)
+
+func UploadTUFMetadata(registry string, repository string, name string, reference string) (ocispec.Descriptor, error) {
+	ref := registry + "/" + repository + ":" + name
+	fileName := repository + "/staged/" + name + ".json"
+	contents, err := ioutil.ReadFile(fileName)
+	if err != nil {
+		return ocispec.Descriptor{}, err
+	}
+
+	fileContent := []byte(contents)
+	mediaType := "application/vnd.cncf.notary.tuf+json"
+
+	ctx := context.Background()
+
+	// TODO: add reference once it's supported in oras-go: https://github.com/oras-project/oras-go/pull/35
+
+	memoryStore := content.NewMemory()
+    desc, err := memoryStore.Add(fileName, mediaType, fileContent)
+	if err != nil {
+		return ocispec.Descriptor{}, err
+	}
+
+	manifest, manifestDesc, config, configDesc, err := content.GenerateManifestAndConfig(nil, nil, desc)
+	if err != nil {
+		return ocispec.Descriptor{}, err
+	}
+
+	memoryStore.Set(configDesc, config)
+	err = memoryStore.StoreManifest(ref, manifestDesc, manifest)
+	if err != nil {
+		return ocispec.Descriptor{}, err
+	}
+
+	reg, err := content.NewRegistry(content.RegistryOptions{PlainHTTP: true})
+	if err != nil {
+		return ocispec.Descriptor{}, err
+	}
+
+	desc, err = oras.Copy(ctx, memoryStore, ref, reg, "")
+	if err != nil {
+		return ocispec.Descriptor{}, err
+	}
+
+	return desc, nil
+}

tuf-notary/registry-access_test.go

@@ -0,0 +1,60 @@
+package tufnotary
+
+import (
+	"context"
+	"fmt"
+	"strings"
+	"testing"
+	"time"
+
+	//ocispec "github.com/opencontainers/image-spec/specs-go/v1"
+	"github.com/distribution/distribution/v3/configuration"
+	"github.com/distribution/distribution/v3/registry"
+	_ "github.com/distribution/distribution/v3/registry/storage/driver/inmemory"
+	"github.com/stretchr/testify/assert"
+    "github.com/stretchr/testify/suite"
+	"github.com/phayes/freeport"
+)
+
+type RegistryTestSuite struct {
+	suite.Suite
+	RegistryHost string
+}
+
+func (suite *RegistryTestSuite) SetupTest() {
+	// set up registry
+	port, err := freeport.GetFreePort()
+	if err != nil {
+		suite.Nil(err, "no error finding free port for test registry")
+	}
+	config := &configuration.Configuration{}
+	config.HTTP.Addr = fmt.Sprintf(":%d", port)
+	config.HTTP.DrainTimeout = time.Duration(10) * time.Second
+	config.Storage = map[string]configuration.Parameters{"inmemory": map[string]interface{}{}}
+	suite.RegistryHost = fmt.Sprintf("localhost:%d", port)
+	dockerRegistry, err := registry.NewRegistry(context.Background(), config)
+
+	go dockerRegistry.ListenAndServe()
+}
+
+func (suite *RegistryTestSuite) TestUploadTUFMetadata() {
+	//good case
+	desc, err := UploadTUFMetadata(suite.RegistryHost, "test-tuf-repo", "root", "")
+	assert.Nil(suite.T(), err)
+	assert.True(suite.T(), strings.HasPrefix(desc.Digest.String(), "sha256"))
+
+	//bad registry
+	badHost := fmt.Sprintf("localhost:%d", 2)
+	desc, err = UploadTUFMetadata(badHost, "test-tuf-repo", "root", "")
+	assert.NotNil(suite.T(), err)
+
+	//file doesn't exist
+	desc, err = UploadTUFMetadata(suite.RegistryHost, "test-tuf-repo", "bad", "")
+	assert.NotNil(suite.T(), err)
+
+}
+
+
+func TestRegistryTestSuite(t *testing.T) {
+    suite.Run(t, new(RegistryTestSuite))
+}

