Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MVP #1

Open
8 tasks
davidstrauss opened this issue Nov 19, 2020 · 0 comments
Open
8 tasks

MVP #1

davidstrauss opened this issue Nov 19, 2020 · 0 comments

Comments

@davidstrauss
Copy link
Contributor

davidstrauss commented Nov 19, 2020
edited
Loading

  • GitHub Actions for timestamp re-signing every 12 hours
  • GitHub Actions or offline signing for snapshot signing
  • Offline signing with a regular (non-HSM) YubiKey using Ed25519 for root signing
  • Offline signing with either a YubiKey or an on-disk Ed25519 key for target signing
  • Git LFS for actual file targets
  • Trigger to publish repository upon generation
  • Python script wrapping TUF's repository_tool API to publish a new release (with intent of shelling out from TYPO3's Darth tool)
  • Example integration to upload the GitHub artifacts to a service like S3
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@davidstrauss