github.1git.de/docker/cli@v26.1.3+incompatible/cli/command/trust/helpers.go (about)

     1  package trust
     2  
     3  import (
     4  	"strings"
     5  
     6  	"github.com/docker/cli/cli/trust"
     7  	"github.com/theupdateframework/notary/client"
     8  	"github.com/theupdateframework/notary/tuf/data"
     9  )
    10  
    11  const (
    12  	releasedRoleName    = "Repo Admin"
    13  	releasesRoleTUFName = "targets/releases"
    14  )
    15  
    16  // isReleasedTarget checks if a role name is "released":
    17  // either targets/releases or targets TUF roles
    18  func isReleasedTarget(role data.RoleName) bool {
    19  	return role == data.CanonicalTargetsRole || role == trust.ReleasesRole
    20  }
    21  
    22  // notaryRoleToSigner converts TUF role name to a human-understandable signer name
    23  func notaryRoleToSigner(tufRole data.RoleName) string {
    24  	//  don't show a signer for "targets" or "targets/releases"
    25  	if isReleasedTarget(data.RoleName(tufRole.String())) {
    26  		return releasedRoleName
    27  	}
    28  	return strings.TrimPrefix(tufRole.String(), "targets/")
    29  }
    30  
    31  // clearChangelist clears the notary staging changelist.
    32  func clearChangeList(notaryRepo client.Repository) error {
    33  	cl, err := notaryRepo.GetChangelist()
    34  	if err != nil {
    35  		return err
    36  	}
    37  	return cl.Clear("")
    38  }
    39  
    40  // getOrGenerateRootKeyAndInitRepo initializes the notary repository
    41  // with a remotely managed snapshot key. The initialization will use
    42  // an existing root key if one is found, else a new one will be generated.
    43  func getOrGenerateRootKeyAndInitRepo(notaryRepo client.Repository) error {
    44  	rootKey, err := getOrGenerateNotaryKey(notaryRepo, data.CanonicalRootRole)
    45  	if err != nil {
    46  		return err
    47  	}
    48  	return notaryRepo.Initialize([]string{rootKey.ID()}, data.CanonicalSnapshotRole)
    49  }