-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[feat] add NewLiveTrustedRootWithClient() #249
Comments
I'm not opposed to this in principle, but I think I had a good reason not to accept a TUF client in Currently, In order to make this testable, the refresh interval needs to be configurable, which is currently hardcoded to 24 hours. I would be happy to make this interval a required parameter to |
I'll consider that PR. In the mean time, it seems like it should be more natural for the TUF client itself to do its own update periodically, without the need to instantiate a new TUF client. What's Do you happen to know the reasoning behind why updates are only allowed once per client lifetime? |
Good question... @rdimitrov ? |
hey, yes, it is intentional and I can try to find the reasoning @jku has about this (unless he replies here in the meantime). |
In python-tuf (where this design likely comes from) the logic is this:
There is nothing that prevents modifying the Updater so that the same instance could refresh metadata from repository multiple times... I just didn't see much advantage to doing so. |
Thanks for chiming in. Alright, I think the |
Description
Re: slsa-framework/slsa-verifier#791 (comment)
I'm proposing that we change
NewLiveTrustedRoot
to accept an existing client, instead of making a new client for each fetch.Or, we add a new function
NewLiveTrustedRootWithClient()
that does the same.My use case is for my library slsa-verifer, where a user may pass in their existing client with custom
opts
, which slsa-verifier then uses for retrieving a TrustedRoot.Client.opts
is private, so my library wouldn't be able to simply pass along theopts
.The text was updated successfully, but these errors were encountered: