Skip to content

Commit

Permalink
podman-remote push --remove-signatures support
Browse files Browse the repository at this point in the history
I don't see a reason why we don't support --remove-signatures
from remote push, so adding support.

Fixes: #14558

Signed-off-by: Daniel J Walsh <[email protected]>
  • Loading branch information
rhatdan committed Jun 10, 2022
1 parent 9f1bd0a commit 48cf1d2
Show file tree
Hide file tree
Showing 9 changed files with 42 additions and 22 deletions.
1 change: 0 additions & 1 deletion cmd/podman/images/push.go
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,6 @@ func pushFlags(cmd *cobra.Command) {
_ = flags.MarkHidden("compress")
_ = flags.MarkHidden("digestfile")
_ = flags.MarkHidden("quiet")
_ = flags.MarkHidden("remove-signatures")
_ = flags.MarkHidden("sign-by")
}
if !registry.IsRemote() {
Expand Down
2 changes: 1 addition & 1 deletion docs/source/markdown/podman-push.1.md
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,7 @@ When writing the output image, suppress progress output

#### **--remove-signatures**

Discard any pre-existing signatures in the image. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines)
Discard any pre-existing signatures in the image.

#### **--sign-by**=*key*

Expand Down
22 changes: 12 additions & 10 deletions pkg/api/handlers/libpod/images.go
Original file line number Diff line number Diff line change
Expand Up @@ -422,10 +422,11 @@ func PushImage(w http.ResponseWriter, r *http.Request) {
runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime)

query := struct {
Destination string `schema:"destination"`
TLSVerify bool `schema:"tlsVerify"`
Format string `schema:"format"`
All bool `schema:"all"`
All bool `schema:"all"`
Destination string `schema:"destination"`
Format string `schema:"format"`
RemoveSignatures bool `schema:"removeSignatures"`
TLSVerify bool `schema:"tlsVerify"`
}{
// This is where you can override the golang default value for one of fields
}
Expand Down Expand Up @@ -462,12 +463,13 @@ func PushImage(w http.ResponseWriter, r *http.Request) {
password = authconf.Password
}
options := entities.ImagePushOptions{
Authfile: authfile,
Username: username,
Password: password,
Format: query.Format,
All: query.All,
Quiet: true,
All: query.All,
Authfile: authfile,
Format: query.Format,
Password: password,
Quiet: true,
RemoveSignatures: query.RemoveSignatures,
Username: username,
}
if _, found := r.URL.Query()["tlsVerify"]; found {
options.SkipTLSVerify = types.NewOptionalBool(!query.TLSVerify)
Expand Down
16 changes: 9 additions & 7 deletions pkg/api/handlers/libpod/manifests.go
Original file line number Diff line number Diff line change
Expand Up @@ -247,9 +247,10 @@ func ManifestPushV3(w http.ResponseWriter, r *http.Request) {
runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime)
decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder)
query := struct {
All bool `schema:"all"`
Destination string `schema:"destination"`
TLSVerify bool `schema:"tlsVerify"`
All bool `schema:"all"`
Destination string `schema:"destination"`
RemoveSignatures bool `schema:"removeSignatures"`
TLSVerify bool `schema:"tlsVerify"`
}{
// Add defaults here once needed.
}
Expand All @@ -276,10 +277,11 @@ func ManifestPushV3(w http.ResponseWriter, r *http.Request) {
password = authconf.Password
}
options := entities.ImagePushOptions{
Authfile: authfile,
Username: username,
Password: password,
All: query.All,
All: query.All,
Authfile: authfile,
Password: password,
RemoveSignatures: query.RemoveSignatures,
Username: username,
}
if sys := runtime.SystemContext(); sys != nil {
options.CertDir = sys.DockerCertPath
Expand Down
2 changes: 2 additions & 0 deletions pkg/bindings/images/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -127,6 +127,8 @@ type PushOptions struct {
Password *string
// SkipTLSVerify to skip HTTPS and certificate verification.
SkipTLSVerify *bool
// RemoveSignatures Discard any pre-existing signatures in the image.
RemoveSignatures *bool
// Username for authenticating against the registry.
Username *string
}
Expand Down
15 changes: 15 additions & 0 deletions pkg/bindings/images/types_push_options.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion pkg/domain/infra/tunnel/images.go
Original file line number Diff line number Diff line change
Expand Up @@ -244,7 +244,7 @@ func (ir *ImageEngine) Import(ctx context.Context, opts entities.ImageImportOpti

func (ir *ImageEngine) Push(ctx context.Context, source string, destination string, opts entities.ImagePushOptions) error {
options := new(images.PushOptions)
options.WithAll(opts.All).WithCompress(opts.Compress).WithUsername(opts.Username).WithPassword(opts.Password).WithAuthfile(opts.Authfile).WithFormat(opts.Format)
options.WithAll(opts.All).WithCompress(opts.Compress).WithUsername(opts.Username).WithPassword(opts.Password).WithAuthfile(opts.Authfile).WithFormat(opts.Format).WithRemoveSignatures(opts.RemoveSignatures)

if s := opts.SkipTLSVerify; s != types.OptionalBoolUndefined {
if s == types.OptionalBoolTrue {
Expand Down
2 changes: 1 addition & 1 deletion pkg/domain/infra/tunnel/manifest.go
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@ func (ir *ImageEngine) ManifestRm(ctx context.Context, names []string) (*entitie
// ManifestPush pushes a manifest list or image index to the destination
func (ir *ImageEngine) ManifestPush(ctx context.Context, name, destination string, opts entities.ImagePushOptions) (string, error) {
options := new(images.PushOptions)
options.WithUsername(opts.Username).WithPassword(opts.Password).WithAuthfile(opts.Authfile)
options.WithUsername(opts.Username).WithPassword(opts.Password).WithAuthfile(opts.Authfile).WithRemoveSignatures(opts.RemoveSignatures)
options.WithAll(opts.All)

if s := opts.SkipTLSVerify; s != types.OptionalBoolUndefined {
Expand Down
2 changes: 1 addition & 1 deletion test/e2e/push_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,6 @@ var _ = Describe("Podman push", func() {
})

It("podman push to local registry", func() {
SkipIfRemote("Remote does not support --digestfile or --remove-signatures")
if podmanTest.Host.Arch == "ppc64le" {
Skip("No registry image for ppc64le")
}
Expand All @@ -118,6 +117,7 @@ var _ = Describe("Podman push", func() {
push.WaitWithDefaultTimeout()
Expect(push).Should(Exit(0))

SkipIfRemote("Remote does not support --digestfile")
// Test --digestfile option
push2 := podmanTest.Podman([]string{"push", "--tls-verify=false", "--digestfile=/tmp/digestfile.txt", "--remove-signatures", ALPINE, "localhost:5000/my-alpine"})
push2.WaitWithDefaultTimeout()
Expand Down

0 comments on commit 48cf1d2

Please sign in to comment.