Allow save image remove-signatures #7956
Conversation
|
Tests and bash completions? |
|
bash completions added. I am figuring out how to test this. |
QiWang19
force-pushed
the
save-rm-sig
branch
8 times, most recently
from
712d577 to
6bd899f
Compare
|
@jwhonce PTAL |
QiWang19
force-pushed
the
save-rm-sig
branch
6 times, most recently
from
15ef3ea to
2323246
Compare
test/e2e/save_test.go
Outdated
| @@ -116,6 +120,71 @@ var _ = Describe("Podman save", func() { | |||
| Expect(save).To(ExitWithError()) | |||
| }) | |||
|
|
|||
| It("podman save remove signature", func() { | |||
| SkipIfRemote("podman-remote doesn't suppport tls-verify option") | |||
There was a problem hiding this comment.
Podman remote now supports tls-verify.
There was a problem hiding this comment.
podman remove push --tls-verify works, but still see unknown flag: --tls-verify with podman pull,
in the test int remote ubuntu-19 root host https://api.cirrus-ci.com/v1/task/4566543570829312/logs/main.log
[+2546s] Running: /var/tmp/go/src/github.com/containers/podman/bin/podman-remote --remote --url unix:/run/podman/podman-1695fe65d29f17c37c0cd8754dbdd796e29036e2adea66ec67ab760001892f06.sock --remote --url unix:/run/podman/podman-1695fe65d29f17c37c0cd8754dbdd796e29036e2adea66ec67ab760001892f06.sock pull --tls-verify=false --signature-policy=sign/policy.json localhost:5000/alpine
[+2546s] Error: unknown flag: --tls-verify
There was a problem hiding this comment.
I opened a PR to fix this.
openshift-ci-robot
added
the
approved
The user will use --remove-signatures=false, current image format doesn't support pushing signatures to it. |
QiWang19
force-pushed
the
save-rm-sig
branch
2 times, most recently
from
526aa7b to
ffe11ea
Compare
|
@QiWang19 Shouldn't the code do this automatically, IE Does the code know which image stores support signatures? Would the user just get an error telling them to remove signatures and now they need to run the command again with the flag? Does not seem like a good UI experience? |
|
On the suggestion under the issue #7659 (comment), the remove-signatures defaults to true and avoids the user from getting the error. |
|
@QiWang19 Sure, but under what circumstance would the user ever set this to False. When would the user not want to remove-signatures? Bottom line is there a situation where a user would ever type in |
|
If we want signatures to be pushed to a registry, |
QiWang19
force-pushed
the
save-rm-sig
branch
2 times, most recently
from
22f4a48 to
bef019b
Compare
|
When would I ever do a |
Remove the option and remove the signature in the code, the current image format doesn't support saving signatures. |
remove signatures to podman save since the image formats do not support signatures Close: containers#7659 Signed-off-by: Qi Wang <[email protected]>
|
LGTM |
|
LGTM |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jwhonce, QiWang19, rhatdan The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/lgtm |
github-actions
bot
added
the
locked - please file new issue/PR
remove signatures in podman save since the image formats do not support signatures
Close: #7659
Signed-off-by: Qi Wang [email protected]