Skip to content

Commit

Permalink
Save TRUSTED_ROOT repository setting (#426)
Browse files Browse the repository at this point in the history 
The TRUSTED_ROOT repository setting will be used by RSTUF API when
composing the GET /api/v1/metadata/sign response.

Signed-off-by: Martin Vrachev <[email protected]>
Co-authored-by: Martin Vrachev <[email protected]>
  • Loading branch information
@MVrachev
MVrachev and MVrachev authored Dec 4, 2023
1 parent f5f7a7b commit f03bec5
Show file tree
Hide file tree
Showing 2 changed files with 19 additions and 1 deletion.
3 changes: 3 additions & 0 deletions repository_service_tuf_worker/repository.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -217,6 +217,9 @@ def _persist(self, role: Metadata, role_name: str) -> str:
if filename[0].isdigit() is False:
filename = f"{role.signed.version}.{filename}"

if role_name == Root.type:
self.write_repository_settings("TRUSTED_ROOT", role.to_dict())

bytes_data = role.to_bytes(JSONSerializer())
self._storage_backend.put(bytes_data, filename)
logging.debug(f"{filename} saved")
Expand Down
17 changes: 16 additions & 1 deletion tests/unit/tuf_repository_service_worker/test_repository.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
import pytest
from celery.exceptions import ChordError
from celery.result import states
from tuf.api.metadata import Metadata, Snapshot, Targets, Timestamp
from tuf.api.metadata import Metadata, Root, Snapshot, Targets, Timestamp

from repository_service_tuf_worker import Dynaconf, repository
from repository_service_tuf_worker.models import targets_schema
Expand Down Expand Up @@ -187,13 +187,17 @@ def _test_helper_persist(
fake_role = pretend.stub(
signed=pretend.stub(version=version),
to_bytes=pretend.call_recorder(lambda *a, **kw: fake_bytes),
to_dict=pretend.call_recorder(lambda: None),
)

repository.JSONSerializer = pretend.call_recorder(lambda: None)

test_repo._storage_backend = pretend.stub(
put=pretend.call_recorder(lambda *a: None)
)
test_repo.write_repository_settings = pretend.call_recorder(
lambda *a: None
)

test_result = test_repo._persist(fake_role, role)
assert test_result == expected_file_name
Expand All @@ -206,6 +210,14 @@ def _test_helper_persist(
expected_file_name,
)
]
if role == Root.type:
assert test_repo.write_repository_settings.calls == [
pretend.call("TRUSTED_ROOT", None)
]
assert fake_role.to_dict.calls == [pretend.call()]
else:
assert test_repo.write_repository_settings.calls == []
assert fake_role.to_dict.calls == []

def test__persist(self, test_repo):
self._test_helper_persist(test_repo, "snapshot", 2, "2.snapshot.json")
Expand All @@ -221,6 +233,9 @@ def test__persist_file_has_number_name(self, test_repo):
def test__persist_timestamp(self, test_repo):
self._test_helper_persist(test_repo, "timestamp", 2, "timestamp.json")

def test__persist_root(self, test_repo):
self._test_helper_persist(test_repo, "root", 2, "2.root.json")

def test_bump_expiry(self, monkeypatch, test_repo, mocked_datetime):
fake_settings = pretend.stub(
get_fresh=pretend.call_recorder(lambda *a: 1460)
Expand Down

0 comments on commit f03bec5

Please sign in to comment.