Rugged is composed of:
- a command-line (CLI) tool,
- a set of worker daemons, each fulfilling a TUF role.
The interactions between these components is illustrated in this sequence diagram of a simplified package release workflow.
Rugged commands are triggered by TUF administrators directly, or via the packaging pipeline. These will include:
Commands are implemented using the Click package and the shared TUF library.
Workers are services running continuously to provide the day-to-day signing operations of the TUF system.
Workers are implemented using the Celery distributed task queue.
- The Targets Worker is responsible for updating the Targets’ role metadata with target file hashes, and writing said metadata (
- In a future release, this worker may delegate tasks to additional Targets workers, to:
- distribute workload (for performance); and/or
- provide additional isolated signing keys (for security).
- The Snapshot Worker is responsible for updating and writing the Snapshot role metadata (
- The Timestamp Worker is responsible for updating and writing the Timestamp role metadata (
- The Root Worker is responsible for updating and writing the Root role metadata (
- N.B. The Root Worker is not present during regular operations of the Rugged system. It is spun up only for the performance of administrative tasks, such as:
- initializing a new TUF repository,
- generating keypairs,
- rotating keypairs,
- The optional Monitor Worker provides a mechanism to trigger TUF signing without requiring any credentials (or the CLI) to be present in the packaging pipeline environment.