aboutsummaryrefslogtreecommitdiff
path: root/libpod
diff options
context:
space:
mode:
authorQi Wang <qiwan@redhat.com>2020-09-13 15:40:41 -0400
committerQi Wang <qiwan@redhat.com>2020-09-15 16:09:33 -0400
commit2fcd1d7b4dca2619277607da7c8d22e9ec7620a2 (patch)
tree27f44268555f587c724f9674c5ec742dbf31b089 /libpod
parent0be5836e49da38b156951639b7e19eaec6a6e593 (diff)
downloadpodman-2fcd1d7b4dca2619277607da7c8d22e9ec7620a2.tar.gz
podman-2fcd1d7b4dca2619277607da7c8d22e9ec7620a2.tar.bz2
podman-2fcd1d7b4dca2619277607da7c8d22e9ec7620a2.zip
Supports import&run--signature-policy
Enables podman create, pull, run, import to use --signature-policy option. Set it as hidden flag to be consistent with other commands. Signed-off-by: Qi Wang <qiwan@redhat.com>
Diffstat (limited to 'libpod')
-rw-r--r--libpod/image/image.go2
-rw-r--r--libpod/image/pull.go3
-rw-r--r--libpod/runtime_img.go3
3 files changed, 6 insertions, 2 deletions
diff --git a/libpod/image/image.go b/libpod/image/image.go
index 850a48eae..5dfb33afb 100644
--- a/libpod/image/image.go
+++ b/libpod/image/image.go
@@ -1284,7 +1284,7 @@ func (ir *Runtime) Import(ctx context.Context, path, reference string, writer io
return nil, errors.Wrapf(err, "error updating image config")
}
- sc := GetSystemContext("", "", false)
+ sc := GetSystemContext(ir.SignaturePolicyPath, "", false)
// if reference not given, get the image digest
if reference == "" {
diff --git a/libpod/image/pull.go b/libpod/image/pull.go
index 94d6af4c2..65acdf427 100644
--- a/libpod/image/pull.go
+++ b/libpod/image/pull.go
@@ -255,6 +255,9 @@ func (ir *Runtime) pullImageFromHeuristicSource(ctx context.Context, inputName s
sc.ArchitectureChoice = dockerOptions.ArchitectureChoice
sc.VariantChoice = dockerOptions.VariantChoice
}
+ if signaturePolicyPath == "" {
+ sc.SignaturePolicyPath = ir.SignaturePolicyPath
+ }
sc.BlobInfoCacheDir = filepath.Join(ir.store.GraphRoot(), "cache")
srcRef, err := alltransports.ParseImageName(inputName)
if err != nil {
diff --git a/libpod/runtime_img.go b/libpod/runtime_img.go
index eb4512f8d..e57890fa2 100644
--- a/libpod/runtime_img.go
+++ b/libpod/runtime_img.go
@@ -174,7 +174,7 @@ func (r *Runtime) Build(ctx context.Context, options imagebuildah.BuildOptions,
}
// Import is called as an intermediary to the image library Import
-func (r *Runtime) Import(ctx context.Context, source string, reference string, changes []string, history string, quiet bool) (string, error) {
+func (r *Runtime) Import(ctx context.Context, source, reference, signaturePolicyPath string, changes []string, history string, quiet bool) (string, error) {
var (
writer io.Writer
err error
@@ -223,6 +223,7 @@ func (r *Runtime) Import(ctx context.Context, source string, reference string, c
source = file
}
+ r.imageRuntime.SignaturePolicyPath = signaturePolicyPath
newImage, err := r.imageRuntime.Import(ctx, source, reference, writer, image.SigningOptions{}, config)
if err != nil {
return "", err