Initial commit

.editorconfig

@@ -0,0 +1,12 @@
+root = true
+
+[*]
+charset = utf-8
+indent_style = tab
+indent_size = 4
+insert_final_newline = true
+end_of_line = lf
+
+[*.{yml,yaml}]
+indent_style = space
+indent_size = 2

.github/.templateMarker

@@ -0,0 +1 @@
+KOLANICH/python_project_boilerplate.py

.github/dependabot.yml

@@ -0,0 +1,8 @@
+version: 2
+updates:
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    allow:
+      - dependency-type: "all"

.github/workflows/CI.yml

@@ -0,0 +1,15 @@
+name: CI
+on:
+  push:
+    branches: [master]
+  pull_request:
+    branches: [master]
+
+jobs:
+  build:
+    runs-on: ubuntu-22.04
+    steps:
+      - name: typical python workflow
+        uses: KOLANICH-GHActions/typical-python-workflow@master
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -0,0 +1,10 @@
+__pycache__
+*.py[co]
+/*.egg-info
+*.srctrlbm
+*.srctrldb
+build
+dist
+.eggs
+monkeytype.sqlite3
+/.ipynb_checkpoints

.gitlab-ci.yml

@@ -0,0 +1,51 @@
+image: registry.gitlab.com/kolanich-subgroups/docker-images/fixed_python:latest
+
+variables:
+  DOCKER_DRIVER: overlay2
+  SAST_ANALYZER_IMAGE_TAG: latest
+  SAST_DISABLE_DIND: "true"
+  SAST_CONFIDENCE_LEVEL: 5
+  CODECLIMATE_VERSION: latest
+
+include:
+  - template: SAST.gitlab-ci.yml
+  - template: Code-Quality.gitlab-ci.yml
+  - template: License-Management.gitlab-ci.yml
+
+build:
+  tags:
+    - shared
+    - linux
+  stage: build
+  variables:
+    GIT_DEPTH: "1"
+    PYTHONUSERBASE: ${CI_PROJECT_DIR}/python_user_packages
+
+  before_script:
+    - export PATH="$PATH:$PYTHONUSERBASE/bin" # don't move into `variables`
+    - apt-get update
+    # todo:
+    #- apt-get -y install 
+    #- pip3 install --upgrade 
+    #- python3 ./fix_python_modules_paths.py
+
+  script:
+    - python3 -m build -nw bdist_wheel
+    - mv ./dist/*.whl ./dist/tuft-0.CI-py3-none-any.whl
+    - pip3 install --upgrade ./dist/*.whl
+    - coverage run --source=tuft -m --branch pytest --junitxml=./rspec.xml ./tests/test.py
+    - coverage report -m
+    - coverage xml
+
+  coverage: "/^TOTAL(?:\\s+\\d+){4}\\s+(\\d+%).+/"
+
+  cache:
+    paths:
+      - $PYTHONUSERBASE
+
+  artifacts:
+    paths:
+      - dist
+    reports:
+      junit: ./rspec.xml
+      cobertura: ./coverage.xml

Code_Of_Conduct.md

@@ -0,0 +1 @@
+No codes of conduct!

MANIFEST.in

@@ -0,0 +1,4 @@
+include UNLICENSE
+include *.md
+include tests
+include .editorconfig

ReadMe.md

@@ -0,0 +1,15 @@
+tuft.py [![Unlicensed work](https://raw.githubusercontent.com/unlicense/unlicense.org/master/static/favicon.png)](https://unlicense.org/)
+=======
+~~[wheel (GitLab)](https://gitlab.com/KOLANICH-libs/tuft.py/-/jobs/artifacts/master/raw/dist/tuft-0.CI-py3-none-any.whl?job=build)~~
+[wheel (GHA via `nightly.link`)](https://nightly.link/KOLANICH-libs/tuft.py/workflows/CI/master/tuft-0.CI-py3-none-any.whl)
+~~![GitLab Build Status](https://gitlab.com/KOLANICH-libs/tuft.py/badges/master/pipeline.svg)~~
+~~![GitLab Coverage](https://gitlab.com/KOLANICH-libs/tuft.py/badges/master/coverage.svg)~~
+[![GitHub Actions](https://github.com/KOLANICH-libs/tuft.py/workflows/CI/badge.svg)](https://github.com/KOLANICH-libs/tuft.py/actions/)
+[![Libraries.io Status](https://img.shields.io/librariesio/github/KOLANICH-libs/tuft.py.svg)](https://libraries.io/github/KOLANICH-libs/tuft.py)
+
+This is a small high-level library for creating [The Update Framework](https://github.com/theupdateframework/specification) repositories.
+
+This library is **insecure**:
+
+* it has never been audited and/or even throughly tested.
+* repo validation when it is created is not implemented. If a repo invalid or tampered, it will still be signed by your signature.

