Merge pull request #7624 from QiWang19/policy-option

Supports import&run--signature-policy
author: OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> 2020-09-16 11:05:33 +0200
committer: GitHub <noreply@github.com> 2020-09-16 11:05:33 +0200
commit: 0d14d7b7152ac7a0856fcbb2bbc0f7238ab182d6 (patch)
tree: bbb75dd846015cb33e2a96b1ea9a6c4ec0d62859 /libpod
parent: b9c47fa40bc503e155a528174974293c6b053ec2 (diff)
parent: 2fcd1d7b4dca2619277607da7c8d22e9ec7620a2 (diff)
download: podman-0d14d7b7152ac7a0856fcbb2bbc0f7238ab182d6.tar.gz
podman-0d14d7b7152ac7a0856fcbb2bbc0f7238ab182d6.tar.bz2
podman-0d14d7b7152ac7a0856fcbb2bbc0f7238ab182d6.zip
3 files changed, 6 insertions, 2 deletions
diff --git a/libpod/image/image.go b/libpod/image/image.go
index 850a48eae..5dfb33afb 100644
--- a/libpod/image/image.go
+++ b/libpod/image/image.go
@@ -1284,7 +1284,7 @@ func (ir *Runtime) Import(ctx context.Context, path, reference string, writer io
 		return nil, errors.Wrapf(err, "error updating image config")
 	}
 
-	sc := GetSystemContext("", "", false)
+	sc := GetSystemContext(ir.SignaturePolicyPath, "", false)
 
 	// if reference not given, get the image digest
 	if reference == "" {
diff --git a/libpod/image/pull.go b/libpod/image/pull.go
index 94d6af4c2..65acdf427 100644
--- a/libpod/image/pull.go
+++ b/libpod/image/pull.go
@@ -255,6 +255,9 @@ func (ir *Runtime) pullImageFromHeuristicSource(ctx context.Context, inputName s
 		sc.ArchitectureChoice = dockerOptions.ArchitectureChoice
 		sc.VariantChoice = dockerOptions.VariantChoice
 	}
+	if signaturePolicyPath == "" {
+		sc.SignaturePolicyPath = ir.SignaturePolicyPath
+	}
 	sc.BlobInfoCacheDir = filepath.Join(ir.store.GraphRoot(), "cache")
 	srcRef, err := alltransports.ParseImageName(inputName)
 	if err != nil {
diff --git a/libpod/runtime_img.go b/libpod/runtime_img.go
index eb4512f8d..e57890fa2 100644
--- a/libpod/runtime_img.go
+++ b/libpod/runtime_img.go
@@ -174,7 +174,7 @@ func (r *Runtime) Build(ctx context.Context, options imagebuildah.BuildOptions,
 }
 
 // Import is called as an intermediary to the image library Import
-func (r *Runtime) Import(ctx context.Context, source string, reference string, changes []string, history string, quiet bool) (string, error) {
+func (r *Runtime) Import(ctx context.Context, source, reference, signaturePolicyPath string, changes []string, history string, quiet bool) (string, error) {
 	var (
 		writer io.Writer
 		err    error
@@ -223,6 +223,7 @@ func (r *Runtime) Import(ctx context.Context, source string, reference string, c
 		source = file
 	}
 
+	r.imageRuntime.SignaturePolicyPath = signaturePolicyPath
 	newImage, err := r.imageRuntime.Import(ctx, source, reference, writer, image.SigningOptions{}, config)
 	if err != nil {
 		return "", err
author	OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>	2020-09-16 11:05:33 +0200
committer	GitHub <noreply@github.com>	2020-09-16 11:05:33 +0200
commit	0d14d7b7152ac7a0856fcbb2bbc0f7238ab182d6 (patch)
tree	bbb75dd846015cb33e2a96b1ea9a6c4ec0d62859 /libpod
parent	b9c47fa40bc503e155a528174974293c6b053ec2 (diff)
parent	2fcd1d7b4dca2619277607da7c8d22e9ec7620a2 (diff)
download	podman-0d14d7b7152ac7a0856fcbb2bbc0f7238ab182d6.tar.gz podman-0d14d7b7152ac7a0856fcbb2bbc0f7238ab182d6.tar.bz2 podman-0d14d7b7152ac7a0856fcbb2bbc0f7238ab182d6.zip