See the basic_repository.go example which demonstrates how to manually create and maintain repository metadata using the low-level Metadata API.
The example highlights the following functionality supported by the metadata API:
- creation of top-level metadata
- target file handling
- consistent snapshots
- support a mixture of key types - ED25519, RSA and ECDSA
- top-level delegation and signing thresholds
- metadata verification
- target delegation
- in-band and out-of-band metadata signing
- writing and reading metadata files
- root key rotation
There's also a client_example.go which demonstrates how to implement a client using the updater package.
- it uses https://jku.github.io/tuf-demo, a live TUF repository hosted on GitHub
- shows an example of how to initialize a client
- shows an example of how to download a target file
- the repository is based on python-tuf so it also highlights the interoperability between the two implementations
There's a client_example.go which demonstrates how to implement a multi-repository client using the multirepo package which implements TAP 4 - Multiple repository consensus on entrusted targets. The example consists of the following:
- The
map.jsonalong with the root files for each repository are distributed via a trusted repository used for initialization- The metadata, these target files and the script generating them are located in the examples/multirepo/repository folder
- These files are then used to bootstrap the multi-repository TUF client
- Shows the API provided by the
multirepopackage
The following CLIs are experimental replacements of the CLI tools provided by the go-tuf package. At some point these will be moved to a separate repository.
-
tuf-client - a CLI tool that implements the client workflow specified by The Update Framework (TUF) specification
-
tuf - Not implemented