summaryrefslogtreecommitdiff
path: root/cmd/podman/sign.go
Commit message (Collapse)AuthorAge
* bump containers/image to v5.0.0, buildah to v1.11.4Nalin Dahyabhai2019-10-29
| | | | | | | | | Move to containers/image v5 and containers/buildah to v1.11.4. Replace an equality check with a type assertion when checking for a docker.ErrUnauthorizedForCredentials in `podman login`. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* Update c/image to v4.0.1 and buildah to 1.11.3Miloslav Trmač2019-10-04
| | | | | | | | | | | | | | This requires updating all import paths throughout, and a matching buildah update to interoperate. I can't figure out the reason for go.mod tracking github.com/containers/image v3.0.2+incompatible // indirect ((go mod graph) lists it as a direct dependency of libpod, but (go list -json -m all) lists it as an indirect dependency), but at least looking at the vendor subdirectory, it doesn't seem to be actually used in the built binaries. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* fix podman sign signature store for rootlessQi Wang2019-09-11
| | | | | | Store the the signature under graphroot when using rootless podman image sign. Signed-off-by: Qi Wang <qiwan@redhat.com>
* add --cert-dir image signQi Wang2019-08-17
| | | | | | | Requirement from #2726 Add --cert-dir for `podman image sign`. Signed-off-by: Qi Wang <qiwan@redhat.com>
* add --pull flag for podman create&runQi Wang2019-08-09
| | | | | | | | | | | Requirement from https://github.com/containers/libpod/issues/3575#issuecomment-512238393 Added --pull for podman create and pull to match the newly added flag in docker CLI. `missing`: default value, podman will pull the image if it does not exist in the local. `always`: podman will always pull the image. `never`: podman will never pull the image. Signed-off-by: Qi Wang <qiwan@redhat.com>
* first pass of corrections for golangci-lintbaude2019-07-10
| | | | Signed-off-by: baude <bbaude@redhat.com>
* runtime: pass down the contextGiuseppe Scrivano2019-04-26
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Fix segfaults attribute to missing optionsbaude2019-04-15
| | | | | | | | | In cases where the remote client culls options to a command, we need to be sure that the lookup for that flag does not result in a nil pointer. To do so, we add a Remote attribute to the podman struct and then cli helper funcs are now aware they are remote. Signed-off-by: baude <bbaude@redhat.com>
* Remove ulele/deepcopier in favor of JSON deep copyMatthew Heon2019-03-27
| | | | | | | | | | | | | We have a very high performance JSON library that doesn't need to perform code generation. Let's use it instead of our questionably performant, reflection-dependent deep copy library. Most changes because some functions can now return errors. Also converts cmd/podman to use jsoniter, instead of pkg/json, for increased performance. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Fix help commands to show short and long description.Daniel J Walsh2019-03-07
| | | | | | Cleanup lots of help information to look good when displayed. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Better usage synopses for subcommandsEd Santiago2019-02-26
| | | | | | | Conceptually simple: include, where applicable, a brief description of command-line options for each subcommand. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Second chunk of Cobra helpTomSweeneyRedHat2019-02-15
| | | | | | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com> Adds examples to Cobra help for a second chunk of commands. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Don't show global flags except for podman commandDaniel J Walsh2019-02-12
| | | | | | | | | Subcommands should not be showing the global flags. This causes the important information to scroll off the screen. Also fixed a typo on runCommmand (Too many 'm's) Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Separate remote and local commandsbaude2019-02-11
| | | | | | | | In the previous CLI, we had an accurate depiction of commands available for the remote client and those available for the local client. Signed-off-by: baude <bbaude@redhat.com>
* Migrate to cobra CLIbaude2019-02-08
| | | | | | | | We intend to migrate to the cobra cli from urfave/cli because the project is more well maintained. There are also some technical reasons as well which extend into our remote client work. Signed-off-by: baude <bbaude@redhat.com>
* Changes to container runlabel for toolbox projectbaude2019-01-30
| | | | | | | | | | The toolbox project would benefit from a few changes to more closely resembe the original atomic cli project. Changes made are: * only pull image for container runlabel if the label exists in the image * if a container image does not have the desired label, exit with non-zero Signed-off-by: baude <bbaude@redhat.com>
* fix up sigstore pathQi Wang2019-01-10
| | | | Signed-off-by: Qi Wang <qiwan@redhat.com>
* sign: make all error messages lowercaseGiuseppe Scrivano2019-01-10
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* sign: use filepath.Join instead of fmt.SprintfGiuseppe Scrivano2019-01-10
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* libpod/image: Use ParseNormalizedNamed in RepoDigestsW. Trevor King2019-01-09
| | | | | | | | | | | | | | | | Avoid generating quay.io/openshift-release-dev/ocp-release@sha256@sha256:239... and similar when the image name is already digest-based [1]. It's not clear exactly how we get into this state, but as shown by the unit tests, the new code handles this case correctly (while the previous code does not). [1]: https://github.com/containers/libpod/issues/2086 Signed-off-by: W. Trevor King <wking@tremily.us> Closes: #2106 Approved by: rhatdan
* [WIP]Support podman image signQi Wang2019-01-08
Generate a signature claim for an image using user keyring (--sign-by). The signature file will be stored in simple json format under the default or the given directory (--directory or yaml file in /etc/containers/registries.d/). Signed-off-by: Qi Wang <qiwan@redhat.com>