Targets class
- class Targets(version=None, spec_version=None, expires=None, targets=None, delegations=None, unrecognized_fields=None)
A container for the signed part of targets metadata.
Targets contains verifying information about target files and also delegates responsibility to other Targets roles.
All parameters named below are not just constructor arguments but also instance attributes.
- Parameters
version (Optional[int]) – Metadata version number. Default is 1.
spec_version (Optional[str]) – Supported TUF specification version. Default is the version currently supported by the library.
expires (Optional[datetime]) – Metadata expiry date. Default is current date and time.
targets (Optional[Dict[str, TargetFile]]) – Dictionary of target filenames to TargetFiles. Default is an empty dictionary.
delegations (Optional[Delegations]) – Defines how this Targets delegates responsibility to other Targets Metadata files. Default is None.
unrecognized_fields (Optional[Dict[str, Any]]) – Dictionary of all attributes that are not managed by TUF Metadata API
- Raises
ValueError – Invalid arguments.
- add_key(key, role=None)
Adds new signing key for delegated role
role
.If succinct_roles is used then the
role
argument is not required.- Parameters
key (Key) – Signing key to be added for
role
.role (Optional[str]) – Name of the role, for which
key
is added.
- Raises
ValueError – If the argument order is wrong or if there are no delegated roles or if
role
is not delegated by this Target.- Return type
None
- property expires: datetime
The metadata expiry date:
# Use 'datetime' module to e.g. expire in seven days from now obj.expires = utcnow() + timedelta(days=7)
- is_expired(reference_time=None)
Checks metadata expiration against a reference time.
- Parameters
reference_time (Optional[datetime]) – Time to check expiration date against. A naive datetime in UTC expected. Default is current UTC date and time.
- Returns
True
if expiration time is less than the reference time.- Return type
bool
- revoke_key(keyid, role=None)
Revokes key from delegated role
role
and updates the delegations key store.If succinct_roles is used then the
role
argument is not required.- Parameters
keyid (str) – Identifier of the key to be removed for
role
.role (Optional[str]) – Name of the role, for which a signing key is removed.
- Raises
ValueError – If there are no delegated roles or if
role
is not delegated by thisTarget
or if key is not used byrole
or if key with idkeyid
is not used by succinct roles.- Return type
None