github.com/xeptore/docker-cli@v20.10.14+incompatible/cli/command/trust/helpers.go (about) 1 package trust 2 3 import ( 4 "strings" 5 6 "github.com/docker/cli/cli/trust" 7 "github.com/theupdateframework/notary/client" 8 "github.com/theupdateframework/notary/tuf/data" 9 ) 10 11 const releasedRoleName = "Repo Admin" 12 const releasesRoleTUFName = "targets/releases" 13 14 // isReleasedTarget checks if a role name is "released": 15 // either targets/releases or targets TUF roles 16 func isReleasedTarget(role data.RoleName) bool { 17 return role == data.CanonicalTargetsRole || role == trust.ReleasesRole 18 } 19 20 // notaryRoleToSigner converts TUF role name to a human-understandable signer name 21 func notaryRoleToSigner(tufRole data.RoleName) string { 22 // don't show a signer for "targets" or "targets/releases" 23 if isReleasedTarget(data.RoleName(tufRole.String())) { 24 return releasedRoleName 25 } 26 return strings.TrimPrefix(tufRole.String(), "targets/") 27 } 28 29 // clearChangelist clears the notary staging changelist. 30 func clearChangeList(notaryRepo client.Repository) error { 31 cl, err := notaryRepo.GetChangelist() 32 if err != nil { 33 return err 34 } 35 return cl.Clear("") 36 } 37 38 // getOrGenerateRootKeyAndInitRepo initializes the notary repository 39 // with a remotely managed snapshot key. The initialization will use 40 // an existing root key if one is found, else a new one will be generated. 41 func getOrGenerateRootKeyAndInitRepo(notaryRepo client.Repository) error { 42 rootKey, err := getOrGenerateNotaryKey(notaryRepo, data.CanonicalRootRole) 43 if err != nil { 44 return err 45 } 46 return notaryRepo.Initialize([]string{rootKey.ID()}, data.CanonicalSnapshotRole) 47 }