Docker Community Forums

Share and learn in the Docker community.

Target metadata not being updated?


(Lewiada) #1

Hi,

I am coming up to speed on Notary and following the examples. I began by creating a new collection (which caused the creation of root and tagging keys):
$ notary init example.com/collection2

Then I began adding files to the new collection:

$ notary add example.com/collection2 v1 my_file1.txt
$ notary add example.com/collection2 v1 my_file2.txt
$ notary add example.com/collection2 v1 my_file3.txt
$ notary add example.com/collection2 v1 my_file4.txt
$ notary add example.com/collection2 v1 my_file5.txt
$ notary add example.com/collection2 v1 my_file6.txt
$ notary add example.com/collection2 v1 my_file7.txt

Per the TUF specification:
/targets.json: Signed by the target role’s keys. Lists hashes and sizes of target
files.

So shouldn’t I see a hash for each one of these files in targets.json? I never see more than 2 hashes (one sha256 and one sha512). Or am I misunderstanding the intended structure of the targets.json file?


(Riyaz) #2

notary add commands will just stage changes to be applied. You’ll need to run notary publish to actually sign and update the content in your local metadata and the data on the notary server.