Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add ability to force version bumps? #198

Closed
jku opened this issue Feb 27, 2024 · 1 comment
Closed

Add ability to force version bumps? #198

jku opened this issue Feb 27, 2024 · 1 comment
Labels
enhancement New feature or request

Comments

@jku
Copy link
Member

jku commented Feb 27, 2024

Currently I believe there is no way to say "I'd like to resign a new version now instead of waiting for the next signing period to start". This is relevant at least in the case where targets and root have the same signers: In that case if you are doing an update on one you could as well sign the other (to avoid a separate signing event in near future).

The easy path is likely just changing tuf-on-ci-delegate so that there is a third top-level choice:

Configuring role root
 1. Configure signers: [@-repo-import, @jku], requiring 1 signatures
 2. Configure expiry: Role expires in 3650 days, re-signing starts 365 days before expiry
 3. Resign without changes
@jku jku added the enhancement New feature or request label Feb 27, 2024
@jku jku mentioned this issue Feb 27, 2024
Open
@jku
Copy link
Member Author

jku commented Apr 2, 2024

this is basically a duplicate of #230: the consensus so far is that this (forcing a version bump) seems to be not needed.

@jku jku closed this as completed Apr 2, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jku