tuf-notary/test-tuf-repo/staged/root.json

@@ -0,0 +1 @@
+{"signatures":[{"keyid":"05980fceea73b53becb1fd69fbd3007c11c2c594edd33053f0c0d79ac67740e8","sig":"f0c400100f5a4cca8832ddca037adf1c6742b55026a5d92aa281be98e309df9e69c70ace8ee7138a95a0b5b4673b2a403d25394b3946a6d7c7f3556f80e82c02"},{"keyid":"0a7cee9fd46d9bf264d80a7709a90f283995aecf170c4777d3c2f51671e04af3","sig":"6bb75e370051f4946363903fcfcc590843f32972731019198bdb7eb9acd241d8253292870fdbbbae38a64eded2596163fdfa7b639f864b5f43b11adaa915e906"},{"keyid":"0c8ae234e2f1ccc68b95eeb80dc9893bdc08028eef571b48c97002230c3a2257","sig":"b7ef72d8caf1af68d6e81e621491796fb91266e8cf685e8f47f30d1acfdb0bac9ad18a25e1756b7cf845fc9e4b2fed3a18665f4de9e7b6e77066c319204f650b"},{"keyid":"13f399f0c47873571a0b259684832cfd8be13de027c00ec5b9437cfe515319ce","sig":"319b09a373b0337137b1e0c9a53954aeaf7dc6d0d2cd8c47c0d577533262ca04a63d761977b01ff89802ef5d043c79328a6e421ed04986cd36b34f7a340c7501"},{"keyid":"1581362377a3fa9d8acb710774405093bb2c34ace85eaade6f70259a14e9cef1","sig":"860b25b396bfe9af771e7f40bec2d44580f2fdb732d75ba6842b661ce9e218fbe77a9ed34cce074233810a172d39d33bdfcb3bfff714839455ca36d168ce3c03"},{"keyid":"183e5891198f19b080a63017cda8f1139c1f8243610b1eb11c88491440c8c30c","sig":"3d1b004a2f0d2f72c6299704330df93d98c55ee11ab479a40f98297029cde27b4d593e6bcbd72fcaeb76d84388494be47312ee480c5a9e8f60672dedfe458c0f"},{"keyid":"1a703c8c75720368e644db13a163d5b3134956a7cd87e547f1aaa638d78f1a2e","sig":"4e1f60fd3c2c284063c7b34cbfbedddb46a20d0d2e1e311bb7605669d57eeaa33403c71120bd466a0401e07b59611ad2abb33bf28b8e23e2d25e1037f639ca06"},{"keyid":"22b3eb56a41acd91b660d9387a53855a4b8feebbc037f5838b95f386403613d7","sig":"98419cdea172bb4148f840acb4f7cf1aac97a7176869b6884c503af26129022be0bbc206be4bd6ecb974622844729776d817a4a3351dce3a6748a33d3715f10b"},{"keyid":"28fe925299ecc8b8db467387d06b458de6c55e724508f309a1f84ddd25590b21","sig":"af5dcc5ccc89649656282e7f06533e6c8361ed9e7f69f0dadc86744d741a009ee091dcec2931d594b07fc0f546cecb3414fe23b7a5e1362732265aa69ae2a001"},{"keyid":"30ad00ec6d2700a7ca9b3c5301c8d5847fb7feee9b579a6b8b70f5583abebcab","sig":"e2fc61a9cca0e046d6cf71bc34856e04ce9745960a4a3174ba0076782ec90e1b69456497d53e78fab3690c0eb1cb4821b206bfc6c4febaa53e371c82e209860e"},{"keyid":"3cbb496563da79858a677be0be01b6544c02a1aab12bbfb2bcaa8ee031dd65f1","sig":"be333c03e5f4adb5b3eedcd8d4d24cefe7ec1f9653c7c8b177348bbf20a0bfac91d9e21777d19de1ed14d01335e4b424a58fb6b0b5c5c460eeec5ee953a70a0e"},{"keyid":"3d81be0c9c3849c0fa9990fda282cb773fb6230293403c2d7ee7a8cea82b7d4b","sig":"0ee4cec59848c8d5b2da6743a5e178b33e967cacf954665c2fb95893a41ee883a86a5aa2d19577fdc567fa23d073569b3fe6318bf28709bebfe0d4653b7ad00c"},{"keyid":"4d93788e0e18def47864839f33806945fe825424ab5040f763b0809aff21c196","sig":"040e29ad4d5487c9385fce9389c8b1b655e1b980c79d13235abe4b9f600f1c86cc050ee173c0218d1e3bce45f92feb2850999f820bb65f17cd8c6ceef1e37401"},{"keyid":"4e698efb9