diff options
author | Brent Baude <bbaude@redhat.com> | 2020-05-09 09:09:35 -0500 |
---|---|---|
committer | Brent Baude <bbaude@redhat.com> | 2020-05-11 09:18:56 -0500 |
commit | fbd0fccf89f994a90fbc8d63e9c90942acdbc201 (patch) | |
tree | adcf2ca287420b8b46cf860b718cc8769154a89f /cmd/podman/images | |
parent | d8c6cc16843efac13b92758b1bf93e9d5897a212 (diff) | |
download | podman-fbd0fccf89f994a90fbc8d63e9c90942acdbc201.tar.gz podman-fbd0fccf89f994a90fbc8d63e9c90942acdbc201.tar.bz2 podman-fbd0fccf89f994a90fbc8d63e9c90942acdbc201.zip |
v2podman image sign
this is a straight port to add the podman image sign command. no improvements or refactoring done
Signed-off-by: Brent Baude <bbaude@redhat.com>
Diffstat (limited to 'cmd/podman/images')
-rw-r--r-- | cmd/podman/images/sign.go | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/cmd/podman/images/sign.go b/cmd/podman/images/sign.go new file mode 100644 index 000000000..bd9cf2ea7 --- /dev/null +++ b/cmd/podman/images/sign.go @@ -0,0 +1,55 @@ +package images + +import ( + "os" + + "github.com/containers/libpod/cmd/podman/registry" + "github.com/containers/libpod/pkg/domain/entities" + "github.com/pkg/errors" + "github.com/spf13/cobra" +) + +var ( + signDescription = "Create a signature file that can be used later to verify the image." + signCommand = &cobra.Command{ + Use: "sign [flags] IMAGE [IMAGE...]", + Short: "Sign an image", + Long: signDescription, + RunE: sign, + Args: cobra.MinimumNArgs(1), + Example: `podman image sign --sign-by mykey imageID + podman image sign --sign-by mykey --directory ./mykeydir imageID`, + } +) + +var ( + signOptions entities.SignOptions +) + +func init() { + registry.Commands = append(registry.Commands, registry.CliCommand{ + Mode: []entities.EngineMode{entities.ABIMode}, + Command: signCommand, + Parent: imageCmd, + }) + flags := signCommand.Flags() + flags.StringVarP(&signOptions.Directory, "directory", "d", "", "Define an alternate directory to store signatures") + flags.StringVar(&signOptions.SignBy, "sign-by", "", "Name of the signing key") + flags.StringVar(&signOptions.CertDir, "cert-dir", "", "`Pathname` of a directory containing TLS certificates and keys") +} + +func sign(cmd *cobra.Command, args []string) error { + if signOptions.SignBy == "" { + return errors.Errorf("please provide an identity") + } + + var sigStoreDir string + if len(signOptions.Directory) > 0 { + sigStoreDir = signOptions.Directory + if _, err := os.Stat(sigStoreDir); err != nil { + return errors.Wrapf(err, "invalid directory %s", sigStoreDir) + } + } + _, err := registry.ImageEngine().Sign(registry.Context(), args, signOptions) + return err +} |