summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMiloslav Trmač <mitr@redhat.com>2022-08-24 19:42:08 +0200
committerMiloslav Trmač <mitr@redhat.com>2022-08-29 17:55:38 +0200
commit1f61734f4f2bd8c43225e59469e9b9438b8621c4 (patch)
tree0c85eea7ed1ea72a997539abdef8e0624e14c6b0
parent04b3cc3936970882703ee1dbde01009b4f69ef29 (diff)
downloadpodman-1f61734f4f2bd8c43225e59469e9b9438b8621c4.tar.gz
podman-1f61734f4f2bd8c43225e59469e9b9438b8621c4.tar.bz2
podman-1f61734f4f2bd8c43225e59469e9b9438b8621c4.zip
Create new policy entries together with validating input
That way, we don't have to switch over trustType twice. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
-rw-r--r--pkg/trust/policy.go11
1 files changed, 4 insertions, 7 deletions
diff --git a/pkg/trust/policy.go b/pkg/trust/policy.go
index df4f49ff1..77e02a05c 100644
--- a/pkg/trust/policy.go
+++ b/pkg/trust/policy.go
@@ -151,11 +151,15 @@ func AddPolicyEntries(policyPath string, input AddPolicyEntriesInput) error {
if len(pubkeysfile) != 0 {
return fmt.Errorf("%d public keys unexpectedly provided for trust type %v", len(pubkeysfile), input.Type)
}
+ newReposContent = append(newReposContent, RepoContent{Type: trustType})
case "signedBy":
if len(pubkeysfile) == 0 {
return errors.New("at least one public key must be defined for type 'signedBy'")
}
+ for _, filepath := range pubkeysfile {
+ newReposContent = append(newReposContent, RepoContent{Type: trustType, KeyType: "GPGKeys", KeyPath: filepath})
+ }
default:
return fmt.Errorf("unknown trust type %q", input.Type)
@@ -171,13 +175,6 @@ func AddPolicyEntries(policyPath string, input AddPolicyEntriesInput) error {
return errors.New("could not read trust policies")
}
}
- if len(pubkeysfile) != 0 {
- for _, filepath := range pubkeysfile {
- newReposContent = append(newReposContent, RepoContent{Type: trustType, KeyType: "GPGKeys", KeyPath: filepath})
- }
- } else {
- newReposContent = append(newReposContent, RepoContent{Type: trustType})
- }
if input.Scope == "default" {
policyContentStruct.Default = newReposContent
} else {