diff options
author | Valentin Rothberg <rothberg@redhat.com> | 2021-09-23 13:35:57 +0200 |
---|---|---|
committer | Valentin Rothberg <rothberg@redhat.com> | 2021-09-23 13:50:49 +0200 |
commit | 01bf8a66872df7dc6f93b7156371fa8fce3d84df (patch) | |
tree | 335df18349c3c95c8f227eb5e89e7f90cb38c776 | |
parent | b0d1c0fe22da27c88a0e5de11de08d63ef861347 (diff) | |
download | podman-01bf8a66872df7dc6f93b7156371fa8fce3d84df.tar.gz podman-01bf8a66872df7dc6f93b7156371fa8fce3d84df.tar.bz2 podman-01bf8a66872df7dc6f93b7156371fa8fce3d84df.zip |
podman save: enforce signature removal
Enforce the removal of signatures in `podman save` to restore behavior
prior to the migration to libimage. We may consider improving on that
in the future. For details, please refer to the excellent summary by
@mtrmac [1].
[NO TESTS NEEDED] - manually verified but exisiting tests need some
further investigation (see [1]).
[1] https://github.com/containers/podman/pull/11669#issuecomment-925250264
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
-rw-r--r-- | pkg/api/handlers/libpod/images.go | 1 | ||||
-rw-r--r-- | pkg/domain/entities/images.go | 2 | ||||
-rw-r--r-- | pkg/domain/infra/abi/images.go | 5 |
3 files changed, 4 insertions, 4 deletions
diff --git a/pkg/api/handlers/libpod/images.go b/pkg/api/handlers/libpod/images.go index 51157d204..0023479ea 100644 --- a/pkg/api/handlers/libpod/images.go +++ b/pkg/api/handlers/libpod/images.go @@ -359,7 +359,6 @@ func ExportImages(w http.ResponseWriter, r *http.Request) { MultiImageArchive: len(query.References) > 1, OciAcceptUncompressedLayers: query.OciAcceptUncompressedLayers, Output: output, - RemoveSignatures: true, } imageEngine := abi.ImageEngine{Libpod: runtime} diff --git a/pkg/domain/entities/images.go b/pkg/domain/entities/images.go index edd23e662..80d570764 100644 --- a/pkg/domain/entities/images.go +++ b/pkg/domain/entities/images.go @@ -305,8 +305,6 @@ type ImageSaveOptions struct { OciAcceptUncompressedLayers bool // Output - write image to the specified path. Output string - // Do not save the signature from the source image - RemoveSignatures bool // Quiet - suppress output when copying images Quiet bool } diff --git a/pkg/domain/infra/abi/images.go b/pkg/domain/infra/abi/images.go index 705ad7768..98d668434 100644 --- a/pkg/domain/infra/abi/images.go +++ b/pkg/domain/infra/abi/images.go @@ -368,7 +368,10 @@ func (ir *ImageEngine) Save(ctx context.Context, nameOrID string, tags []string, saveOptions := &libimage.SaveOptions{} saveOptions.DirForceCompress = options.Compress saveOptions.OciAcceptUncompressedLayers = options.OciAcceptUncompressedLayers - saveOptions.RemoveSignatures = options.RemoveSignatures + + // Force signature removal to preserve backwards compat. + // See https://github.com/containers/podman/pull/11669#issuecomment-925250264 + saveOptions.RemoveSignatures = true if !options.Quiet { saveOptions.Writer = os.Stderr |