Merge pull request #15870 from idleroamer/podman-save

podman-save: Add signature-policy flag
This commit is contained in:
OpenShift Merge Robot 2022-09-22 15:18:41 +02:00 committed by GitHub
commit 828fae1297
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 17 additions and 1 deletions

View File

@ -96,6 +96,11 @@ func saveFlags(cmd *cobra.Command) {
flags.BoolVarP(&saveOpts.Quiet, "quiet", "q", false, "Suppress the output")
flags.BoolVarP(&saveOpts.MultiImageArchive, "multi-image-archive", "m", containerConfig.Engine.MultiImageArchive, "Interpret additional arguments as images not tags and create a multi-image-archive (only for docker-archive)")
if !registry.IsRemote() {
flags.StringVar(&saveOpts.SignaturePolicy, "signature-policy", "", "Path to a signature-policy file")
_ = flags.MarkHidden("signature-policy")
}
}
func save(cmd *cobra.Command, args []string) (finalErr error) {

View File

@ -336,6 +336,7 @@ type ImageSaveOptions struct {
Output string
// Quiet - suppress output when copying images
Quiet bool
SignaturePolicy string
}
// ImageScpOptions provide options for securely copying images to and from a remote host

View File

@ -405,6 +405,7 @@ func (ir *ImageEngine) Save(ctx context.Context, nameOrID string, tags []string,
saveOptions := &libimage.SaveOptions{}
saveOptions.DirForceCompress = options.Compress
saveOptions.OciAcceptUncompressedLayers = options.OciAcceptUncompressedLayers
saveOptions.SignaturePolicyPath = options.SignaturePolicy
// Force signature removal to preserve backwards compat.
// See https://github.com/containers/podman/pull/11669#issuecomment-925250264

View File

@ -45,6 +45,15 @@ var _ = Describe("Podman save", func() {
Expect(save).Should(Exit(0))
})
It("podman save signature-policy flag", func() {
SkipIfRemote("--signature-policy N/A for remote")
outfile := filepath.Join(podmanTest.TempDir, "alpine.tar")
save := podmanTest.Podman([]string{"save", "--signature-policy", "/etc/containers/policy.json", "-o", outfile, ALPINE})
save.WaitWithDefaultTimeout()
Expect(save).Should(Exit(0))
})
It("podman save oci flag", func() {
outfile := filepath.Join(podmanTest.TempDir, "alpine.tar")