UNLICENSE

@@ -0,0 +1,24 @@
+This is free and unencumbered software released into the public domain.
+
+Anyone is free to copy, modify, publish, use, compile, sell, or
+distribute this software, either in source code form or as a compiled
+binary, for any purpose, commercial or non-commercial, and by any
+means.
+
+In jurisdictions that recognize copyright laws, the author or authors
+of this software dedicate any and all copyright interest in the
+software to the public domain. We make this dedication for the benefit
+of the public at large and to the detriment of our heirs and
+successors. We intend this dedication to be an overt act of
+relinquishment in perpetuity of all present and future rights to this
+software under copyright law.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR
+OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+OTHER DEALINGS IN THE SOFTWARE.
+
+For more information, please refer to <https://unlicense.org/>

pyproject.toml

@@ -0,0 +1,42 @@
+[build-system]
+requires = ["setuptools>=61.2.0", "setuptools_scm[toml]>=3.4.3"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "tuft"
+readme = "ReadMe.md"
+description = "A small high-level library for creating The Update Framework repositories."
+authors = [{name = "KOLANICH"}]
+classifiers = [
+	"Development Status :: 4 - Beta",
+	"Environment :: Other Environment",
+	"Intended Audience :: Developers",
+	"License :: Public Domain",
+	"Operating System :: OS Independent",
+	"Programming Language :: Python",
+	"Programming Language :: Python :: 3",
+	"Programming Language :: Python :: 3 :: Only",
+	"Topic :: Software Development :: Libraries :: Python Modules",
+]
+keywords = ["tuf", "update", "framework"]
+license = {text = "Unlicense"}
+requires-python = ">=3.4"
+dynamic = ["version"]
+dependencies = [
+	"requests", # @ git+https://github.com/psf/requests.git
+	"requests-file", # @ git+https://github.com/dashea/requests-file.git
+	"securesystemslib", # @ git+https://github.com/secure-systems-lab/securesystemslib.git
+	"tuf", # @ git+https://github.com/theupdateframework/python-tuf.git
+	"transformerz" # @ git+https://github.com/KOLANICH-libs/transformerz.py.git
+]
+
+[project.urls]
+Homepage = "https://github.com/KOLANICH-libs/tuft.py"
+
+[tool.setuptools]
+zip-safe = true
+
+[tool.setuptools.packages.find]
+include = ["tuft", "tuft.*"]
+
+[tool.setuptools_scm]

tests/testKey

@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACBhnM5j7/5MfF1wJJKG7UZFX0Eg7T2VNGBTQE+blBMqwgAAAJByJ06ecidO
+ngAAAAtzc2gtZWQyNTUxOQAAACBhnM5j7/5MfF1wJJKG7UZFX0Eg7T2VNGBTQE+blBMqwg
+AAAEA5JIS+oXe1en5uN4aHO9IY2SFKsadvohK2h62u0nZBEGGczmPv/kx8XXAkkobtRkVf
+QSDtPZU0YFNAT5uUEyrCAAAACHRlc3Qga2V5AQIDBAU=
+-----END OPENSSH PRIVATE KEY-----

tests/tests.py

@@ -0,0 +1,24 @@
+#!/usr/bin/env python3
+import sys
+from pathlib import Path
+import unittest
+import itertools, re
+
+sys.path.insert(0, str(Path(__file__).parent.parent))
+
+from collections import OrderedDict
+
+dict = OrderedDict
+
+import tuft
+from tuft import *
+
+
+class Tests(unittest.TestCase):
+
+	def testSimple(self):
+		raise NotImplementedError
+
+
+if __name__ == "__main__":
+	unittest.main()

