Fix up image sign and trust

Add completions
Fix man pages
fix code in sign to answer PR Comments.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

cmd/podman/sign.go

@@ -1,10 +1,10 @@
 package main
 
 import (
-	"fmt"
 	"io/ioutil"
 	"net/url"
 	"os"
+	"path/filepath"
 	"strconv"
 	"strings"
 
@@ -138,7 +138,7 @@ func signCmd(c *cli.Context) error {
 			return errors.Wrapf(err, "error creating new signature")
 		}
 
-		sigStoreDir = fmt.Sprintf("%s/%s", sigStoreDir, strings.Replace(repos[0][strings.Index(repos[0], "/")+1:len(repos[0])], ":", "=", 1))
+		sigStoreDir = filepath.Join(sigStoreDir, strings.Replace(repos[0][strings.Index(repos[0], "/")+1:len(repos[0])], ":", "=", 1))
 		if err := os.MkdirAll(sigStoreDir, 0751); err != nil {
 			// The directory is allowed to exist
 			if !os.IsExist(err) {
@@ -151,7 +151,7 @@ func signCmd(c *cli.Context) error {
 			logrus.Errorf("error creating sigstore file: %v", err)
 			continue
 		}
-		err = ioutil.WriteFile(sigStoreDir+"/"+sigFilename, newSig, 0644)
+		err = ioutil.WriteFile(filepath.Join(sigStoreDir, sigFilename), newSig, 0644)
 		if err != nil {
 			logrus.Errorf("error storing signature for %s", rawSource.Reference().DockerReference().String())
 			continue

completions/bash/podman

@@ -32,6 +32,9 @@ __podman_containers() {
 	__podman_q ps --format "$format" "$@"
 }
 
+__podman_list_registries() {
+        sed -n -e '/registries.*=/ {s/.*\[\([^]]*\).*/\1/p;q}' /etc/containers/registries.conf  | sed -e "s/[,']//g"
+}
 
 # __podman_pods returns a list of pods. Additional options to
 # `podman pod ps` may be specified in order to filter the list, e.g.
@@ -365,6 +368,7 @@ __podman_subcommands() {
 	local subcommands="$1"
 
 	local counter=$(($command_pos + 1))
+
 	while [ $counter -lt $cword ]; do
 		case "${words[$counter]}" in
 			$(__podman_to_extglob "$subcommands") )
@@ -1296,7 +1300,9 @@ _podman_image() {
 	 push
 	 rm
 	 save
+	 sign
 	 tag
+	 trust
      "
      local aliases="
 	 list
@@ -2356,6 +2362,92 @@ _podman_container_runlabel() {
     esac
 }
 
+_podman_image_sign() {
+    local options_with_args="
+	-d
+	--directory
+	--sign-by
+    "
+    local boolean_options="
+	--help
+	-h
+    "
+    case "$cur" in
+	-*)
+	    COMPREPLY=($(compgen -W "$boolean_options $options_with_args" -- "$cur"))
+	    ;;
+	*)
+	    __podman_complete_images
+	    ;;
+    esac
+}
+
+_podman_image_trust_set() {
+    echo hello
+    local options_with_args="
+	-f
+	--type
+	--pubkeysfile
+    "
+    local boolean_options="
+	--help
+	-h
+    "
+    case "$cur" in
+	-*)
+	    COMPREPLY=($(compgen -W "$boolean_options $options_with_args" -- "$cur"))
+	    ;;
+	*)
+	    COMPREPLY=($(compgen -W "default $( __podman_list_registries )" -- "$cur"))
+	    ;;
+    esac
+}
+
+_podman_image_trust_show() {
+    local options_with_args="
+    "
+    local boolean_options="
+	--help
+	-h
+	-j
+	--json
+	--raw
+    "
+    case "$cur" in
+	-*)
+	    COMPREPLY=($(compgen -W "$boolean_options $options_with_args" -- "$cur"))
+	    ;;
+	*)
+	    __podman_complete_images
+	    ;;
+    esac
+}
+
+_podman_image_trust() {
+    local boolean_options="
+	--help
+	-h
+     "
+     subcommands="
+	 set
+	 show
+     "
+     local aliases="
+	 list
+     "
+     command=image_trust
+     __podman_subcommands "$subcommands $aliases" && return
+
+     case "$cur" in
+	-*)
+		COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
+		;;
+	*)
+		COMPREPLY=( $( compgen -W "$subcommands" -- "$cur" ) )
+		;;
+     esac
+}
+
 _podman_images_prune() {
     local options_with_args="
     "
@@ -2364,6 +2456,11 @@ _podman_images_prune() {
      -h
 	 --help
   "
+    case "$cur" in
+	-*)
+	    COMPREPLY=($(compgen -W "$boolean_options $options_with_args" -- "$cur"))
+	    ;;
+    esac
 }
 
 _podman_container_prune() {
@@ -2382,6 +2479,15 @@ _podman_container_exists() {
 
     local boolean_options="
   "
+    case "$cur" in
+	-*)
+	    COMPREPLY=($(compgen -W "$boolean_options $options_with_args" -- "$cur"))
+	    ;;
+	*)
+	    __podman_complete_images
+	    ;;
+    esac
+
 }
 
 _podman_pod_exists() {
@@ -2813,6 +2919,7 @@ _podman_podman() {
     export
     generate
     history
+    image
     images
     import
     info

docs/podman-image-sign.1.md

@@ -5,8 +5,8 @@ podman-image-sign- Create a signature for an image
 
 # SYNOPSIS
 **podman image sign**
-[**-h**|**--help**]
-[**-d**, **--directory**]
+[**--help**|**-h**]
+[**--directory**|**-d**]
 [**--sign-by**]
 [ IMAGE... ]
 
@@ -16,10 +16,10 @@ been pulled from a registry. The signature will be written to a directory
 derived from the registry configuration files in /etc/containers/registries.d. By default, the signature will be written into /var/lib/containers/sigstore directory.
 
 # OPTIONS
-**-h** **--help**
+**--help** **-h**
   Print usage statement.
 
-**-d** **--directory**
+**--directory** **-d**
   Store the signatures in the specified directory.  Default: /var/lib/containers/sigstore
 
 **--sign-by**
@@ -28,7 +28,7 @@ derived from the registry configuration files in /etc/containers/registries.d. B
 # EXAMPLES
 Sign the busybox image with the identify of foo@bar.com with a user's keyring and save the signature in /tmp/signatures/.
 
-   sudo podman image sign --sign-by foo@bar.com -d /tmp/signatures transport://privateregistry.example.com/foobar
+   sudo podman image sign --sign-by foo@bar.com --directory /tmp/signatures docker://privateregistry.example.com/foobar
 
 # RELATED CONFIGURATION
 
@@ -36,7 +36,7 @@ The write (and read) location for signatures is defined in YAML-based
 configuration files in /etc/containers/registries.d/.  When you sign
 an image, podman will use those configuration files to determine
 where to write the signature based on the the name of the originating
-registry or a default storage value unless overriden with the -d
+registry or a default storage value unless overriden with the --directory
 option. For example, consider the following configuration file.
 
 docker: