Merge pull request #14560 from rhatdan/remote

podman-remote push --remove-signatures support

9 files changed, 42 insertions, 22 deletions

diff --git a/cmd/podman/images/push.go b/cmd/podman/images/push.go
index a59bdd93c..1b3419014 100644
--- a/cmd/podman/images/push.go
+++ b/cmd/podman/images/push.go
@@ -117,7 +117,6 @@ func pushFlags(cmd *cobra.Command) {
 		_ = flags.MarkHidden("compress")
 		_ = flags.MarkHidden("digestfile")
 		_ = flags.MarkHidden("quiet")
-		_ = flags.MarkHidden("remove-signatures")
 		_ = flags.MarkHidden("sign-by")
 	}
 	if !registry.IsRemote() {
diff --git a/docs/source/markdown/podman-push.1.md b/docs/source/markdown/podman-push.1.md
index 74555c11b..25c1e024a 100644
--- a/docs/source/markdown/podman-push.1.md
+++ b/docs/source/markdown/podman-push.1.md
@@ -95,7 +95,7 @@ When writing the output image, suppress progress output
 
 #### **--remove-signatures**
 
-Discard any pre-existing signatures in the image. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)
+Discard any pre-existing signatures in the image.
 
 #### **--sign-by**=*key*
 
diff --git a/pkg/api/handlers/libpod/images.go b/pkg/api/handlers/libpod/images.go
index efcbe9d77..60ed5feb3 100644
--- a/pkg/api/handlers/libpod/images.go
+++ b/pkg/api/handlers/libpod/images.go
@@ -422,10 +422,11 @@ func PushImage(w http.ResponseWriter, r *http.Request) {
 	runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime)
 
 	query := struct {
-		Destination string `schema:"destination"`
-		TLSVerify   bool   `schema:"tlsVerify"`
-		Format      string `schema:"format"`
-		All         bool   `schema:"all"`
+		All              bool   `schema:"all"`
+		Destination      string `schema:"destination"`
+		Format           string `schema:"format"`
+		RemoveSignatures bool   `schema:"removeSignatures"`
+		TLSVerify        bool   `schema:"tlsVerify"`
 	}{
 		// This is where you can override the golang default value for one of fields
 	}
@@ -462,12 +463,13 @@ func PushImage(w http.ResponseWriter, r *http.Request) {
 		password = authconf.Password
 	}
 	options := entities.ImagePushOptions{
-		Authfile: authfile,
-		Username: username,
-		Password: password,
-		Format:   query.Format,
-		All:      query.All,
-		Quiet:    true,
+		All:              query.All,
+		Authfile:         authfile,
+		Format:           query.Format,
+		Password:         password,
+		Quiet:            true,
+		RemoveSignatures: query.RemoveSignatures,
+		Username:         username,
 	}
 	if _, found := r.URL.Query()["tlsVerify"]; found {
 		options.SkipTLSVerify = types.NewOptionalBool(!query.TLSVerify)
diff --git a/pkg/api/handlers/libpod/manifests.go b/pkg/api/handlers/libpod/manifests.go
index d9ed1c265..bdf0162c7 100644
--- a/pkg/api/handlers/libpod/manifests.go
+++ b/pkg/api/handlers/libpod/manifests.go
@@ -247,9 +247,10 @@ func ManifestPushV3(w http.ResponseWriter, r *http.Request) {
 	runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime)
 	decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder)
 	query := struct {
-		All         bool   `schema:"all"`
-		Destination string `schema:"destination"`
-		TLSVerify   bool   `schema:"tlsVerify"`
+		All              bool   `schema:"all"`
+		Destination      string `schema:"destination"`
+		RemoveSignatures bool   `schema:"removeSignatures"`
+		TLSVerify        bool   `schema:"tlsVerify"`
 	}{
 		// Add defaults here once needed.
 	}
@@ -276,10 +277,11 @@ func ManifestPushV3(w http.ResponseWriter, r *http.Request) {
 		password = authconf.Password
 	}
 	options := entities.ImagePushOptions{
-		Authfile: authfile,
-		Username: username,
-		Password: password,
-		All:      query.All,
+		All:              query.All,
+		Authfile:         authfile,
+		Password:         password,
+		RemoveSignatures: query.RemoveSignatures,
+		Username:         username,
 	}
 	if sys := runtime.SystemContext(); sys != nil {
 		options.CertDir = sys.DockerCertPath
diff --git a/pkg/bindings/images/types.go b/pkg/bindings/images/types.go
index 8e5e7ee92..16dbad380 100644
--- a/pkg/bindings/images/types.go
+++ b/pkg/bindings/images/types.go
@@ -127,6 +127,8 @@ type PushOptions struct {
 	Password *string
 	// SkipTLSVerify to skip HTTPS and certificate verification.
 	SkipTLSVerify *bool
+	// RemoveSignatures Discard any pre-existing signatures in the image.
+	RemoveSignatures *bool
 	// Username for authenticating against the registry.
 	Username *string
 }
diff --git a/pkg/bindings/images/types_push_options.go b/pkg/bindings/images/types_push_options.go
index 4985c9451..25f6c5546 100644
--- a/pkg/bindings/images/types_push_options.go
+++ b/pkg/bindings/images/types_push_options.go
@@ -107,6 +107,21 @@ func (o *PushOptions) GetSkipTLSVerify() bool {
 	return *o.SkipTLSVerify
 }
 
