Commits on May 2, 2024

1. Update securesystemslib 1.0.0 (WIP) …

   * Update securesystemslib 1.0.0 in requirements*.txt files
     -> requires pinning a dev version of tuf
     TODO: - adopt in Pipfile
   	- update tuf when theupdateframework/python-tuf#2617 is
   	  released
   
   * Remove local keyvault service, which makes heavy use of legacy
     securesystemslib interfaces removed in 1.0.0.
     TODO: - adopt in docs, config, etc
   	- consider removing obsolete IKeyVault
   
   * Remove keyvault initialisation in MetadatRepository, which (I think)
     would try to load local key vault otherwise
   
   * Adopt removal in tests, just enough, so that they pass.
     TODO: - check if the tests still make sense
   
   * Drop registration of CryptoSigner and use its new uri scheme "file2"
     in SignerStore.
     "file2" can be used like "file", but only for non-encrypted key files,
     which is all we care for in the worker.
     "file2" can also be used like "fn"  from the custom "FileNameSigner",
     i.e. with a directory specified via envvar.
   
     TODO: - consider only using "file2" and dropping the custom
             "FileNameSigner" (or only using it to ovverride the scheme
   	  name and the envvar name.
   
   Signed-off-by: Lukas Puehringer <[email protected]>

   

   lukpueh committed May 2, 2024
   Configuration menu

   • View commit details
   • Copy full SHA for df6c6f5
   • Browse repository at this point

   Copy the full SHA

   df6c6f5 View commit details

   Browse the repository at this point in the history

2. Add Hashicorp Vault support plus test (WIP) …

   Test with
   
   	tox -e local-vault
   
   Signed-off-by: Lukas Puehringer <[email protected]>

   

   lukpueh committed May 2, 2024
   Configuration menu

   • View commit details
   • Copy full SHA for 56b7b72
   • Browse repository at this point

   Copy the full SHA

   56b7b72 View commit details

   Browse the repository at this point in the history