repository: Remove sign_only argument from close()

This is only needed for threshold signing and not even used in the
example: leave it to the implementations to handle for now.

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>

Author: jku

examples/repository/_simplerepo.py

@@ -100,26 +100,21 @@ def open(self, role: str) -> Metadata:
         # return latest metadata from storage (but don't return a reference)
         return copy.deepcopy(self.role_cache[role][-1])
 
-    def close(self, role: str, md: Metadata, sign_only: bool = False) -> None:
+    def close(self, role: str, md: Metadata) -> None:
         """Store a version of metadata. Handle version bumps, expiry, signing"""
-        if sign_only:
-            for signer in self.signer_cache[role]:
-                md.sign(signer, append=True)
-            self.role_cache[role][-1] = md
-        else:
-            md.signed.version += 1
-            md.signed.expires = datetime.utcnow() + self.expiry_period
-
-            md.signatures.clear()
-            for signer in self.signer_cache[role]:
-                md.sign(signer, append=True)
-
-            # store new metadata version, update version caches
-            self.role_cache[role].append(md)
-            if role == "snapshot":
-                self._snapshot_info.version = md.signed.version
-            elif role not in ["root", "timestamp"]:
-                self._targets_infos[f"{role}.json"].version = md.signed.version
+        md.signed.version += 1
+        md.signed.expires = datetime.utcnow() + self.expiry_period
+
+        md.signatures.clear()
+        for signer in self.signer_cache[role]:
+            md.sign(signer, append=True)
+
+        # store new metadata version, update version caches
+        self.role_cache[role].append(md)
+        if role == "snapshot":
+            self._snapshot_info.version = md.signed.version
+        elif role not in ["root", "timestamp"]:
+            self._targets_infos[f"{role}.json"].version = md.signed.version
 
     def add_target(self, path: str, content: str) -> None:
         """Add a target to repository"""

tuf/repository/_repository.py

@@ -28,9 +28,11 @@ class Repository(ABC):
     application, whether it is a real repository server or a developer tool.
 
     Implementations must implement open() and close(), and can then use the
-    edit() contextmanager to implement actual operations.
+    edit() contextmanager to implement actual operations. Not that signing
+    an already existing version of metadata (as could be done for threshold
+    signing) does not fit into this model of open()+close() or edit().
 
-    A few operations (sign, snapshot and timestamp) are already implemented
+    A few operations (snapshot and timestamp) are already implemented
     in this base class.
     """
 
@@ -42,7 +44,7 @@ def open(self, role: str) -> Metadata:
         raise NotImplementedError
 
     @abstractmethod
-    def close(self, role: str, md: Metadata, sign_only: bool = False) -> None:
+    def close(self, role: str, md: Metadata) -> None:
         """Write roles metadata into storage
 
         If sign_only, then just append signatures of all available keys.
@@ -92,11 +94,6 @@ def edit(self, role: str) -> Generator[Signed, None, None]:
             yield md.signed
             self.close(role, md)
 
-    def sign(self, role: str) -> None:
-        """sign without modifying content, or removing existing signatures"""
-        md = self.open(role)
-        self.close(role, md, sign_only=True)
-
     def snapshot(self, force: bool = False) -> Tuple[bool, Dict[str, MetaFile]]:
         """Update snapshot meta information