tuft/Repo.py

@@ -0,0 +1,117 @@
+import typing
+from pathlib import Path, PurePath
+
+import requests
+from requests_file import FileAdapter
+from tuf.ngclient import Updater
+from tuf.ngclient._internal.requests_fetcher import RequestsFetcher
+
+from .serializer import jsonFancySerializer
+
+
+class RequestsFetcherWithFile(RequestsFetcher):
+	def __init__(self) -> None:
+		super().__init__()
+		self.fileAdapter = FileAdapter()
+
+	def _get_session(self, url: str) -> requests.Session:
+		s = super()._get_session(url)
+		s.mount("file://", self.fileAdapter)
+		return s
+
+
+class Repo:
+	__slots__ = ("localPath", "localMetadata", "updater")
+
+	SETTINGS_SERIALIZER = jsonFancySerializer
+	META_SERIALIZER = jsonFancySerializer
+
+	@classmethod
+	def setup(cls, reposRoot: Path, rootDict: dict, petname: str, baseURIs: typing.Optional[typing.Iterable[str]] = None) -> typing.Dict[str, typing.List[str]]:
+		localPath = reposRoot / petname
+		metaDir = cls.metaDirFromLocalPath(localPath)
+		rootFilePath = cls.rootFilePathFromMetaDir(metaDir)
+		rootFilePath.write_text(cls.META_SERIALIZER.unprocess(rootDict))
+
+		localMetaFilePath = cls.localMetaFilePathFromReposRoot(localPath)
+		localMetaDict = {"baseURIs": []}  # type: typing.Dict[str, typing.Any]
+		if baseURIs:
+			localMetaDict["baseURIs"].extend(baseURIs)
+		localMetaFilePath.write_text(cls.SETTINGS_SERIALIZER.unprocess(localMetaDict))
+		return localMetaDict
+
+	LOCAL_META_FILE_NAME = "local"
+
+	@classmethod
+	def localMetaFilePathFromReposRoot(cls, localPath: Path) -> Path:
+		return localPath / (cls.LOCAL_META_FILE_NAME + "." + cls.SETTINGS_SERIALIZER.fileExtension)
+
+	ROOT_FILE_NAME = "root"
+
+	@classmethod
+	def rootFilePathFromMetaDir(cls, metaDir: Path) -> Path:
+		return metaDir / (cls.ROOT_FILE_NAME + "." + cls.META_SERIALIZER.fileExtension)
+
+	@classmethod
+	def metaDirFromLocalPath(cls, localPath: Path) -> Path:
+		res = localPath / "meta"
+		res.mkdir(exist_ok=True, parents=True)
+		return res
+
+	@classmethod
+	def repoDirFromLocalPath(cls, localPath: Path) -> Path:
+		res = localPath / "repo"
+		res.mkdir(exist_ok=True, parents=True)
+		return res
+
+	def __init__(self, localPath: Path, localMetadata: typing.Optional[dict] = None) -> None:
+		if localMetadata is None:
+			localMetadata = {}
+
+		self.localPath = localPath
+		self.localMetadata = localMetadata
+		self.refreshLocalMetadata()
+		self.updater = typing.cast(Updater, None)
+		self.initTUF()
+
+	@property
+	def baseURI(self) -> str:
+		return self.baseURIs[0]
+
+	@property
+	def baseURIs(self) -> typing.List[str]:
+		return self.localMetadata["baseURIs"]
+
+	def initTUF(self) -> None:
+		self.updater = Updater(metadata_dir=str(self.__class__.metaDirFromLocalPath(self.localPath)), metadata_base_url=self.baseURI, target_base_url=self.baseURI, target_dir=str(self.__class__.repoDirFromLocalPath(self.localPath)), fetcher=RequestsFetcherWithFile())
+
+	def refreshLocalMetadata(self) -> None:
+		localMetaFile = self.__class__.localMetaFilePathFromReposRoot(self.localPath)
+		self.localMetadata = self.__class__.SETTINGS_SERIALIZER.process(localMetaFile.read_text())
+
+	def update(self) -> None:
+		self.updater.refresh()
+
+	def getListPath(self, path: PurePath) -> Path:
+		info = self.updater.get_targetinfo(str(path))
+
+		if info:
+			cached = self.updater.find_cached_target(info)
+			if not cached:
+				self.updater.download_target(info)
+				cached = self.updater.find_cached_target(info)
+
+			if not cached:
+				raise KeyError(path)
+
+			return Path(cached)
+
+		raise KeyError(path)
+
+	def __iter__(self) -> typing.Iterable[PurePath]:
+		for fns in self.updater._trusted_set.targets.signed.targets:
+			fn = PurePath(fns)
+			yield fn
+
+	def __getitem__(self, k: PurePath) -> Path:
+		return self.getListPath(k)