From 907186e6a47d0560d0bdbdce54fcf8e32df55f4b Mon Sep 17 00:00:00 2001 From: Sebastien Awwad Date: Thu, 4 Apr 2019 17:14:13 -0400 Subject: [PATCH 1/6] DOC: revise quickstart and reorganize tutorials: - correctly frame the CLI's current state as a tutorial toy. - provide a friendlier quickstart that puts what it's doing into perspective and guides you to next steps. - provide a better sense of what each tutorial/quickstart doc is for. - make the getting started page slightly more friendly. Signed-off-by: Sebastien Awwad --- docs/GETTING_STARTED.rst | 9 ++-- docs/QUICKSTART.md | 104 +++++++++++++++++++++++++++++++-------- 2 files changed, 88 insertions(+), 25 deletions(-) diff --git a/docs/GETTING_STARTED.rst b/docs/GETTING_STARTED.rst index 29552808ee..fc775ea7c3 100644 --- a/docs/GETTING_STARTED.rst +++ b/docs/GETTING_STARTED.rst @@ -1,9 +1,8 @@ Getting Started --------------- +- `Overview of TUF `_ - `Installation `_ -- `Contributors `_ -- `Quickstart `_ -- `CLI `_ -- `CLI Usage Examples `_ -- `Tutorial `_ +- Beginner Tutorials (using the basic command-line interface): `Quickstart `_; `CLI Tutorial `_; `CLI Further Examples `_ +- `Advanced Tutorial `_ +- `Guidelines for Contributors `_ diff --git a/docs/QUICKSTART.md b/docs/QUICKSTART.md index c6ea4ed24f..322ca7fe93 100644 --- a/docs/QUICKSTART.md +++ b/docs/QUICKSTART.md @@ -1,21 +1,44 @@ # Quickstart # -The CLI requires a few dependencies and C extensions that can be installed with -`pip install securesystemslib[crypto,pynacl]`. +In this quickstart tutorial, we'll use the basic TUF command-line interface +(CLI), which includes the `repo.py` script and the `client.py` script, to set +up a repository with an update and metadata about that update, then download +and verify that update as a client. + +Unlike the underlying TUF modules that the CLI uses, the CLI itself is a bit +bare-bones. Using the CLI is the easiest way to familiarize yourself with +how TUF works, however. It will serve as a very basic update system and use ---- -The following is a basic workflow in four steps: -**Step (1)** - Initialize a repo. The `tufrepo`, `tufkeystore`, and -`tufclient` directories are created in the current working directory. +**Step (0)** - Make sure TUF is installed + +See the [installation instructions for TUF](docs/INSTALLATION.rst). +The TUF CLI makes use of some crypto dependencies, so please include the +optional `pip install securesystemslib[crypto,pynacl]` step. + + +**Step (1)** - Create a basic repository and client + +The following command will set up a basic update repository and basic client +that knows about the repository. `tufrepo`, `tufkeystore`, and +`tufclient` directories will be created in the current directory. + ```Bash $ repo.py --init ``` -Four sets of keys are created in the `tufkeystore` directory and metadata -is initiated in the `tufrepo` and `tufclient` directories. -**Step (2)** - Add a target file to the repo. The file size and hashes of -the target file are also written to the Targets metadata file. +Four sets of keys are created in the `tufkeystore` directory. Initial metadata +about the repository is created in the `tufrepo` directory, and also provided +to the client in the `tufclient` directory. + + +**Step (2)** - Add an update to the repository. + +We'll create a target file that will later be delivered as an update to clients. +Metadata about that file will be created and signed, and added to the +repository's metadata. + ```Bash $ echo 'Test file' > testfile $ repo.py --add testfile @@ -38,21 +61,38 @@ tufrepo/ 3 directories, 11 files ``` -The new file `testfile` is added and metadata