containers
/
automation-tests
mirror of https://github.com/containers/automation-tests.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Use SystemContext when creating manifest references 

Instead of passing a nil system context when adding to a manifest
list, use a valid one, ensuring that settings like auth and TLS
verification are passed along and respected.

Fixes https://github.com/containers/podman/issues/23410

Signed-off-by: Matt Heon <mheon@redhat.com>
This commit is contained in:
Matt Heon 2024-07-30 15:19:16 -04:00
parent 0b23d8c28a
commit 197e4def96
1 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
common/libimage/manifest_list.go
View File

@ -309,14 +309,14 @@ type ManifestListAddOptions struct {
Password string Password string
} }
func (m *ManifestList) parseNameToExtantReference(ctx context.Context, name string, manifestList bool, what string) (types.ImageReference, error) { func (m *ManifestList) parseNameToExtantReference(ctx context.Context, sys *types.SystemContext, name string, manifestList bool, what string) (types.ImageReference, error) {
ref, err := alltransports.ParseImageName(name) ref, err := alltransports.ParseImageName(name)
if err != nil { if err != nil {
withDocker := fmt.Sprintf("%s://%s", docker.Transport.Name(), name) withDocker := fmt.Sprintf("%s://%s", docker.Transport.Name(), name)
ref, err = alltransports.ParseImageName(withDocker) ref, err = alltransports.ParseImageName(withDocker)
if err == nil { if err == nil {
var src types.ImageSource var src types.ImageSource
src, err = ref.NewImageSource(ctx, nil) src, err = ref.NewImageSource(ctx, sys)
if err == nil { if err == nil {
src.Close() src.Close()
} }
@ -339,11 +339,6 @@ func (m *ManifestList) Add(ctx context.Context, name string, options *ManifestLi
options = &ManifestListAddOptions{} options = &ManifestListAddOptions{}
} }
ref, err := m.parseNameToExtantReference(ctx, name, false, "image to add to manifest list")
if err != nil {
return "", err
}
// Now massage in the copy-related options into the system context. // Now massage in the copy-related options into the system context.
systemContext := m.image.runtime.systemContextCopy() systemContext := m.image.runtime.systemContextCopy()
if options.AuthFilePath != "" { if options.AuthFilePath != "" {
@ -363,6 +358,12 @@ func (m *ManifestList) Add(ctx context.Context, name string, options *ManifestLi
Password: options.Password, Password: options.Password,
} }
} }
ref, err := m.parseNameToExtantReference(ctx, systemContext, name, false, "image to add to manifest list")
if err != nil {
return "", err
}
locker, err := manifests.LockerForImage(m.image.runtime.store, m.ID()) locker, err := manifests.LockerForImage(m.image.runtime.store, m.ID())
if err != nil { if err != nil {
return "", err return "", err
@ -442,7 +443,7 @@ func (m *ManifestList) AddArtifact(ctx context.Context, options *ManifestListAdd
opts.LayerMediaType = &options.LayerType opts.LayerMediaType = &options.LayerType
} }
if options.Subject != "" { if options.Subject != "" {
ref, err := m.parseNameToExtantReference(ctx, options.Subject, true, "subject for artifact manifest") ref, err := m.parseNameToExtantReference(ctx, nil, options.Subject, true, "subject for artifact manifest")
if err != nil { if err != nil {
return "", err return "", err
} }
@ -547,7 +548,7 @@ func (m *ManifestList) AnnotateInstance(d digest.Digest, options *ManifestListAn
} }
} }
if options.Subject != "" { if options.Subject != "" {
ref, err := m.parseNameToExtantReference(ctx, options.Subject, true, "subject for image index") ref, err := m.parseNameToExtantReference(ctx, nil, options.Subject, true, "subject for image index")
if err != nil { if err != nil {
return err return err
} }