diff options
author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2019-09-12 22:23:29 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-09-12 22:23:29 +0200 |
commit | 3acfc3b7df593aaf4838b0eb4e8f24e9e54d998c (patch) | |
tree | 9f8e6e59e8dc30695e3131645f87c92350d7c4fd /cmd/podman/sign.go | |
parent | 42332a3ea268399fa2bf192d100db808ca4efcf8 (diff) | |
parent | 569c2e523dcddd3a0c3a3dc1b92632a07d2eda51 (diff) | |
download | podman-3acfc3b7df593aaf4838b0eb4e8f24e9e54d998c.tar.gz podman-3acfc3b7df593aaf4838b0eb4e8f24e9e54d998c.tar.bz2 podman-3acfc3b7df593aaf4838b0eb4e8f24e9e54d998c.zip |
Merge pull request #3997 from QiWang19/sigpath
fix podman sign signature store for rootless
Diffstat (limited to 'cmd/podman/sign.go')
-rw-r--r-- | cmd/podman/sign.go | 32 |
1 files changed, 22 insertions, 10 deletions
diff --git a/cmd/podman/sign.go b/cmd/podman/sign.go index 63ba9b904..79bc3f02b 100644 --- a/cmd/podman/sign.go +++ b/cmd/podman/sign.go @@ -14,6 +14,7 @@ import ( "github.com/containers/libpod/cmd/podman/cliconfig" "github.com/containers/libpod/cmd/podman/libpodruntime" "github.com/containers/libpod/libpod/image" + "github.com/containers/libpod/pkg/rootless" "github.com/containers/libpod/pkg/trust" "github.com/containers/libpod/pkg/util" "github.com/pkg/errors" @@ -130,22 +131,33 @@ func signCmd(c *cliconfig.SignValues) error { return errors.Wrapf(err, "error pulling image %s", signimage) } - registryInfo := trust.HaveMatchRegistry(rawSource.Reference().DockerReference().String(), registryConfigs) - if registryInfo != nil { + if rootless.IsRootless() { if sigStoreDir == "" { - sigStoreDir = registryInfo.SigStoreStaging + runtimeConfig, err := runtime.GetConfig() + if err != nil { + return err + } + + sigStoreDir = filepath.Join(filepath.Dir(runtimeConfig.StorageConfig.GraphRoot), "sigstore") + } + } else { + registryInfo := trust.HaveMatchRegistry(rawSource.Reference().DockerReference().String(), registryConfigs) + if registryInfo != nil { if sigStoreDir == "" { - sigStoreDir = registryInfo.SigStore + sigStoreDir = registryInfo.SigStoreStaging + if sigStoreDir == "" { + sigStoreDir = registryInfo.SigStore + } + } + sigStoreDir, err = isValidSigStoreDir(sigStoreDir) + if err != nil { + return errors.Wrapf(err, "invalid signature storage %s", sigStoreDir) } } - sigStoreDir, err = isValidSigStoreDir(sigStoreDir) - if err != nil { - return errors.Wrapf(err, "invalid signature storage %s", sigStoreDir) + if sigStoreDir == "" { + sigStoreDir = SignatureStoreDir } } - if sigStoreDir == "" { - sigStoreDir = SignatureStoreDir - } repos, err := newImage.RepoDigests() if err != nil { |