aboutsummaryrefslogtreecommitdiff
path: root/cmd/podman
diff options
context:
space:
mode:
authorQi Wang <qiwan@redhat.com>2020-09-13 15:40:41 -0400
committerQi Wang <qiwan@redhat.com>2020-09-15 16:09:33 -0400
commit2fcd1d7b4dca2619277607da7c8d22e9ec7620a2 (patch)
tree27f44268555f587c724f9674c5ec742dbf31b089 /cmd/podman
parent0be5836e49da38b156951639b7e19eaec6a6e593 (diff)
downloadpodman-2fcd1d7b4dca2619277607da7c8d22e9ec7620a2.tar.gz
podman-2fcd1d7b4dca2619277607da7c8d22e9ec7620a2.tar.bz2
podman-2fcd1d7b4dca2619277607da7c8d22e9ec7620a2.zip
Supports import&run--signature-policy
Enables podman create, pull, run, import to use --signature-policy option. Set it as hidden flag to be consistent with other commands. Signed-off-by: Qi Wang <qiwan@redhat.com>
Diffstat (limited to 'cmd/podman')
-rw-r--r--cmd/podman/common/create.go5
-rw-r--r--cmd/podman/common/create_opts.go1
-rw-r--r--cmd/podman/containers/create.go2
-rw-r--r--cmd/podman/containers/run.go1
-rw-r--r--cmd/podman/images/import.go2
5 files changed, 11 insertions, 0 deletions
diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go
index 2b6f9348e..cfbcf6140 100644
--- a/cmd/podman/common/create.go
+++ b/cmd/podman/common/create.go
@@ -416,6 +416,11 @@ func GetCreateFlags(cf *ContainerCLIOpts) *pflag.FlagSet {
"Size of /dev/shm "+sizeWithUnitFormat,
)
createFlags.StringVar(
+ &cf.SignaturePolicy,
+ "signature-policy", "",
+ "`Pathname` of signature policy file (not usually used)",
+ )
+ createFlags.StringVar(
&cf.StopSignal,
"stop-signal", "",
"Signal to stop a container. Default is SIGTERM",
diff --git a/cmd/podman/common/create_opts.go b/cmd/podman/common/create_opts.go
index 1b0e64590..83a25f4ab 100644
--- a/cmd/podman/common/create_opts.go
+++ b/cmd/podman/common/create_opts.go
@@ -84,6 +84,7 @@ type ContainerCLIOpts struct {
SecurityOpt []string
SdNotifyMode string
ShmSize string
+ SignaturePolicy string
StopSignal string
StopTimeout uint
StoreageOpt []string
diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go
index f9d33a223..795b56d6a 100644
--- a/cmd/podman/containers/create.go
+++ b/cmd/podman/containers/create.go
@@ -61,6 +61,7 @@ func createFlags(flags *pflag.FlagSet) {
flags.AddFlagSet(common.GetNetFlags())
flags.SetNormalizeFunc(utils.AliasFlags)
+ _ = flags.MarkHidden("signature-policy")
if registry.IsRemote() {
_ = flags.MarkHidden("authfile")
_ = flags.MarkHidden("env-host")
@@ -256,6 +257,7 @@ func pullImage(imageName string) (string, error) {
OverrideArch: cliVals.OverrideArch,
OverrideOS: cliVals.OverrideOS,
OverrideVariant: cliVals.OverrideVariant,
+ SignaturePolicy: cliVals.SignaturePolicy,
})
if pullErr != nil {
return "", pullErr
diff --git a/cmd/podman/containers/run.go b/cmd/podman/containers/run.go
index 34eea14e1..ce144a32d 100644
--- a/cmd/podman/containers/run.go
+++ b/cmd/podman/containers/run.go
@@ -64,6 +64,7 @@ func runFlags(flags *pflag.FlagSet) {
flags.BoolVar(&runRmi, "rmi", false, "Remove container image unless used by other containers")
flags.UintVar(&runOpts.PreserveFDs, "preserve-fds", 0, "Pass a number of additional file descriptors into the container")
+ _ = flags.MarkHidden("signature-policy")
if registry.IsRemote() {
_ = flags.MarkHidden("authfile")
_ = flags.MarkHidden("env-host")
diff --git a/cmd/podman/images/import.go b/cmd/podman/images/import.go
index e605ddfc6..1c234e743 100644
--- a/cmd/podman/images/import.go
+++ b/cmd/podman/images/import.go
@@ -63,6 +63,8 @@ func importFlags(flags *pflag.FlagSet) {
flags.StringArrayVarP(&importOpts.Changes, "change", "c", []string{}, "Apply the following possible instructions to the created image (default []): CMD | ENTRYPOINT | ENV | EXPOSE | LABEL | STOPSIGNAL | USER | VOLUME | WORKDIR")
flags.StringVarP(&importOpts.Message, "message", "m", "", "Set commit message for imported image")
flags.BoolVarP(&importOpts.Quiet, "quiet", "q", false, "Suppress output")
+ flags.StringVar(&importOpts.SignaturePolicy, "signature-policy", "", "Path to a signature-policy file")
+ _ = flags.MarkHidden("signature-policy")
}
func importCon(cmd *cobra.Command, args []string) error {