facc61449aa0baed2091b463ef3f99ea3fd9ce63e8c9a9dbf19521a","sig":"1b8dba279289ef11bcddb87adae4414c5ebec4bd7c8e2887af731dc7bfb3ec08a60dd7e2ca5788d9dd065715fdabfc3a73be0560cbef7104ce9222e63f9f8201"},{"keyid":"65fb89f26602d9de5f133b39c7d06c59c65fa2de4b721dae6b8f9f0fabf93e22","sig":"5a63118d1c2750b4a731793fb9a5a8792d4a81100cee39a89cd234c7ea369b3a3415c0e064ab1a7b7e8a173f1624d8a77d71da2215fe218f8b068e8abe787103"},{"keyid":"67201b99929613345ac65672976b6bcc1f7c343e27638e7ad7d105174b13b2a3","sig":"7768719db6ba95bf9129819e43fcc67af95889f15e5c71972c797ae31b495a33afd95386a57b0df28222e95f18e942cd9ad7020563ae4b382c79f3b6561c6004"},{"keyid":"6dc27394d0614b58a55de604cb136e356227916c2852e57ca7e80fb2f91263c7","sig":"cb34f63df6998bd6440530752ec04215c1b954e872707b340d93ea2555428569057928697ea8e7ea3734d26868b1a64d7eec06e44f3bbec52ac6021e184fef05"},{"keyid":"7112b97a843961af5595a31cfda88dce412b31d07b1ff32bf8cddca159c6523f","sig":"2a7973eec5567fad40cec922ca3359e7b1d4117720589b976f6967aec5bec29f3e4cd49f1c43970a70e6a5aeb01d82bb86dfe96fd9f6927829ff8d73e34b2702"},{"keyid":"7551c0ee99c8553fb5ca81b0333ce6d8557f41615eb8626dcffd7481e93a31ce","sig":"6f5cdacf6320085376d04586b1e788308cf83908b67d04fc9fc87ecb46b9c9753eec345f0daec6c6152867cdbe9ed5869da6f12696d93c11f8ec849c441ff208"},{"keyid":"7662d1e9282a938787ca6fe6dcd866b58c698cfa135b6033a478e40a2b458613","sig":"6fdbb40186d3444f4fa6c9b628bcce9748354711901e942fdf95a389d09de5ffa766ec45df11926f2dc08fa77cbb8882b51523848382e2c82a1bcfa6fd5e5606"},{"keyid":"9e6284d1462293a5d63544d743a0f3994a168d062410891b24869021c105c766","sig":"d795be52dafec5a00961cf49cfc3dd8ed21e23f020082ed5162c46f685458c69e81f5e463b7a71c45152aa61eda5414fe934312dde30a588604b32757cd6550e"},{"keyid":"a6291c84b8cf2ec9246d98a282a8423749b0ef876c73ffc85b9241e062feebad","sig":"2580ddce0d9089975c3bbf40f0252509c644def96fa8b2d154612c8d077bca8ec616dc9668acbd0ca7b0acb589a62d091003912b3244292133252916e88d3d0d"},{"keyid":"aad1bc61164788d5c3ae8e510ffe285047acfff4cd19e81f2d1d6a3e6977c202","sig":"ed3d59b9918bc24733f0eb7a344bbcd33093b191ecb836497e735415c72efeb20cfd41c00ceaf9c9b0875e05b0c243b889425c04cb89f67869df84f01b9dd909"},{"keyid":"b16123f0fec83aab7b52a8d74a54947833211f090344cc6dcdf8aaca374af4ac","sig":"c19be4b37d7101d4372242b204fa246396f4d04be162158e0b0bb1dacd10c84b8bd7c1b8a48bf31ecabcecbe8c28c2da4680837458b9097b5e4848d8aecb800c"},{"keyid":"b38cf9cfd9b4e5fdb4160cb9edd9b6be7bb5d53f8b9d961f30cfc09721befb3c","sig":"6e7aee659ac9632b22f14ade0b4f336dcecba489c877f38e321ac44b9e002172546b91e4624ed776f4867f061f0c32c6bc10773876aea9973287959f71f87a04"},{"keyid":"d8918bdb2e7439b0e503c849e1a6015ee502e163314e1df3b7e329b857db7031","sig":"92a1a7d67fd37a7bcbbd04bccdb1c7082655cbe637426dbd0c3d677f1fb3f4552f4c36d678ef7764f29579995ff86625579d6480177d866afaeed57212b43303"},{"keyid":"e259e697860b4d9480bd48d6bbeec7aee3a74a286c83b962b68b93e6c51fc3a1","sig":"ad8e4136c51f51b453f718e4b1b