Add support for s3: URIs in tough/tuftool for targets and metadata resources

**Description:**

Currently, tough and tuftool require http(s) URLs or local file paths for accessing TUF repository targets and metadata. Adding native support for s3:// URIs could extends functionality of the library/tool to support usecases where a TUF repository is only hosted on S3.

**Proposal:**

Allow s3:// URIs to be used anywhere targets or metadata resources are currently specified, including:
- Repository base URLs in tough client
- Target file locations
- Metadata file locations
- tuftool commands that reference remote resources

Example Usage:

```rust
// tough client
let repository = RepositoryLoader::new(
    "s3://my-bucket/tuf-repo",
    // ...
).load().await?;
```

```bash
# tuftool
tuftool download \
    --metadata-url s3://my-bucket/tuf-repo/targets \
    --target-url s3://my-bucket/tuf-repo/targets \
    out-dir
```

**Alternatives considered**
* Download the entire repo via s3 sync and use `tuftool` local file transport support.
  * this isn't feasible for the use-case in mind given the size of large TUF repos 
* Use S3 pre-signed URLs
* Keep the status quo

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add support for s3: URIs in tough/tuftool for targets and metadata resources #911

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Add support for s3: URIs in tough/tuftool for targets and metadata resources #911

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions