repo: Fix tuf-on-ci-status when artifacts are added to delegates #94
Conversation
It seems this was never tested: * the artifact path partition was just broken * subdirectories were not handled properly
jku
force-pushed
the
fix-artifacts-in-delegations
branch
from
d1b23f3 to
36c4165
Compare
Also fix copy-pasted comments in signer_add_delegation()
|
I added a test. It's as bad as the e2e tests all are* but it does work as regression test for this issue. *) as an example: the tuf-on-ci-status message is not checked, only the exit value. So we don't really know if it is giving good advice or not, the only thing we know is that it is asking for more signatures at right times |
| @@ -357,6 +355,27 @@ signer_modify_targets() | |||
| git push --quiet origin $EVENT | |||
| } | |||
|
|
|||
| signer_add_delegated_target() | |||
There was a problem hiding this comment.
The test file really should get a file wide rename where "target" is changed to "artifact" where applicable: current state is confusing. But I didn't want to rename just the new methods and kept them in line with existing methods
|
Just so I understand the scope, this only affects delegated targets in a directory inside |
Correct:
(It's possible that we should be building this list of changed roles by comparing the artifacts in targets/ to the metadata, but that currently only happens later when tuf-on-ci-status prints the change details. This was just the first implementation that I thought of) |
Fixes #93.
It seems this was never tested:
I don't have test yet: I think I'll file a new issue for that. I've tested this manually by running "tuf-on-ci-status --no-push" in the branch of this signing event jku/tuf-demo#68: result looks good to me
The signing tool should work just fine as it does not really look at the artifacts itself (arguably it maybe should but currently it does not)
CC @rdimitrov