summaryrefslogtreecommitdiff
path: root/pkg
diff options
context:
space:
mode:
authorMiloslav Trmač <mitr@redhat.com>2022-08-24 19:56:37 +0200
committerMiloslav Trmač <mitr@redhat.com>2022-08-25 01:51:59 +0200
commitd4c5217280a420aa28e9f9d116989f419dc427a1 (patch)
tree37d0a0ff877cf3ea2af78da3b71fa8aa88c10141 /pkg
parent4df1e2524b9a8b3ff2d3768ac7fe54e98a966886 (diff)
downloadpodman-d4c5217280a420aa28e9f9d116989f419dc427a1.tar.gz
podman-d4c5217280a420aa28e9f9d116989f419dc427a1.tar.bz2
podman-d4c5217280a420aa28e9f9d116989f419dc427a1.zip
Recognize the new lookaside names for simple signing sigstore
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Diffstat (limited to 'pkg')
-rw-r--r--pkg/trust/registries.go6
-rw-r--r--pkg/trust/testdata/quay.io.yaml3
-rw-r--r--pkg/trust/trust.go6
-rw-r--r--pkg/trust/trust_test.go2
4 files changed, 13 insertions, 4 deletions
diff --git a/pkg/trust/registries.go b/pkg/trust/registries.go
index da2e7eb42..23de8b1e3 100644
--- a/pkg/trust/registries.go
+++ b/pkg/trust/registries.go
@@ -22,8 +22,10 @@ type registryConfiguration struct {
// registryNamespace defines lookaside locations for a single namespace.
type registryNamespace struct {
- SigStore string `json:"sigstore"` // For reading, and if SigStoreStaging is not present, for writing.
- SigStoreStaging string `json:"sigstore-staging"` // For writing only.
+ Lookaside string `json:"lookaside"` // For reading, and if LookasideStaging is not present, for writing.
+ LookasideStaging string `json:"lookaside-staging"` // For writing only.
+ SigStore string `json:"sigstore"` // For reading, and if SigStoreStaging is not present, for writing.
+ SigStoreStaging string `json:"sigstore-staging"` // For writing only.
}
// systemRegistriesDirPath is the path to registries.d.
diff --git a/pkg/trust/testdata/quay.io.yaml b/pkg/trust/testdata/quay.io.yaml
new file mode 100644
index 000000000..80071596d
--- /dev/null
+++ b/pkg/trust/testdata/quay.io.yaml
@@ -0,0 +1,3 @@
+docker:
+ quay.io/multi-signed:
+ lookaside: https://quay.example.com/sigstore
diff --git a/pkg/trust/trust.go b/pkg/trust/trust.go
index 9dd6878f9..aaddcf93e 100644
--- a/pkg/trust/trust.go
+++ b/pkg/trust/trust.go
@@ -91,7 +91,11 @@ func getPolicyShowOutput(policyContentStruct policyContent, systemRegistriesDirP
registryNamespace := haveMatchRegistry(repo, registryConfigs)
if registryNamespace != nil {
- tempTrustShowOutput.SignatureStore = registryNamespace.SigStore
+ if registryNamespace.Lookaside != "" {
+ tempTrustShowOutput.SignatureStore = registryNamespace.Lookaside
+ } else { // incl. registryNamespace.SigStore == ""
+ tempTrustShowOutput.SignatureStore = registryNamespace.SigStore
+ }
}
output = append(output, &tempTrustShowOutput)
}
diff --git a/pkg/trust/trust_test.go b/pkg/trust/trust_test.go
index fc906572d..3ee49cc47 100644
--- a/pkg/trust/trust_test.go
+++ b/pkg/trust/trust_test.go
@@ -66,7 +66,7 @@ func TestPolicyDescription(t *testing.T) {
Name: "quay.io/multi-signed",
RepoName: "quay.io/multi-signed",
Type: "signed",
- SignatureStore: "",
+ SignatureStore: "https://quay.example.com/sigstore",
GPGId: "1, 2, 3",
},
{
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-08 16:35:00 +0000