From d75e8899c1ee1d28b0c50b431420ba3824e761c5 Mon Sep 17 00:00:00 2001 From: Sean McGinnis Date: Tue, 8 Aug 2023 17:04:12 +0000 Subject: [PATCH] tuftool: Allow specifying version in `root init` A new repo is created by calling `tuftool root init `. It is a common pattern when renewing an expiring root to then have to call `tuftool root bump-version` multiple times or `tuftool root set-version`. Since this is so common, this change makes it possible to provide an option initial version to `root init` to avoid needing to run multiple commmands. This adds an optional `--version` or `-v` argument that can take a positive integer to set as the initial root version. Signed-off-by: Sean McGinnis --- tuftool/src/root.rs | 10 +++++++--- tuftool/tests/root_command.rs | 32 ++++++++++++++++++++++++++++++-- 2 files changed, 37 insertions(+), 5 deletions(-) diff --git a/tuftool/src/root.rs b/tuftool/src/root.rs index a8f5da56e..6e991dfcd 100644 --- a/tuftool/src/root.rs +++ b/tuftool/src/root.rs @@ -28,6 +28,9 @@ pub(crate) enum Command { Init { /// Path to new root.json path: PathBuf, + /// Initial metadata file version + #[clap(short, long)] + version: Option, }, /// Increment the version BumpVersion { @@ -131,7 +134,7 @@ macro_rules! role_keys { impl Command { pub(crate) fn run(self) -> Result<()> { match self { - Command::Init { path } => Command::init(&path), + Command::Init { path, version } => Command::init(&path, version), Command::BumpVersion { path } => Command::bump_version(&path), Command::Expire { path, time } => Command::expire(&path, &time), Command::SetThreshold { @@ -162,14 +165,15 @@ impl Command { } } - fn init(path: &Path) -> Result<()> { + fn init(path: &Path, version: Option) -> Result<()> { + let init_version = version.unwrap_or(1); write_file( path, &Signed { signed: Root { spec_version: crate::SPEC_VERSION.to_owned(), consistent_snapshot: true, - version: NonZeroU64::new(1).unwrap(), + version: NonZeroU64::new(init_version).unwrap(), expires: round_time(Utc::now()), keys: HashMap::new(), roles: hashmap! { diff --git a/tuftool/tests/root_command.rs b/tuftool/tests/root_command.rs index cdd696cfd..5ef52a52e 100644 --- a/tuftool/tests/root_command.rs +++ b/tuftool/tests/root_command.rs @@ -175,6 +175,34 @@ fn create_root() { assert_eq!(get_sign_len(root_json.to_str().unwrap()), 2); } +#[test] +fn create_root_to_version() { + let out_dir = TempDir::new().unwrap(); + let root_json = out_dir.path().join("root.json"); + let version = NonZeroU64::new(99).unwrap(); + + Command::cargo_bin("tuftool") + .unwrap() + .args(["root", "init", root_json.to_str().unwrap(), "-v", "99"]) + .assert() + .success(); + + // validate version number + assert_eq!(get_version(root_json.to_str().unwrap()), version); +} + +#[test] +fn create_root_invalid_version() { + let out_dir = TempDir::new().unwrap(); + let root_json = out_dir.path().join("root.json"); + + Command::cargo_bin("tuftool") + .unwrap() + .args(["root", "init", root_json.to_str().unwrap(), "-v", "0"]) + .assert() + .failure(); +} + #[test] // Ensure creating an unstable root throws error fn create_unstable_root() { @@ -351,13 +379,13 @@ fn set_version_root() { initialize_root_json(root_json.to_str().unwrap()); let version = NonZeroU64::new(5).unwrap(); - //set version to 5 + // set version to 5 Command::cargo_bin("tuftool") .unwrap() .args(["root", "set-version", root_json.to_str().unwrap(), "5"]) .assert() .success(); - //validate version number + // validate version number assert_eq!(get_version(root_json.to_str().unwrap()), version); }