Skip to content

Commit

Permalink
Merge pull request #118 from uptane/docs/secondary-root-rotation
Browse files Browse the repository at this point in the history
Improve docs on secondary root rotation
  • Loading branch information
cajun-rat authored Nov 26, 2024
2 parents 3d58e75 + e29c737 commit e8ef86a
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 2 deletions.
11 changes: 10 additions & 1 deletion src/libaktualizr/uptane/uptanerepository.h
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,16 @@ class RepositoryCommon {

/**
* Load the initial state of the repository from storage.
* Note that this _required_ for correct initialization.
* Note that this _required_ for correct initialization. The API here is
* particularly error prone and should be improved:
* - Until this is called the root will have a policy kRejectAll (i.e. no
* updates are possible). It is therefore part of the initialization
* process and so should be moved to the ctor.
* - It throws an exception in a non-exceptional case: where the metadata
* in the storage has expired.
* - When it throws an exception, it changes the state and actually does
* perform initialization, therefore violating the Strong Exception
* Guarantee.
* @throws UptaneException if the local metadata is stale (this is not a failure)
*/
virtual void checkMetaOffline(INvStorage &storage) = 0;
Expand Down
3 changes: 2 additions & 1 deletion src/virtual_secondary/managedsecondary.cc
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,8 @@ ManagedSecondary::ManagedSecondary(Primary::ManagedSecondaryConfig sconfig_in) :
director_repo_->checkMetaOffline(*storage_);
} catch (const std::exception &e) {
// This is actually safe. We've done enough initialization to get
// director_repo_ into a valid configuration
// director_repo_ into a valid configuration. See the documentation for
// RepositoryCommon::checkMetaOffline() for details.
LOG_INFO << "No valid Director metadata found in storage: " << e.what();
}
try {
Expand Down

0 comments on commit e8ef86a

Please sign in to comment.