diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2019-01-10 07:43:54 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-01-10 07:43:54 -0800 |
| commit | c338da50ca91a872d156f0ba12fce91231200843 (patch) | |
| tree | 8c4f5d7b9d7a9508c5222da23b6bc3c9952669f7 | |
| parent | ac426bada215b02b586cdcf0beea7ddd0099c575 (diff) | |
| parent | 55583bdfa684d9c10ee5b9f2d88c24101a12ef17 (diff) | |
| download | podman-c338da50ca91a872d156f0ba12fce91231200843.tar.gz podman-c338da50ca91a872d156f0ba12fce91231200843.tar.bz2 podman-c338da50ca91a872d156f0ba12fce91231200843.zip | |
Merge pull request #2111 from rhatdan/sign
Fix up image sign and trust
| -rw-r--r-- | completions/bash/podman | 107 | ||||
| -rw-r--r-- | docs/podman-image-sign.1.md | 12 |
2 files changed, 113 insertions, 6 deletions
diff --git a/completions/bash/podman b/completions/bash/podman index e23615d52..6333dfdf2 100644 --- a/completions/bash/podman +++ b/completions/bash/podman @@ -32,6 +32,9 @@ __podman_containers() { __podman_q ps --format "$format" "$@" } +__podman_list_registries() { + sed -n -e '/registries.*=/ {s/.*\[\([^]]*\).*/\1/p;q}' /etc/containers/registries.conf | sed -e "s/[,']//g" +} # __podman_pods returns a list of pods. Additional options to # `podman pod ps` may be specified in order to filter the list, e.g. @@ -365,6 +368,7 @@ __podman_subcommands() { local subcommands="$1" local counter=$(($command_pos + 1)) + while [ $counter -lt $cword ]; do case "${words[$counter]}" in $(__podman_to_extglob "$subcommands") ) @@ -1296,7 +1300,9 @@ _podman_image() { push rm save + sign tag + trust " local aliases=" list @@ -2356,6 +2362,92 @@ _podman_container_runlabel() { esac } +_podman_image_sign() { + local options_with_args=" + -d + --directory + --sign-by + " + local boolean_options=" + --help + -h + " + case "$cur" in + -*) + COMPREPLY=($(compgen -W "$boolean_options $options_with_args" -- "$cur")) + ;; + *) + __podman_complete_images + ;; + esac +} + +_podman_image_trust_set() { + echo hello + local options_with_args=" + -f + --type + --pubkeysfile + " + local boolean_options=" + --help + -h + " + case "$cur" in + -*) + COMPREPLY=($(compgen -W "$boolean_options $options_with_args" -- "$cur")) + ;; + *) + COMPREPLY=($(compgen -W "default $( __podman_list_registries )" -- "$cur")) + ;; + esac +} + +_podman_image_trust_show() { + local options_with_args=" + " + local boolean_options=" + --help + -h + -j + --json + --raw + " + case "$cur" in + -*) + COMPREPLY=($(compgen -W "$boolean_options $options_with_args" -- "$cur")) + ;; + *) + __podman_complete_images + ;; + esac +} + +_podman_image_trust() { + local boolean_options=" + --help + -h + " + subcommands=" + set + show + " + local aliases=" + list + " + command=image_trust + __podman_subcommands "$subcommands $aliases" && return + + case "$cur" in + -*) + COMPREPLY=( $( compgen -W "--help" -- "$cur" ) ) + ;; + *) + COMPREPLY=( $( compgen -W "$subcommands" -- "$cur" ) ) + ;; + esac +} + _podman_images_prune() { local options_with_args=" " @@ -2364,6 +2456,11 @@ _podman_images_prune() { -h --help " + case "$cur" in + -*) + COMPREPLY=($(compgen -W "$boolean_options $options_with_args" -- "$cur")) + ;; + esac } _podman_container_prune() { @@ -2382,6 +2479,15 @@ _podman_container_exists() { local boolean_options=" " + case "$cur" in + -*) + COMPREPLY=($(compgen -W "$boolean_options $options_with_args" -- "$cur")) + ;; + *) + __podman_complete_images + ;; + esac + } _podman_pod_exists() { @@ -2813,6 +2919,7 @@ _podman_podman() { export generate history + image images import info diff --git a/docs/podman-image-sign.1.md b/docs/podman-image-sign.1.md index c4f3c6676..232bc87fe 100644 --- a/docs/podman-image-sign.1.md +++ b/docs/podman-image-sign.1.md @@ -5,8 +5,8 @@ podman-image-sign- Create a signature for an image # SYNOPSIS **podman image sign** -[**-h**|**--help**] -[**-d**, **--directory**] +[**--help**|**-h**] +[**--directory**|**-d**] [**--sign-by**] [ IMAGE... ] @@ -16,10 +16,10 @@ been pulled from a registry. The signature will be written to a directory derived from the registry configuration files in /etc/containers/registries.d. By default, the signature will be written into /var/lib/containers/sigstore directory. # OPTIONS -**-h** **--help** +**--help** **-h** Print usage statement. -**-d** **--directory** +**--directory** **-d** Store the signatures in the specified directory. Default: /var/lib/containers/sigstore **--sign-by** @@ -28,7 +28,7 @@ derived from the registry configuration files in /etc/containers/registries.d. B # EXAMPLES Sign the busybox image with the identify of foo@bar.com with a user's keyring and save the signature in /tmp/signatures/. - sudo podman image sign --sign-by foo@bar.com -d /tmp/signatures transport://privateregistry.example.com/foobar + sudo podman image sign --sign-by foo@bar.com --directory /tmp/signatures docker://privateregistry.example.com/foobar # RELATED CONFIGURATION @@ -36,7 +36,7 @@ The write (and read) location for signatures is defined in YAML-based configuration files in /etc/containers/registries.d/. When you sign an image, podman will use those configuration files to determine where to write the signature based on the the name of the originating -registry or a default storage value unless overriden with the -d +registry or a default storage value unless overriden with the --directory option. For example, consider the following configuration file. docker: |