diff options
| author | baude <bbaude@redhat.com> | 2020-05-06 15:24:54 -0500 |
|---|---|---|
| committer | Brent Baude <bbaude@redhat.com> | 2020-05-07 09:55:52 -0500 |
| commit | e9a17da1c5f3e20a5f4394db9f5d7e744d8fdbc6 (patch) | |
| tree | 2f1a257cbf8bbfa03c619068692c2fd059fc7a3f /cmd/podman/images/trust_set.go | |
| parent | 7cd2e35203cd059a75792c1ff03486ba32a23ddb (diff) | |
| download | podman-e9a17da1c5f3e20a5f4394db9f5d7e744d8fdbc6.tar.gz podman-e9a17da1c5f3e20a5f4394db9f5d7e744d8fdbc6.tar.bz2 podman-e9a17da1c5f3e20a5f4394db9f5d7e744d8fdbc6.zip | |
v2trust set and show
add podman image trust set and show
Signed-off-by: baude <bbaude@redhat.com>
Signed-off-by: bbaude <bbaude@DESKTOP-SH5EG3J.localdomain>
Signed-off-by: Brent Baude <bbaude@redhat.com>
Diffstat (limited to 'cmd/podman/images/trust_set.go')
| -rw-r--r-- | cmd/podman/images/trust_set.go | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/cmd/podman/images/trust_set.go b/cmd/podman/images/trust_set.go new file mode 100644 index 000000000..5868f5546 --- /dev/null +++ b/cmd/podman/images/trust_set.go @@ -0,0 +1,56 @@ +package images + +import ( + "github.com/containers/libpod/cmd/podman/registry" + "github.com/containers/libpod/libpod/image" + "github.com/containers/libpod/pkg/domain/entities" + "github.com/containers/libpod/pkg/util" + "github.com/pkg/errors" + "github.com/spf13/cobra" +) + +var ( + setTrustDescription = "Set default trust policy or add a new trust policy for a registry" + setTrustCommand = &cobra.Command{ + Use: "set [flags] REGISTRY", + Short: "Set default trust policy or a new trust policy for a registry", + Long: setTrustDescription, + Example: "", + RunE: setTrust, + Args: cobra.ExactArgs(1), + } +) + +var ( + setOptions entities.SetTrustOptions +) + +func init() { + registry.Commands = append(registry.Commands, registry.CliCommand{ + Mode: []entities.EngineMode{entities.ABIMode}, + Command: setTrustCommand, + Parent: trustCmd, + }) + setFlags := setTrustCommand.Flags() + setFlags.StringVar(&setOptions.PolicyPath, "policypath", "", "") + _ = setFlags.MarkHidden("policypath") + setFlags.StringSliceVarP(&setOptions.PubKeysFile, "pubkeysfile", "f", []string{}, `Path of installed public key(s) to trust for TARGET. +Absolute path to keys is added to policy.json. May +used multiple times to define multiple public keys. +File(s) must exist before using this command`) + setFlags.StringVarP(&setOptions.Type, "type", "t", "signedBy", "Trust type, accept values: signedBy(default), accept, reject") +} + +func setTrust(cmd *cobra.Command, args []string) error { + validTrustTypes := []string{"accept", "insecureAcceptAnything", "reject", "signedBy"} + + valid, err := image.IsValidImageURI(args[0]) + if err != nil || !valid { + return errors.Wrapf(err, "invalid image uri %s", args[0]) + } + + if !util.StringInSlice(setOptions.Type, validTrustTypes) { + return errors.Errorf("invalid choice: %s (choose from 'accept', 'reject', 'signedBy')", setOptions.Type) + } + return registry.ImageEngine().SetTrust(registry.Context(), args, setOptions) +} |