is updated in the `tufrepo` directory. + +The new file `testfile` is added to the repository, and metadata is updated in +the `tufrepo` directory. The Targets metadata (`targets.json`) now includes +the file size and hashes of the `testfile` target file, and this metadata is +signed by the Targets role's key, so that clients can verify that metadata +about `testfile` and then verify `testfile` itself. + **Step (3)** - Serve the repo + +We'll host a toy http server containing the `testfile` update and the +repository's metadata. + ```Bash $ cd "tufrepo/" +$ python3 -m http.server 8001 + +# or, if you are using Python2: $ python -m SimpleHTTPServer 8001 -or with Python 3... -$ python3 -m http.server 8001 ``` -**Step (4)** - Fetch a target file from the repo. The client downloads -any required metadata and the requested target file. +**Step (4)** - Obtain and verify the `testfile` update on a client. + +The client can request the package `testfile` from the repository. TUF will +download and verify metadata from the repository as necessary to determine +what the trustworthy hashes and length of `testfile` are, then download +the target `testfile` from the repository and keep it only if it matches that +trustworthy metadata. + ```Bash -$ cd "tufclient/" +$ cd "../tufclient/" $ client.py --repo http://localhost:8001 testfile $ tree . @@ -75,11 +115,35 @@ $ tree 5 directories, 11 files ``` -client.py verified metadata from the server and downloaded content. The client has now verified and obtained `testfile`. -The scope of TUF ends here. + +Now that a trustworthy update target has been obtained, an updater can proceed +however it normally would to install or use the update. ---- -See [CLI.md](CLI.md) and [CLI_EXAMPLES.md](CLI_EXAMPLES.md) to learn about the -other supported CLI options. A [tutorial](TUTORIAL.md) is also available, and -intended for users that want more control over the repo creation process. +### Next Steps + +TUF provides functionality for both ends of a software update system, the +**update provider** and the **update client**. + +`repo.py` made use of `tuf.repository_tool`'s functionality for an update +provider, helping you produce and sign metadata about your updates. + +`client.py` made use of `tuf.client.updater`'s client-side functionality, +performing download and the critical verification steps for metadata and the +update itself. + +You can look at [CLI.md](CLI.md) and [CLI_EXAMPLES.md](CLI_EXAMPLES.md) to toy +with the TUF CLI a bit more. After that, try out using the underlying modules +for a great deal more control. The more detailed [TUF Tutorial](TUTORIAL.md) +shows you how to use them. + +Ultimately, a sophisticated update client will use or re-implement those +underlying modules. The TUF design is intended to play well with any update +workflow. + +Please provide feedback or questions for this or other tutorials, or +TUF in general, by checking out +[our contact info](https://github.com/theupdateframework/tuf#contact), or +creating [issues](https://github.com/theupdateframework/tuf/issues) in this +repository! From 5a94d5db3e2f6fed0598cbb5005f9b1e3b726c87 Mon Sep 17 00:00:00 2001 From: Sebastien Awwad Date: Mon, 8 Apr 2019 11:49:25 -0400 Subject: [PATCH 2/6] minor DOC: fix unfinished sentence, some punctuation in the QUICKSTARD.md Signed-off-by: Sebastien Awwad --- docs/QUICKSTART.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/QUICKSTART.md b/docs/QUICKSTART.md index 322ca7fe93..e3e75a3343 100644 --- a/docs/QUICKSTART.md +++ b/docs/QUICKSTART.md @@ -7,18 +7,18 @@ and verify that update as a client. Unlike the underlying TUF modules that the CLI uses, the CLI itself is a bit bare-bones. Using the CLI is the easiest way to familiarize yourself with -how TUF works, however. It will serve as a very basic update system and use +how TUF works, however. It will serve as a very basic update system. ---- -**Step (0)** - Make sure TUF is installed +**Step (0)** - Make sure TUF is installed. -See the [installation instructions for TUF](docs/INSTALLATION.rst). +See the [installation instructions for TUF](INSTALLATION.rst). The TUF CLI makes use of some crypto dependencies, so please include the optional `pip install securesystemslib[crypto,pynacl]` step. -**Step (1)** - Create a basic repository and client +**Step (1)** - Create a basic repository and client. The following command will set up a basic update repository and basic client that knows about the repository. `tufrepo`, `tufkeystore`, and @@ -69,7 +69,7 @@ signed by the Targets role's key, so that clients can verify that metadata about `testfile` and then verify `testfile` itself. -**Step (3)** - Serve the repo +**Step (3)** - Serve the repo. We'll host a toy http server containing the `testfile` update and the repository's metadata. From 1f3e5b648374f1fc325dd210ee6fb11e97351fb8 Mon Sep 17 00:00:00 2001 From: Sebastien Awwad Date: Mon, 8 Apr 2019 11:50:26 -0400 Subject: [PATCH 3/6] DOC: collapse CLI_EXAMPLES.md into CLI.md Signed-off-by: Sebastien Awwad --- docs/CLI.md | 220 ++++++++++++++++++++++++++++++++++++++- docs/CLI_EXAMPLES.md | 204 ------------------------------------ docs/GETTING_STARTED.rst | 4 +- docs/QUICKSTART.md | 8 +- 4 files changed, 223 insertions(+), 213 deletions(-) delete mode 100644 docs/CLI_EXAMPLES.md diff --git a/docs/CLI.md b/docs/CLI.md index f9843d4850..3e37c99e9b 100644 --- a/docs/CLI.md +++ b/docs/CLI.md @@ -1,11 +1,15 @@ -# CLI # +# Command-Line Interface # -The CLI requires a few dependencies and C extensions that can be installed with -`pip install securesystemslib[crypto,pynacl]`. +The TUF command-line interface (CLI) requires a full +[TUF installation](INSTALLATION.rst). Be sure to include the installation of +extra dependencies and C extensions ( +```pip install securesystemslib[crypto,pynacl]```). -[CLI_EXAMPLES.md](CLI_EXAMPLES.md) covers more complex examples. +The use of the CLI is documented with examples below. ---- +# Basic Examples # + ## Create a repository ## Create a TUF repository in the current working directory. A cryptographic key @@ -235,3 +239,211 @@ $ repo.py --clean $ repo.py --clean --path ``` ---- + + + + + + + + +# Further Examples # + +## Basic Update Delivery ## + +Steps: + +(1) initialize a repo. + +(2) delegate trust of target files to another role. + +(3) add a trusted file to the delegated role. + +(4) fetch the trusted file from the delegated role. + +```Bash +Step (1) +$ repo.py --init + +Step (2) +$ repo.py --key ed25519 --filename mykey +$ repo.py --delegate "README.*" --delegatee myrole --pubkeys tufkeystore/mykey.pub +$ repo.py --sign tufkeystore/mykey --role myrole +Enter a password for the encrypted key (tufkeystore/mykey): +$ echo "my readme text" > README.txt + +Step (3) +$ repo.py --add README.txt --role myrole --sign tufkeystore/mykey +Enter a password for the encrypted key (tufkeystore/mykey): +``` + +Serve the repo +```Bash +$ cd tufrepo/ +$ python -m SimpleHTTPServer 8001 +``` + +```Bash +Step (4) +$ client.py --repo http://localhost:8001 README.txt +$ tree . +. +├── tuf.log +├── tufrepo +│   └── metadata +│   ├── current +│   │   ├── 1.root.json +│   │   ├── myrole.json +│   │   ├── root.json +│   │   ├── snapshot.json +│   │   ├── targets.json +│   │   └── timestamp.json +│   └── previous +│   ├── 1.root.json +│   ├── root.json +│   ├── snapshot.json +│   ├── targets.json +│   └── timestamp.json +└── tuftargets + └── README.txt + + 5 directories, 13 files +``` + + +## Correcting a Key ## +The filename of the top-level keys must be "root_key," "targets_key," +"snapshot_key," and "root_key." The filename can vary for any additional +top-level key. + +Steps: + +(1) initialize a repo containing default keys for the top-level roles. +(2) distrust the default key for the root role. +(3) create a new key and trust its use with the root role. +(4) sign the root metadata file. + +```Bash +Step (1) +$ repo.py --init + +Step (2) +$ repo.py --distrust --pubkeys tufkeystore/root_key.pub --role root + +Step (3) +$ repo.py --key ed25519 --filename root_key +$ repo.py --trust --pubkeys tufkeystore/root_key.pub --role root + +Step (4) +$ repo.py --sign tufkeystore/root_key --role root +Enter a password for the encrypted key (tufkeystore/root_key): +``` + + +## More Update Delivery ## + +Steps: + +(1) create a bare repo. + +(2) add keys to the top-level roles. + +(3) delegate trust of particular target files to another role X, where role X +has a signature threshold 2 and is marked as a terminating delegation. The +keys for role X and Y should be created prior to performing the delegation. + +(4) Delegate from role X to role Y. + +(5) have role X sign for a file also signed by the Targets role, to demonstrate +the expected file that should be downloaded by the client. + +(6) perform an update. + +(7) halt the server, add README.txt to the Targets role, restart the server, +and fetch the Target's role README.txt. + +(8) Add LICENSE to 'role_y' and demonstrate that the client must not fetch it +because 'role_x' is a terminating delegation (and hasn't signed for it). + +```Bash +Steps (1) and (2) +$ repo.py --init --consistent --bare +$ repo.py --key ed25519 --filename root_key +$ repo.py --trust --pubkeys tufkeystore/root_key.pub --role root +$ repo.py --key ecdsa --filename targets_key +$ repo.py --trust --pubkeys tufkeystore/targets_key.pub --role targets +$ repo.py --key rsa --filename snapshot_key +$ repo.py --trust --pubkeys tufkeystore/snapshot_key.pub --role snapshot +$ repo.py --key ecdsa --filename timestamp_key +$ repo.py --trust --pubkeys tufkeystore/timestamp_key.pub --role timestamp +$ repo.py --sign tufkeystore/root_key --role root +Enter a password for the encrypted key (tufkeystore/root_key): +$ repo.py --sign tufkeystore/targets_key --role targets +Enter a password for the encrypted key (tufkeystore/targets_key): +``` + +```Bash +Steps (3) and (4) +$ repo.py --key ed25519 --filename key_x +$ repo.py --key ed25519 --filename key_x2 + +$ repo.py --delegate "README.*" "LICENSE" --delegatee role_x --pubkeys + tufkeystore/key_x.pub tufkeystore/key_x2.pub --threshold 2 --terminating +$ repo.py --sign tufkeystore/key_x tufkeystore/key_x2 --role role_x + +$ repo.py --key ed25519 --filename key_y + +$ repo.py --delegate "README.*" "LICENSE" --delegatee role_y --role role_x + --pubkeys tufkeystore/key_y.pub --sign tufkeystore/key_x tufkeystore/key_x2 + +$ repo.py --sign tufkeystore/key_y --role role_y +``` + +```Bash +Steps (5) and (6) +$ echo "role_x's readme" > README.txt +$ repo.py --add README.txt --role role_x --sign tufkeystore/key_x tufkeystore/key_x2 +``` + +Serve the repo +```Bash +$ cd tufrepo/ +$ python -m SimpleHTTPServer 8001 +``` + +Fetch the role x's README.txt +```Bash +$ client.py --repo http://localhost:8001 README.txt +$ cat tuftargets/README.txt +role_x's readme +``` + + +```Bash +Step (7) +halt the server... + +$ echo "Target role's readme" > README.txt +$ repo.py --add README.txt + +restart the server... +``` + +```Bash +$ rm -rf tuftargets/ tuf.log +$ client.py --repo http://localhost:8001 README.txt +$ cat tuftargets/README.txt +Target role's readme +``` + +```Bash +Step (8) +$ echo "role_y's license" > LICENSE +$ repo.py --add LICENSE --role role_y --sign tufkeystore/key_y +``` + +```Bash +$ rm -rf tuftargets/ tuf.log +$ client.py --repo http://localhost:8001 LICENSE +Error: 'LICENSE' not found. +``` diff --git a/docs/CLI_EXAMPLES.md b/docs/CLI_EXAMPLES.md deleted file mode 100644 index 4ae9035306..0000000000 --- a/docs/CLI_EXAMPLES.md +++ /dev/null @@ -1,204 +0,0 @@ -# CLI Usage Examples # - -This document contains a few examples of creating repositories with the CLI. -The sections below correspond with a different example, and each begins with an -outline of the steps to be followed by the user. - -## A basic example ## - -Steps: - -(1) initialize a repo. - -(2) delegate trust of target files to another role. - -(3) add a trusted file to the delegated role. - -(4) fetch the trusted file from the delegated role. - -```Bash -Step (1) -$ repo.py --init - -Step (2) -$ repo.py --key ed25519 --filename mykey -$ repo.py --delegate "README.*" --delegatee myrole --pubkeys tufkeystore/mykey.pub -$ repo.py --sign tufkeystore/mykey --role myrole -Enter a password for the encrypted key (tufkeystore/mykey): -$ echo "my readme text" > README.txt - -Step (3) -$ repo.py --add README.txt --role myrole --sign tufkeystore/mykey -Enter a password for the encrypted key (tufkeystore/mykey): -``` - -Serve the repo -```Bash -$ cd tufrepo/ -$ python -m SimpleHTTPServer 8001 -``` - -```Bash -Step (4) -$ client.py --repo http://localhost:8001 README.txt -$ tree . -. -├── tuf.log -├── tufrepo -│   └── metadata -│   ├── current -│   │   ├── 1.root.json -│   │   ├── myrole.json -│   │   ├── root.json -│   │   ├── snapshot.json -│   │   ├── targets.json -│   │   └── timestamp.json -│   └── previous -│   ├── 1.root.json -│   ├── root.json -│   ├── snapshot.json -│   ├── targets.json -│   └── timestamp.json -└── tuftargets - └── README.txt - - 5 directories, 13 files -``` - - -## An example of replacing a top-level key ## -The filename of the top-level keys must be "root_key," "targets_key," -"snapshot_key," and "root_key." The filename can vary for any additional -top-level key. - -Steps: - -(1) initialize a repo containing default keys for the top-level roles. -(2) distrust the default key for the root role. -(3) create a new key and trust its use with the root role. -(4) sign the root metadata file. - -```Bash -Step (1) -$ repo.py --init - -Step (2) -$ repo.py --distrust --pubkeys tufkeystore/root_key.pub --role root - -Step (3) -$ repo.py --key ed25519 --filename root_key -$ repo.py --trust --pubkeys tufkeystore/root_key.pub --role root - -Step (4) -$ repo.py --sign tufkeystore/root_key --role root -Enter a password for the encrypted key (tufkeystore/root_key): -``` - - -## A more complicated example ## - -Steps: - -(1) create a bare repo. - -(2) add keys to the top-level roles. - -(3) delegate trust of particular target files to another role X, where role X -has a signature threshold 2 and is marked as a terminating delegation. The -keys for role X and Y should be created prior to performing the delegation. - -(4) Delegate from role X to role Y. - -(5) have role X sign for a file also signed by the Targets role, to demonstrate -the expected file that should be downloaded by the client. - -(6) perform an update. - -(7) halt the server, add README.txt to the Targets role, restart the server, -and fetch the Target's role README.txt. - -(8) Add LICENSE to 'role_y' and demonstrate that the client must not fetch it -because 'role_x' is a terminating delegation (and hasn't signed for it). - -```Bash -Steps (1) and (2) -$ repo.py --init --consistent --bare -$ repo.py --key ed25519 --filename root_key -$ repo.py --trust --pubkeys tufkeystore/root_key.pub --role root -$ repo.py --key ecdsa --filename targets_key -$ repo.py --trust --pubkeys tufkeystore/targets_key.pub --role targets -$ repo.py --key rsa --filename snapshot_key -$ repo.py --trust --pubkeys tufkeystore/snapshot_key.pub --role snapshot -$ repo.py --key ecdsa --filename timestamp_key -$ repo.py --trust --pubkeys tufkeystore/timestamp_key.pub --role timestamp -$ repo.py --sign tufkeystore/root_key --role root -Enter a password for the encrypted key (tufkeystore/root_key): -$ repo.py --sign tufkeystore/targets_key --role targets -Enter a password for the encrypted key (tufkeystore/targets_key): -``` - -```Bash -Steps (3) and (4) -$ repo.py --key ed25519 --filename key_x -$ repo.py --key ed25519 --filename key_x2 - -$ repo.py --delegate "README.*" "LICENSE" --delegatee role_x --pubkeys - tufkeystore/key_x.pub tufkeystore/key_x2.pub --threshold 2 --terminating -$ repo.py --sign tufkeystore/key_x tufkeystore/key_x2 --role role_x - -$ repo.py --key ed25519 --filename key_y - -$ repo.py --delegate "README.*" "LICENSE" --delegatee role_y --role role_x - --pubkeys tufkeystore/key_y.pub --sign tufkeystore/key_x tufkeystore/key_x2 - -$ repo.py --sign tufkeystore/key_y --role role_y -``` - -```Bash -Steps (5) and (6) -$ echo "role_x's readme" > README.txt -$ repo.py --add README.txt --role role_x --sign tufkeystore/key_x tufkeystore/key_x2 -``` - -Serve the repo -```Bash -$ cd tufrepo/ -$ python -m SimpleHTTPServer 8001 -``` - -Fetch the role x's README.txt -```Bash -$ client.py --repo http://localhost:8001 README.txt -$ cat tuftargets/README.txt -role_x's readme -``` - - -```Bash -Step (7) -halt the server... - -$ echo "Target role's readme" > README.txt -$ repo.py --add README.txt - -restart the server... -``` - -```Bash -$ rm -rf tuftargets/ tuf.log -$ client.py --repo http://localhost:8001 README.txt -$ cat tuftargets/README.txt -Target role's readme -``` - -```Bash -Step (8) -$ echo "role_y's license" > LICENSE -$ repo.py --add LICENSE --role role_y --sign tufkeystore/key_y -``` - -```Bash -$ rm -rf tuftargets/ tuf.log -$ client.py --repo http://localhost:8001 LICENSE -Error: 'LICENSE' not found. -``` diff --git a/docs/GETTING_STARTED.rst b/docs/GETTING_STARTED.rst index fc775ea7c3..fad0d847fb 100644 --- a/docs/GETTING_STARTED.rst +++ b/docs/GETTING_STARTED.rst @@ -3,6 +3,8 @@ Getting Started - `Overview of TUF `_ - `Installation `_ -- Beginner Tutorials (using the basic command-line interface): `Quickstart `_; `CLI Tutorial `_; `CLI Further Examples `_ +- Beginner Tutorials (using the basic command-line interface): + - `Quickstart `_ + - `CLI Documentation and Examples `_ - `Advanced Tutorial `_ - `Guidelines for Contributors `_ diff --git a/docs/QUICKSTART.md b/docs/QUICKSTART.md index e3e75a3343..8fa17487ce 100644 --- a/docs/QUICKSTART.md +++ b/docs/QUICKSTART.md @@ -133,10 +133,10 @@ provider, helping you produce and sign metadata about your updates. performing download and the critical verification steps for metadata and the update itself. -You can look at [CLI.md](CLI.md) and [CLI_EXAMPLES.md](CLI_EXAMPLES.md) to toy -with the TUF CLI a bit more. After that, try out using the underlying modules -for a great deal more control. The more detailed [TUF Tutorial](TUTORIAL.md) -shows you how to use them. +You can look at [CLI.md](CLI.md) to toy with the TUF CLI a bit more. +After that, try out using the underlying modules for a great deal more control. +The more detailed [TUF Tutorial](TUTORIAL.md) shows you how to use the +underlying modules, `repository_tool` and `updater`. Ultimately, a sophisticated update client will use or re-implement those underlying modules. The TUF design is intended to play well with any update From ed6acd4ef163993b17e82a01d28f043082e30df6 Mon Sep 17 00:00:00 2001 From: Sebastien Awwad Date: Mon, 8 Apr 2019 11:56:45 -0400 Subject: [PATCH 4/6] minor DOC: label the advanced tutorial as such Signed-off-by: Sebastien Awwad --- docs/QUICKSTART.md | 2 +- docs/TUTORIAL.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/QUICKSTART.md b/docs/QUICKSTART.md index 8fa17487ce..16e7f21dc0 100644 --- a/docs/QUICKSTART.md +++ b/docs/QUICKSTART.md @@ -135,7 +135,7 @@ update itself. You can look at [CLI.md](CLI.md) to toy with the TUF CLI a bit more. After that, try out using the underlying modules for a great deal more control. -The more detailed [TUF Tutorial](TUTORIAL.md) shows you how to use the +The more detailed [Advanced Tutorial](TUTORIAL.md) shows you how to use the underlying modules, `repository_tool` and `updater`. Ultimately, a sophisticated update client will use or re-implement those diff --git a/docs/TUTORIAL.md b/docs/TUTORIAL.md index ccc07c5d71..52f9735cd9 100644 --- a/docs/TUTORIAL.md +++ b/docs/TUTORIAL.md @@ -1,4 +1,4 @@ -# Tutorial # +# Advanced Tutorial # ## Table of Contents ## - [How to Create and Modify a TUF Repository](#how-to-create-and-modify-a-tuf-repository) From 2af4d3f12ea1358849fcf90bf3f620969c2cec82 Mon Sep 17 00:00:00 2001 From: Sebastien Awwad Date: Mon, 8 Apr 2019 13:32:43 -0400 Subject: [PATCH 5/6] DOC: simplify installation instructions in QUICKSTART Signed-off-by: Sebastien Awwad --- docs/QUICKSTART.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/QUICKSTART.md b/docs/QUICKSTART.md index 16e7f21dc0..6889dcf6f1 100644 --- a/docs/QUICKSTART.md +++ b/docs/QUICKSTART.md @@ -13,9 +13,9 @@ how TUF works, however. It will serve as a very basic update system. **Step (0)** - Make sure TUF is installed. -See the [installation instructions for TUF](INSTALLATION.rst). -The TUF CLI makes use of some crypto dependencies, so please include the -optional `pip install securesystemslib[crypto,pynacl]` step. +Make sure that TUF is installed, along with some of the optional cryptographic +libraries and C extensions: +`pip install securesystemslib[crypto,pynacl] tuf` **Step (1)** - Create a basic repository and client. From 67dd649680b1f10dc5e259d5930160cf11da289a Mon Sep 17 00:00:00 2001 From: Sebastien Awwad Date: Mon, 8 Apr 2019 15:21:52 -0400 Subject: [PATCH 6/6] DOC: cover possible environment requirements in QUICKSTART Signed-off-by: Sebastien Awwad --- docs/QUICKSTART.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/QUICKSTART.md b/docs/QUICKSTART.md index 6889dcf6f1..d56d97c262 100644 --- a/docs/QUICKSTART.md +++ b/docs/QUICKSTART.md @@ -14,9 +14,13 @@ how TUF works, however. It will serve as a very basic update system. **Step (0)** - Make sure TUF is installed. Make sure that TUF is installed, along with some of the optional cryptographic -libraries and C extensions: +libraries and C extensions. Try this command to do that: `pip install securesystemslib[crypto,pynacl] tuf` +If you run into errors during that pip command, please consult the more +detailed [TUF Installation Instructions](INSTALLATION.rst). (There are some +system libraries that you may need to install first.) + **Step (1)** - Create a basic repository and client.