From 5ffc256e0d71e3440820a6746949a560969743f8 Mon Sep 17 00:00:00 2001
From: djvangerwen <dennisvangerwen@medishielddelft.com>
Date: Thu, 14 Apr 2022 19:54:41 +0200
Subject: [PATCH] fix repo example timestamp re-signing

---
 examples/repo/repo_workflow_example.py | 5 +++--
 notsotuf/repo.py                       | 1 +
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/examples/repo/repo_workflow_example.py b/examples/repo/repo_workflow_example.py
index 384c0de..fa87f15 100644
--- a/examples/repo/repo_workflow_example.py
+++ b/examples/repo/repo_workflow_example.py
@@ -101,6 +101,7 @@
 # Re-sign roles, before they expire
 roles.sign_role(
     role_name='timestamp',
-    expires=in_(1),
-    private_key_path=KEYS_DIR / 'timestamp',
+    expires=in_(2),
+    private_key_path=keys.private_key_path(role_name='timestamp'),
 )
+roles.persist_role(role_name='timestamp')
diff --git a/notsotuf/repo.py b/notsotuf/repo.py
index bfc788a..2be8384 100644
--- a/notsotuf/repo.py
+++ b/notsotuf/repo.py
@@ -278,6 +278,7 @@ def publish_root(
             self, keys_dirs: List[Union[pathlib.Path, str]], expires: datetime
     ):
         """Call this whenever root has been modified (should be rare)."""
+        # todo: handle initial case, as we cannot set version=0
         # root content has changed, so increment version
         self.root.signed.version += 1
         # sign and save