Feature: Implement a TUF client for RSTUF
kairoaraujo opened this issue · comments
What is the feature about?
This feature is about implementing a CLI to show the integration with RSTUF API, such as adding/removing targets, and the TUF client downloading targets (as the python-tuf client example)
It was originated and suggested by @simi during a chat on RSTUF channel
The CLI has an issue to [add targets feature](https://github.com/repository-service-tuf/repository-service-tuf-cli/issues/39I.
We always recommend using the python-tuf client example as a reference for TUF Clients.
Some possibilities:
-
Make the python-tuf more flexible about the hard-coded paths for
metadata_base_url
andtarget_base_url
@lukpueh -
Add to RSTUF CLI a download client for artifacts. @KAUTH
- Users could use it for downloading/testing or as a client for some integration, such as CI/CD.
rstuf download [parameters]
- User could save in the
~/.rstuf/root.json
the trusted Root - User could even have such a configuration file
~/.rstuf/config.yml
, which could have a TUF server and the trusted Root (like as done bykube
commands) - Have the
tofu
parameter like the python-tuf example CLI, but with the warning about using it. - Example of CI/CD Integration I imagine
(...) run: | pip install repository-service-tuf rstuf download --metadata http://metadata.example.com project/artifact_v1.2.3.tar.gz tar -xvzf artifact_v1.2.3.tar.gz cd my_app make (...)
- Users could use it for downloading/testing or as a client for some integration, such as CI/CD.
-
Create in the RSTUF organization an example client, such as python-tuf
Services it relates to
repository-service-for-tuf-cli
Related tasks
No response
References
No response
Code of Conduct
- I agree to follow this project's Code of Conduct
This task is related only to the RSTUF CLI.
I created the Feature issue for the RSTUF CLI and all tasks for implementation
Comments and follow-up can be done in mentioned issue. Closing this one.