diff options
| author | Miloslav Trmač <mitr@redhat.com> | 2022-08-24 20:07:18 +0200 |
|---|---|---|
| committer | Miloslav Trmač <mitr@redhat.com> | 2022-08-25 01:52:57 +0200 |
| commit | 51064acc49127daf1e945b19fe859bcc67d840ba (patch) | |
| tree | 7c515f04ec9d880b4fc6ad0b23e8a1fa3f09a38d /pkg/trust/trust.go | |
| parent | d4c5217280a420aa28e9f9d116989f419dc427a1 (diff) | |
| download | podman-51064acc49127daf1e945b19fe859bcc67d840ba.tar.gz podman-51064acc49127daf1e945b19fe859bcc67d840ba.tar.bz2 podman-51064acc49127daf1e945b19fe859bcc67d840ba.zip | |
Split descriptionsOfPolicyRequirements out of getPolicyShowOutput
This will evetually allow us to use it for the default scope
as well, which currently uses a simplified version.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Diffstat (limited to 'pkg/trust/trust.go')
| -rw-r--r-- | pkg/trust/trust.go | 52 |
1 files changed, 29 insertions, 23 deletions
diff --git a/pkg/trust/trust.go b/pkg/trust/trust.go index aaddcf93e..2d6f1fb87 100644 --- a/pkg/trust/trust.go +++ b/pkg/trust/trust.go @@ -72,33 +72,39 @@ func getPolicyShowOutput(policyContentStruct policyContent, systemRegistriesDirP sort.Strings(scopes) for _, repo := range scopes { repoval := transval[repo] - tempTrustShowOutput := Policy{ + template := Policy{ + Transport: transport, Name: repo, RepoName: repo, - Transport: transport, - Type: trustTypeDescription(repoval[0].Type), } - uids := []string{} - for _, repoele := range repoval { - if len(repoele.KeyPath) > 0 { - uids = append(uids, idReader(repoele.KeyPath)...) - } - if len(repoele.KeyData) > 0 { - uids = append(uids, getGPGIdFromKeyData(idReader, repoele.KeyData)...) - } - } - tempTrustShowOutput.GPGId = strings.Join(uids, ", ") - - registryNamespace := haveMatchRegistry(repo, registryConfigs) - if registryNamespace != nil { - if registryNamespace.Lookaside != "" { - tempTrustShowOutput.SignatureStore = registryNamespace.Lookaside - } else { // incl. registryNamespace.SigStore == "" - tempTrustShowOutput.SignatureStore = registryNamespace.SigStore - } - } - output = append(output, &tempTrustShowOutput) + output = append(output, descriptionsOfPolicyRequirements(repoval, template, registryConfigs, repo, idReader)...) } } return output, nil } + +// descriptionsOfPolicyRequirements turns reqs into user-readable policy entries, with Transport/Name/Reponame coming from template, potentially looking up scope in registryConfigs. +func descriptionsOfPolicyRequirements(reqs []repoContent, template Policy, registryConfigs *registryConfiguration, scope string, idReader gpgIDReader) []*Policy { + tempTrustShowOutput := template + tempTrustShowOutput.Type = trustTypeDescription(reqs[0].Type) + uids := []string{} + for _, repoele := range reqs { + if len(repoele.KeyPath) > 0 { + uids = append(uids, idReader(repoele.KeyPath)...) + } + if len(repoele.KeyData) > 0 { + uids = append(uids, getGPGIdFromKeyData(idReader, repoele.KeyData)...) + } + } + tempTrustShowOutput.GPGId = strings.Join(uids, ", ") + + registryNamespace := haveMatchRegistry(scope, registryConfigs) + if registryNamespace != nil { + if registryNamespace.Lookaside != "" { + tempTrustShowOutput.SignatureStore = registryNamespace.Lookaside + } else { // incl. registryNamespace.SigStore == "" + tempTrustShowOutput.SignatureStore = registryNamespace.SigStore + } + } + return []*Policy{&tempTrustShowOutput} +} |