-
Notifications
You must be signed in to change notification settings - Fork 110
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Add Filesystem based remote store to support airgap. #397
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You've pointed out a few things you need to fix, otherwise looking good
@znewman01 @asraa please take particular look at this commit. Based on this here: I believe returning an error is what should be happening, so modified things accordingly. |
Ho hum:
|
lol, pasted to wrong issue, sorry, my bad: FWIW, this has been wired in through sigstore here: And finally in scaffolding I use a local filesystem based custom TUF root here: https://github.com/sigstore/scaffolding/actions/runs/3139401394/jobs/5099778521 |
The linked issue implies this is fixed in go 1.19, but that's the version in use on the failing tests? 😕 Should we implement the suggested workaround in golang/go#51442 (comment)
|
Thanks @joshuagl I added a loop through the files we create. |
How will metadata expiration be handled in the air gapped case? Is timestamp expiration a problem? Do you plan to just generate very long lifetimes for metadata files? |
See the same issue and some ideas about it here |
Signed-off-by: Ville Aikas <[email protected]>
Signed-off-by: Ville Aikas <[email protected]>
Signed-off-by: Ville Aikas <[email protected]>
Signed-off-by: Ville Aikas <[email protected]>
Signed-off-by: Ville Aikas <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you @joshuagl!!! |
…framework#397) * Add Filesystem based remote store to support airgap. Signed-off-by: Ville Aikas <[email protected]> * Try with T.Cleanup too. Wonder if this goes to 11 at some point? Signed-off-by: Ville Aikas <[email protected]> * close the file. Signed-off-by: Ville Aikas <[email protected]> * t.Cleanup vs. defer. Signed-off-by: Ville Aikas <[email protected]> * omit one initializing test for windows. Signed-off-by: Ville Aikas <[email protected]> Signed-off-by: Ville Aikas <[email protected]> Co-authored-by: Joshua Lock <[email protected]>
Signed-off-by: Ville Aikas [email protected]
Please fill in the fields below to submit a pull request. The more information that is provided, the better.
Fixes #
Release Notes:
Types of changes:
Description of the changes being introduced by the pull request:
Add Filesystem based remote store that the client can use. Motivation is to support airgapped environments which can't make network calls. The interface is golang io/fs.FS so that it can be backed by anything that supports the interface instead of only relying on disk.
I may have missed something, but I can't find a way to use it for airgap environments as is, since initializing requires network calls.
Please verify and check that the pull request fulfills the following requirements: