docker
diff --git a/‎cmd/metadata.go
Lines changed: 8 additions & 7 deletions b/‎cmd/metadata.go
Lines changed: 8 additions & 7 deletions
diff --git a/‎cmd/root.go
Lines changed: 1 addition & 1 deletion b/‎cmd/root.go
Lines changed: 1 addition & 1 deletion
diff --git a/‎cmd/targets.go
Lines changed: 10 additions & 9 deletions b/‎cmd/targets.go
Lines changed: 10 additions & 9 deletions
diff --git a/‎go.mod
Lines changed: 41 additions & 44 deletions b/‎go.mod
Lines changed: 41 additions & 44 deletions
@@ -8,6 +8,7 @@ import (
 	"strings"
 
 	"github.com/docker/attest/pkg/mirror"
+	"github.com/docker/attest/pkg/oci"
 	"github.com/docker/attest/pkg/tuf"
 	"github.com/docker/go-tuf-mirror/internal/util"
 	"github.com/google/go-containerregistry/pkg/name"
@@ -77,11 +78,11 @@ func (o *metadataOptions) run(cmd *cobra.Command, args []string) error {
 	}
 
 	fmt.Fprintf(cmd.OutOrStdout(), "Mirroring TUF metadata %s to %s\n", o.source, o.destination)
-	root, err := tuf.GetEmbeddedTufRoot(o.rootOptions.tufRoot)
+	root, err := tuf.GetEmbeddedRoot(o.rootOptions.tufRoot)
 	if err != nil {
 		return fmt.Errorf("failed to get root bytes: %w", err)
 	}
-	m, err := mirror.NewTufMirror(root.Data, tufPath, o.source, o.targets, tuf.NewVersionChecker())
+	m, err := mirror.NewTUFMirror(root.Data, tufPath, o.source, o.targets, tuf.NewDefaultVersionChecker())
 	if err != nil {
 		return fmt.Errorf("failed to create TUF mirror: %w", err)
 	}
@@ -95,7 +96,7 @@ func (o *metadataOptions) run(cmd *cobra.Command, args []string) error {
 	}
 
 	// create delegated metadata manifests
-	var delegated []*mirror.MirrorImage
+	var delegated []*mirror.Image
 	if o.rootOptions.full {
 		delegated, err = m.GetDelegatedMetadataMirrors()
 		if err != nil {
@@ -107,22 +108,22 @@ func (o *metadataOptions) run(cmd *cobra.Command, args []string) error {
 	switch {
 	case strings.HasPrefix(o.destination, OCIPrefix):
 		path := strings.TrimPrefix(o.destination, OCIPrefix)
-		err = mirror.SaveImageAsOCILayout(image, path)
+		err = oci.SaveImageAsOCILayout(image, path)
 		if err != nil {
 			return fmt.Errorf("failed to save metadata as OCI layout: %w", err)
 		}
 		fmt.Fprintf(cmd.OutOrStdout(), "Metadata manifest layout saved to %s\n", path)
 		for _, d := range delegated {
 			path := filepath.Join(path, d.Tag)
-			err = mirror.SaveImageAsOCILayout(d.Image, path)
+			err = oci.SaveImageAsOCILayout(d.Image, path)
 			if err != nil {
 				return fmt.Errorf("failed to save delegated metadata as OCI layout: %w", err)
 			}
 			fmt.Fprintf(cmd.OutOrStdout(), "Delegated metadata manifest layout saved to %s\n", path)
 		}
 	case strings.HasPrefix(o.destination, RegistryPrefix):
 		imageName := strings.TrimPrefix(o.destination, RegistryPrefix)
-		err = mirror.PushImageToRegistry(image, imageName)
+		err = oci.PushImageToRegistry(image, imageName)
 		if err != nil {
 			return fmt.Errorf("failed to push metadata manifest: %w", err)
 		}
@@ -133,7 +134,7 @@ func (o *metadataOptions) run(cmd *cobra.Command, args []string) error {
 				return fmt.Errorf("failed to parse image name: %w", err)
 			}
 			imageName := fmt.Sprintf("%s:%s", ref.Context().Name(), d.Tag)
-			err = mirror.PushImageToRegistry(d.Image, imageName)
+			err = oci.PushImageToRegistry(d.Image, imageName)
 			if err != nil {
 				return fmt.Errorf("failed to push delegated metadata manifest: %w", err)
 			}
 
@@ -19,7 +19,7 @@ const (
 type rootOptions struct {
 	tufPath string
 	tufRoot string
-	mirror  *mirror.TufMirror
+	mirror  *mirror.TUFMirror
 	full    bool
 }
 
 
@@ -8,6 +8,7 @@ import (
 	"strings"
 
 	"github.com/docker/attest/pkg/mirror"
+	"github.com/docker/attest/pkg/oci"
 	"github.com/docker/attest/pkg/tuf"
 	"github.com/docker/go-tuf-mirror/internal/util"
 	"github.com/google/go-containerregistry/pkg/name"
@@ -92,27 +93,27 @@ func (o *targetsOptions) run(cmd *cobra.Command, args []string) error {
 		} else {
 			tufPath = strings.TrimSpace(o.rootOptions.tufPath)
 		}
-		root, err := tuf.GetEmbeddedTufRoot(o.rootOptions.tufRoot)
+		root, err := tuf.GetEmbeddedRoot(o.rootOptions.tufRoot)
 		if err != nil {
 			return fmt.Errorf("failed to get root bytes: %w", err)
 		}
-		m, err = mirror.NewTufMirror(root.Data, tufPath, o.metadata, o.source, tuf.NewVersionChecker())
+		m, err = mirror.NewTUFMirror(root.Data, tufPath, o.metadata, o.source, tuf.NewDefaultVersionChecker())
 		if err != nil {
 			return fmt.Errorf("failed to create TUF mirror: %w", err)
 		}
 	} else {
 		// set remote targets url for existing mirror
-		m.TufClient.SetRemoteTargetsURL(o.source)
+		m.TUFClient.SetRemoteTargetsURL(o.source)
 	}
 
 	// create target manifests
-	targets, err := m.GetTufTargetMirrors()
+	targets, err := m.GetTUFTargetMirrors()
 	if err != nil {
 		return fmt.Errorf("failed to create target mirrors: %w", err)
 	}
 
 	// create delegated target manifests
-	var delegated []*mirror.MirrorIndex
+	var delegated []*mirror.Index
 	if o.rootOptions.full {
 		delegated, err = m.GetDelegatedTargetMirrors()
 		if err != nil {
@@ -126,15 +127,15 @@ func (o *targetsOptions) run(cmd *cobra.Command, args []string) error {
 		outputPath := strings.TrimPrefix(o.destination, OCIPrefix)
 		for _, t := range targets {
 			path := filepath.Join(outputPath, t.Tag)
-			err = mirror.SaveImageAsOCILayout(t.Image, path)
+			err = oci.SaveImageAsOCILayout(t.Image, path)
 			if err != nil {
 				return fmt.Errorf("failed to save target as OCI layout: %w", err)
 			}
 			fmt.Fprintf(cmd.OutOrStdout(), "Target manifest layout saved to %s\n", path)
 		}
 		for _, d := range delegated {
 			path := filepath.Join(outputPath, d.Tag)
-			err = mirror.SaveIndexAsOCILayout(d.Index, path)
+			err = oci.SaveIndexAsOCILayout(d.Index, path)
 			if err != nil {
 				return fmt.Errorf("failed to save delegated target index as OCI layout: %w", err)
 			}
@@ -144,15 +145,15 @@ func (o *targetsOptions) run(cmd *cobra.Command, args []string) error {
 		repo := strings.TrimPrefix(o.destination, RegistryPrefix)
 		for _, t := range targets {
 			imageName := fmt.Sprintf("%s:%s", repo, t.Tag)
-			err = mirror.PushImageToRegistry(t.Image, imageName)
+			err = oci.PushImageToRegistry(t.Image, imageName)
 			if err != nil {
 				return fmt.Errorf("failed to push target manifest: %w", err)
 			}
 			fmt.Fprintf(cmd.OutOrStdout(), "Target manifest pushed to %s\n", imageName)
 		}
 		for _, d := range delegated {
 			imageName := fmt.Sprintf("%s:%s", repo, d.Tag)
-			err = mirror.PushIndexToRegistry(d.Index, imageName)
+			err = oci.PushIndexToRegistry(d.Index, imageName)
 			if err != nil {
 				return fmt.Errorf("failed to push delegated target index manifest: %w", err)
 			}
 
@@ -1,31 +1,30 @@
 module github.com/docker/go-tuf-mirror
 
-go 1.22.2
+go 1.22.5
 
 require (
-	github.com/docker/attest v0.1.8
-	github.com/google/go-containerregistry v0.20.0
+	github.com/docker/attest v0.3.0
+	github.com/google/go-containerregistry v0.20.1
 	github.com/spf13/cobra v1.8.1
 	github.com/stretchr/testify v1.9.0
 )
 
-// fork of a fork (in case it goes away) with changes to support ArtifactType (https://github.com/google/go-containerregistry/pull/1931)
-replace github.com/google/go-containerregistry v0.20.0 => github.com/kipz/go-containerregistry v0.0.0-20240423201245-bf57eace21f2
+// fork with changes to support ArtifactType (https://github.com/google/go-containerregistry/pull/1931)
+replace github.com/google/go-containerregistry => github.com/docker/go-containerregistry v0.0.0-20240808132857-c8bfc44af7c8
 
 require (
 	cloud.google.com/go v0.115.0 // indirect
-	cloud.google.com/go/auth v0.7.0 // indirect
-	cloud.google.com/go/auth/oauth2adapt v0.2.2 // indirect
-	cloud.google.com/go/compute/metadata v0.4.0 // indirect
-	cloud.google.com/go/iam v1.1.10 // indirect
-	cloud.google.com/go/kms v1.18.2 // indirect
-	cloud.google.com/go/longrunning v0.5.9 // indirect
+	cloud.google.com/go/auth v0.7.3 // indirect
+	cloud.google.com/go/auth/oauth2adapt v0.2.3 // indirect
+	cloud.google.com/go/compute/metadata v0.5.0 // indirect
+	cloud.google.com/go/iam v1.1.12 // indirect
+	cloud.google.com/go/kms v1.18.4 // indirect
+	cloud.google.com/go/longrunning v0.5.11 // indirect
 	github.com/Masterminds/semver/v3 v3.2.1 // indirect
-	github.com/Microsoft/hcsshim v0.12.3 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
 	github.com/aws/aws-sdk-go-v2 v1.30.3 // indirect
-	github.com/aws/aws-sdk-go-v2/config v1.27.26 // indirect
-	github.com/aws/aws-sdk-go-v2/credentials v1.17.26 // indirect
+	github.com/aws/aws-sdk-go-v2/config v1.27.27 // indirect
+	github.com/aws/aws-sdk-go-v2/credentials v1.17.27 // indirect
 	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.11 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.15 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.15 // indirect
@@ -34,14 +33,13 @@ require (
 	github.com/aws/aws-sdk-go-v2/service/ecrpublic v1.24.1 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.3 // indirect
 	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.17 // indirect
-	github.com/aws/aws-sdk-go-v2/service/kms v1.34.1 // indirect
-	github.com/aws/aws-sdk-go-v2/service/sso v1.22.3 // indirect
+	github.com/aws/aws-sdk-go-v2/service/kms v1.35.3 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.22.4 // indirect
 	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.4 // indirect
 	github.com/aws/aws-sdk-go-v2/service/sts v1.30.3 // indirect
 	github.com/aws/smithy-go v1.20.3 // indirect
 	github.com/awslabs/amazon-ecr-credential-helper/ecr-login v0.0.0-20231024185945-8841054dbdb8 // indirect
 	github.com/blang/semver v3.5.1+incompatible // indirect
-	github.com/containerd/containerd v1.7.19 // indirect
 	github.com/containerd/log v0.1.0 // indirect
 	github.com/containerd/platforms v0.2.1 // indirect
 	github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect
@@ -50,15 +48,14 @@ require (
 	github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352 // indirect
 	github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7 // indirect
 	github.com/distribution/reference v0.6.0 // indirect
-	github.com/docker/cli v26.1.3+incompatible // indirect
+	github.com/docker/cli v27.1.1+incompatible // indirect
 	github.com/docker/distribution v2.8.3+incompatible // indirect
-	github.com/docker/docker v27.0.3+incompatible // indirect
 	github.com/docker/docker-credential-helpers v0.8.1 // indirect
 	github.com/dustin/go-humanize v1.0.1 // indirect
 	github.com/felixge/httpsnoop v1.0.4 // indirect
 	github.com/fsnotify/fsnotify v1.7.0 // indirect
 	github.com/go-chi/chi v4.1.2+incompatible // indirect
-	github.com/go-jose/go-jose/v4 v4.0.1 // indirect
+	github.com/go-jose/go-jose/v4 v4.0.2 // indirect
 	github.com/go-logr/logr v1.4.2 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-openapi/analysis v0.23.0 // indirect
@@ -72,15 +69,14 @@ require (
 	github.com/go-openapi/swag v0.23.0 // indirect
 	github.com/go-openapi/validate v0.24.0 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
-	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/golang/snappy v0.0.4 // indirect
-	github.com/google/certificate-transparency-go v1.1.8 // indirect
-	github.com/google/s2a-go v0.1.7 // indirect
+	github.com/google/certificate-transparency-go v1.2.1 // indirect
+	github.com/google/s2a-go v0.1.8 // indirect
 	github.com/google/uuid v1.6.0 // indirect
 	github.com/googleapis/enterprise-certificate-proxy v0.3.2 // indirect
-	github.com/googleapis/gax-go/v2 v2.12.5 // indirect
+	github.com/googleapis/gax-go/v2 v2.13.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
-	github.com/hashicorp/go-retryablehttp v0.7.6 // indirect
+	github.com/hashicorp/go-retryablehttp v0.7.7 // indirect
 	github.com/hashicorp/hcl v1.0.1-vault-5 // indirect
 	github.com/in-toto/in-toto-golang v0.9.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
@@ -108,49 +104,50 @@ require (
 	github.com/sassoftware/relic v7.2.1+incompatible // indirect
 	github.com/secure-systems-lab/go-securesystemslib v0.8.0 // indirect
 	github.com/shibumi/go-pathspec v1.3.0 // indirect
-	github.com/sigstore/cosign/v2 v2.2.4 // indirect
+	github.com/sigstore/cosign/v2 v2.4.0 // indirect
+	github.com/sigstore/protobuf-specs v0.3.2 // indirect
 	github.com/sigstore/rekor v1.3.6 // indirect
-	github.com/sigstore/sigstore v1.8.6 // indirect
-	github.com/sigstore/sigstore/pkg/signature/kms/aws v1.8.6 // indirect
-	github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.8.6 // indirect
+	github.com/sigstore/sigstore v1.8.8 // indirect
+	github.com/sigstore/sigstore/pkg/signature/kms/aws v1.8.8 // indirect
+	github.com/sigstore/sigstore/pkg/signature/kms/gcp v1.8.8 // indirect
 	github.com/sigstore/timestamp-authority v1.2.2 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
 	github.com/sourcegraph/conc v0.3.0 // indirect
 	github.com/spf13/afero v1.11.0 // indirect
 	github.com/spf13/cast v1.6.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
-	github.com/spf13/viper v1.18.2 // indirect
+	github.com/spf13/viper v1.19.0 // indirect
 	github.com/subosito/gotenv v1.6.0 // indirect
 	github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d // indirect
 	github.com/theupdateframework/go-tuf v0.7.0 // indirect
-	github.com/theupdateframework/go-tuf/v2 v2.0.0-20240504210453-5a634eb214ae // indirect
+	github.com/theupdateframework/go-tuf/v2 v2.0.0 // indirect
 	github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect
 	github.com/transparency-dev/merkle v0.0.2 // indirect
 	github.com/vbatts/tar-split v0.11.5 // indirect
 	go.mongodb.org/mongo-driver v1.15.0 // indirect
 	go.opencensus.io v0.24.0 // indirect
 	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.52.0 // indirect
-	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.52.0 // indirect
-	go.opentelemetry.io/otel v1.27.0 // indirect
-	go.opentelemetry.io/otel/metric v1.27.0 // indirect
-	go.opentelemetry.io/otel/trace v1.27.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 // indirect
+	go.opentelemetry.io/otel v1.28.0 // indirect
+	go.opentelemetry.io/otel/metric v1.28.0 // indirect
+	go.opentelemetry.io/otel/trace v1.28.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
 	golang.org/x/crypto v0.25.0 // indirect
 	golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 // indirect
-	golang.org/x/mod v0.17.0 // indirect
+	golang.org/x/mod v0.19.0 // indirect
 	golang.org/x/net v0.27.0 // indirect
-	golang.org/x/oauth2 v0.21.0 // indirect
-	golang.org/x/sync v0.7.0 // indirect
+	golang.org/x/oauth2 v0.22.0 // indirect
+	golang.org/x/sync v0.8.0 // indirect
 	golang.org/x/sys v0.22.0 // indirect
 	golang.org/x/term v0.22.0 // indirect
 	golang.org/x/text v0.16.0 // indirect
-	golang.org/x/time v0.5.0 // indirect
-	google.golang.org/api v0.188.0 // indirect
-	google.golang.org/genproto v0.0.0-20240708141625-4ad9e859172b // indirect
-	google.golang.org/genproto/googleapis/api v0.0.0-20240701130421-f6361c86f094 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20240708141625-4ad9e859172b // indirect
-	google.golang.org/grpc v1.64.1 // indirect
+	golang.org/x/time v0.6.0 // indirect
+	google.golang.org/api v0.191.0 // indirect
+	google.golang.org/genproto v0.0.0-20240730163845-b1a4ccb954bf // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20240725223205-93522f1f2a9f // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240730163845-b1a4ccb954bf // indirect
+	google.golang.org/grpc v1.65.0 // indirect
 	google.golang.org/protobuf v1.34.2 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,7 @@ const (`
`19`	`19`	`type rootOptions struct {`
`20`	`20`	`tufPath string`
`21`	`21`	`tufRoot string`
`22`		`- mirror *mirror.TufMirror`
	`22`	`+ mirror *mirror.TUFMirror`
`23`	`23`	`full bool`
`24`	`24`	`}`
`25`	`25`