Currently, ostree does not compile:
> ostree/ostree_dest.go:115:28: cannot use d (variable of type *ostreeImageDestination) as private.ImageDestinationInternalOnly value in argument to impl.AddCompat: *ostreeImageDestination does not implement private.ImageDestinationInternalOnly (missing method NoteOriginalOCIConfig) (typecheck)
> d.Compat = impl.AddCompat(d)
This has been broken since b941c6bf41 (Nov 18 2024, > 4 months).
Previously:
- 807381f448 (broken almost 4 months),
- 2e33bf7d27 (broken > 7 months)
Overall, it seems extremely likely that noone is using the
containers_image_ostree build tag (off by default since March 2019).
So, finally, give up, and delete the code. Most importantly, this allows us
to delete the > 3-year-old-frozen dependency, and risky CGo code.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Images in the index can now be referenced via the @sourceIndex syntax.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
The new fields `KeyPaths` and `KeyDatas` is taken directly from
`/etc/containers/policy.json` and allows users to provide multiple signature
keys to be used to verify images. Only one of the keys has to verify, thereby
this mechanism allows us to have support seamless key rotation on a registry.
This fixes https://github.com/containers/image/issues/2319
Signed-off-by: Dan Čermák <dcermak@suse.com>
Co-authored-by: Danish Prakash <danish.prakash@suse.com>
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
These cases should be safe because the data is either trusted
(ostree), or validated by an exact match later (signatures)
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Consistently:
- Literal strings are in `backticks`
- Variables are _italic in underscores_
- Syntax meta-characters []{} are neither
This does not really work well in section headings, but at least the
detailed descriptions should now be less misleading.
Fixes#2378.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Add support to push image with unknown digest and no tag to
a registry. This will be used by farm build to construct a list
of multi arch builds after pushing images built on each node.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
"authentication" refers to a process, not to username:password;
"authentications" is not a thing.
So, use "credential" where appropriate, and make similar related adjustments.
Leave the existing public API of pkg/docker/config, and types.DockerAuthConfig,
unchanged, though.
Should not change behavior.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
From the current documentation, one could mistakenly assume, that
`use-sigstore-attachments` needs to be enabled by the registry and not
in the client. This commit rephrases the part of the documentation to
make it more clear, that this needs to be done on the client side.
Signed-off-by: Lucas Humfeldt <lucas@humfeldt.de>
The current implementation transparently accepts them in gpgmeSigningMechanism ,
but openpgpSigningMechanism rejects them; so make it clear that they should
be rejected.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Introduce a "sigstore signing parameter file" that can carry all the required
configuration, so that we don't need to add 9 different CLI options.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
When using remote podman client, not all transports work as expected. So
document this limitation.
Fixes: containers/podman#15141
Signed-off-by: Tomas Volf <tomas.volf@showmax.com>
Hopefully users understand public/private keys enough not
to distribute the private ones, but let's minimize opportunities
for making that mistake.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
type: cosignSigned, with the usual keyData/keyPath.
Fulcio/Rekor is not currently implemented.
NOTE: This only allows a single public key, not a keyring,
unlike simple signing. That seems problematic, there are
known users of that. But we can fix that later by adding
keyDirectory and the like.
NOTE: Cosign interoperability requires use of
signedIdentity: matchRepository. The fairly useful
signedIdentity: remapIdentity has no repository-match
functionality.
NOTE: Multi-arch images need to be signed by cosign
with --recursive to be accepted; c/image enforces
signatures per platform.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
... so that users can choose whether to do the extra
manifest lookups, and record signatures.
NOTE: This defaults to false.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Four leading spaces are interpreted by go-md2man as a code block.
Add a new line to start a new paragraph, so that go-md2man recognizes
the list syntax.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Clarify that a `[[registry.mirror]]` is associated only with the
previous `[[registry]]`.
Fixes: #1523
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Close: https://github.com/containers/image/issues/1407
Add pull-from-mirror: all, digest-only, tag-only for adding per-mirror level restrictions
to image pull through mirrors.
The `mirror-by-digest-only` for primary is still allowed configuring,
and it is honored for compatibility
Signed-off-by: Qi Wang <qiwan@redhat.com>
Found by the Debian Lintian tool, this avoids some nroff warnings
in the generated manpages and allows proper whatis/apropos indexing.
Signed-off-by: Reinhard Tartler <siretart@tauware.de>
Miloslav Trmač