review where metadata changes are done
Closed this issue · 1 comments
jku commented
Current situation for offline roles:
- tuf-on-ci-sign does nothing but signs (and modifies the "invites list")
- modifies metadata, modifies invite list and signs
- repository modifies metadata
Some thoughts:
- It would be good if as much metadata modifications were done by the repository as possible (to make it easy to understand what signers did and what they wanted to do)
- tuf-on-ci-delegate could avoid signing completely: this would mean some actions require an additional signing command but it would make things clearer and the tool simpler
- Some things that could then be moved to repository:
- all invite list changes
- creating new metadata when delegations are added, deleting metadata when delegations are removed
- All of the rest of tuf-on-ci-delegate could then be moved to an external web application (rstuf-like)
So a potential future state would be:
- tuf-on-ci-sign does nothing but signs
- repository does all metadata changes that can be done without "arguments"
- tuf-on-ci-delegate could be replaced by a web application of some kind (unsure how that fits with the GitHub Actions style used so far)