25ce02e839a94afad215966a836bf2fd2a9063ccbab6260ebea2a4c5774a85346a0341bf3fa34fe5aa4d726ecbf7bc232fb0f"},{"keyid":"eb872300f88fb4314a0803eec978d34a229830e8feef49932d29121acfa63603","sig":"ea5481ce50bcec0eb2bd767382ece527c7f3f757d34be52e78715198faae985c14521f78cfa418427444c7623992f8b2c6bc3f39ba5afb8b99ce80939b4c590f"},{"keyid":"fa677d5eb5e0f98bdd4607c504fddde0579b42744fc102c6dbf7d58b5062f7d3","sig":"b1ef03d53a246a0d4994ad4aeb666d877c256c8593362ac81621cf716c346aa2ac2cb7c4f354dca2f8f7b43d9cec985d2e3a59ce3cbff52855b5c6e205b16a07"}],"signed":{"_type":"root","consistent_snapshot":false,"expires":"2022-11-01T20:09:55Z","keys":{"24645c6c92ae9d97c1532e30b4c009d1cf1b69cbcd1021b70252221a1c9ccf20":{"keyid_hash_algorithms":["sha256","sha512"],"keytype":"ed25519","keyval":{"public":"03a966cded0b6939bb2978bc18d8c3d0d55ceb2ff54d96fc03e8ea3430149efb"},"scheme":"ed25519"},"e259e697860b4d9480bd48d6bbeec7aee3a74a286c83b962b68b93e6c51fc3a1":{"keyid_hash_algorithms":["sha256","sha512"],"keytype":"ed25519","keyval":{"public":"a1dd055764682de537ba838c54113c0671b4f47e5f0533eefa0475bcff89eeb8"},"scheme":"ed25519"},"e92453a2973244aeb4c41e915ed7b3487c74318ab5e947b54df4961ad8ca84bb":{"keyid_hash_algorithms":["sha256","sha512"],"keytype":"ed25519","keyval":{"public":"4f903289df1f8134bbb03e5031e91b3ee06c54962e3d282b2e21a8ca10f3a1fa"},"scheme":"ed25519"},"ef87b52c4f4a0342352239b07a0b58e52cd6e9ee23edd8ce638a97a52b2a0d34":{"keyid_hash_algorithms":["sha256","sha512"],"keytype":"ed25519","keyval":{"public":"2b0c84e9cf07fd72e8ce231839773a59628c03aa76aace50851f65586953e98d"},"scheme":"ed25519"}},"roles":{"root":{"keyids":["e259e697860b4d9480bd48d6bbeec7aee3a74a286c83b962b68b93e6c51fc3a1"],"threshold":1},"snapshot":{"keyids":["ef87b52c4f4a0342352239b07a0b58e52cd6e9ee23edd8ce638a97a52b2a0d34"],"threshold":1},"targets":{"keyids":["24645c6c92ae9d97c1532e30b4c009d1cf1b69cbcd1021b70252221a1c9ccf20"],"threshold":1},"timestamp":{"keyids":["e92453a2973244aeb4c41e915ed7b3487c74318ab5e947b54df4961ad8ca84bb"],"threshold":1}},"spec_version":"1.0","version":1}}

tuf-notary/tuf-repository.go

@@ -14,5 +14,47 @@ func Init(repository string) error {
 	}
 
 	//not using consistent snapshots
-	return repo.Init(false)
+	err = repo.Init(false)
+	if err != nil {
+		return err
+	}
+
+	//add root key
+	_, err = repo.GenKey("root")
+	if err != nil {
+		return err
+	}
+
+	//add targets key
+	_, err = repo.GenKey("targets")
+	if err != nil {
+		return err
+	}
+
+	//add snapshot key
+	_, err = repo.GenKey("snapshot")
+	if err != nil {
+		return err
+	}
+
+	//add timestamp key
+	_, err = repo.GenKey("timestamp")
+	if err != nil {
+		return err
+	}
+
+	//make empty targets metadata
+	emptyTargets := []string{}
+	err = repo.AddTargets(emptyTargets, nil)
+	if err != nil {
+		return err
+	}
+
+	err = repo.Snapshot()
+	if err != nil {
+		return err
+	}
+
+	err = repo.Timestamp()
+	return err
 }