aboutsummaryrefslogtreecommitdiff
path: root/pkg/trust
diff options
context:
space:
mode:
authorQi Wang <qiwan@redhat.com>2020-10-27 17:25:20 -0400
committerQi Wang <qiwan@redhat.com>2020-12-07 09:58:38 -0500
commitcf8f2342a1cdbd821fec217af75c2438c00a9b4d (patch)
treee446ee5ccd991e299d865b9e83e1fdeabf32e411 /pkg/trust
parentdc5da90523f35146f5368a31be7edf39be13beb4 (diff)
downloadpodman-cf8f2342a1cdbd821fec217af75c2438c00a9b4d.tar.gz
podman-cf8f2342a1cdbd821fec217af75c2438c00a9b4d.tar.bz2
podman-cf8f2342a1cdbd821fec217af75c2438c00a9b4d.zip
image sign using per user registries.d
Support per user ~/.config/containers/registries.d to allow rootless image sign configurations. Signed-off-by: Qi Wang <qiwan@redhat.com>
Diffstat (limited to 'pkg/trust')
-rw-r--r--pkg/trust/trust.go25
1 files changed, 17 insertions, 8 deletions
diff --git a/pkg/trust/trust.go b/pkg/trust/trust.go
index a61e0ef10..a30611b74 100644
--- a/pkg/trust/trust.go
+++ b/pkg/trust/trust.go
@@ -12,6 +12,7 @@ import (
"strings"
"github.com/containers/image/v5/types"
+ "github.com/docker/docker/pkg/homedir"
"github.com/ghodss/yaml"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
@@ -60,6 +61,12 @@ type ShowOutput struct {
Sigstore string
}
+// systemRegistriesDirPath is the path to registries.d.
+const systemRegistriesDirPath = "/etc/containers/registries.d"
+
+// userRegistriesDir is the path to the per user registries.d.
+var userRegistriesDir = filepath.FromSlash(".config/containers/registries.d")
+
// DefaultPolicyPath returns a path to the default policy of the system.
func DefaultPolicyPath(sys *types.SystemContext) string {
systemDefaultPolicyPath := "/etc/containers/policy.json"
@@ -76,15 +83,17 @@ func DefaultPolicyPath(sys *types.SystemContext) string {
// RegistriesDirPath returns a path to registries.d
func RegistriesDirPath(sys *types.SystemContext) string {
- systemRegistriesDirPath := "/etc/containers/registries.d"
- if sys != nil {
- if sys.RegistriesDirPath != "" {
- return sys.RegistriesDirPath
- }
- if sys.RootForImplicitAbsolutePaths != "" {
- return filepath.Join(sys.RootForImplicitAbsolutePaths, systemRegistriesDirPath)
- }
+ if sys != nil && sys.RegistriesDirPath != "" {
+ return sys.RegistriesDirPath
+ }
+ userRegistriesDirPath := filepath.Join(homedir.Get(), userRegistriesDir)
+ if _, err := os.Stat(userRegistriesDirPath); err == nil {
+ return userRegistriesDirPath
}
+ if sys != nil && sys.RootForImplicitAbsolutePaths != "" {
+ return filepath.Join(sys.RootForImplicitAbsolutePaths, systemRegistriesDirPath)
+ }
+
return systemRegistriesDirPath
}