+// WithRemoveSignatures set field RemoveSignatures to given value
+func (o *PushOptions) WithRemoveSignatures(value bool) *PushOptions {
+	o.RemoveSignatures = &value
+	return o
+}
+
+// GetRemoveSignatures returns value of field RemoveSignatures
+func (o *PushOptions) GetRemoveSignatures() bool {
+	if o.RemoveSignatures == nil {
+		var z bool
+		return z
+	}
+	return *o.RemoveSignatures
+}
+
 // WithUsername set field Username to given value
 func (o *PushOptions) WithUsername(value string) *PushOptions {
 	o.Username = &value
diff --git a/pkg/domain/infra/tunnel/images.go b/pkg/domain/infra/tunnel/images.go
index 18e10e8dd..97838d596 100644
--- a/pkg/domain/infra/tunnel/images.go
+++ b/pkg/domain/infra/tunnel/images.go
@@ -244,7 +244,7 @@ func (ir *ImageEngine) Import(ctx context.Context, opts entities.ImageImportOpti
 
 func (ir *ImageEngine) Push(ctx context.Context, source string, destination string, opts entities.ImagePushOptions) error {
 	options := new(images.PushOptions)
-	options.WithAll(opts.All).WithCompress(opts.Compress).WithUsername(opts.Username).WithPassword(opts.Password).WithAuthfile(opts.Authfile).WithFormat(opts.Format)
+	options.WithAll(opts.All).WithCompress(opts.Compress).WithUsername(opts.Username).WithPassword(opts.Password).WithAuthfile(opts.Authfile).WithFormat(opts.Format).WithRemoveSignatures(opts.RemoveSignatures)
 
 	if s := opts.SkipTLSVerify; s != types.OptionalBoolUndefined {
 		if s == types.OptionalBoolTrue {
diff --git a/pkg/domain/infra/tunnel/manifest.go b/pkg/domain/infra/tunnel/manifest.go
index 9ac3fdb83..09c37b896 100644
--- a/pkg/domain/infra/tunnel/manifest.go
+++ b/pkg/domain/infra/tunnel/manifest.go
@@ -99,7 +99,7 @@ func (ir *ImageEngine) ManifestRm(ctx context.Context, names []string) (*entitie
 // ManifestPush pushes a manifest list or image index to the destination
 func (ir *ImageEngine) ManifestPush(ctx context.Context, name, destination string, opts entities.ImagePushOptions) (string, error) {
 	options := new(images.PushOptions)
-	options.WithUsername(opts.Username).WithPassword(opts.Password).WithAuthfile(opts.Authfile)
+	options.WithUsername(opts.Username).WithPassword(opts.Password).WithAuthfile(opts.Authfile).WithRemoveSignatures(opts.RemoveSignatures)
 	options.WithAll(opts.All)
 
 	if s := opts.SkipTLSVerify; s != types.OptionalBoolUndefined {
diff --git a/test/e2e/push_test.go b/test/e2e/push_test.go
index 0288bf915..864278777 100644
--- a/test/e2e/push_test.go
+++ b/test/e2e/push_test.go
@@ -96,7 +96,6 @@ var _ = Describe("Podman push", func() {
 	})
 
 	It("podman push to local registry", func() {
-		SkipIfRemote("Remote does not support --digestfile or --remove-signatures")
 		if podmanTest.Host.Arch == "ppc64le" {
 			Skip("No registry image for ppc64le")
 		}
@@ -118,6 +117,7 @@ var _ = Describe("Podman push", func() {
 		push.WaitWithDefaultTimeout()
 		Expect(push).Should(Exit(0))
 
+		SkipIfRemote("Remote does not support --digestfile")
 		// Test --digestfile option
 		push2 := podmanTest.Podman([]string{"push", "--tls-verify=false", "--digestfile=/tmp/digestfile.txt", "--remove-signatures", ALPINE, "localhost:5000/my-alpine"})
 		push2.WaitWithDefaultTimeout()