Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix loading of keys and create repo when old yubikey flag is used #370

Merged
merged 7 commits into from
Nov 10, 2023
Merged

Fix loading of keys and create repo when old yubikey flag is used #370

merged 7 commits into from
Nov 10, 2023

Conversation

renatav
Copy link
Collaborator

@renatav renatav commented Nov 9, 2023
edited
Loading

Description (e.g. "Related to ...", etc.)

When loading signing keys, we want to first try reading from keystore files, then from the inserted Yubikey, before asking the user to do anything. The problem was that the check if key was already read from a YubiKey was not properly implemented, so the same key was getting read twice. Also tried to improve the overall user experience when loading keys.
Found issues with creating a repository in case when old yubikey flag was used to specify that a role's metadata files should be signed using YubiKeys.

Code review checklist (for code reviewer to complete)

  • Pull request represents a single change (i.e. not fixing disparate/unrelated things in a single PR)
  • Title summarizes what is changing
  • Commit messages are meaningful (see this for details)
  • Tests have been included and/or updated, as appropriate
  • Docstrings have been included and/or updated, as appropriate
  • Changelog has been updated, as needed (see CHANGELOG.md)

@renatav renatav changed the title Fix loading of keys Fix loading of keys and create repo when old yubikey flag is used Nov 9, 2023
@renatav renatav requested a review from n-dusan November 9, 2023 19:53
@renatav renatav self-assigned this Nov 9, 2023
n-dusan
n-dusan approved these changes Nov 10, 2023
View reviewed changes
taf/models/types.py Outdated
@property
def yubikey_ids(self):
if not self.is_yubikey:
return []
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe this should return None, since in taf/keys.py L307, L308 there is a check for None

@renatav renatav merged commit b3af910 into master Nov 10, 2023
25 checks passed
@renatav renatav deleted the renatav/fix-yubikey-signing branch November 10, 2023 15:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@n-dusan n-dusan n-dusan approved these changes

Assignees

@renatav renatav

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@renatav @n-dusan