Merge pull request #3997 from QiWang19/sigpath

fix podman sign signature store for rootless

cmd/podman/sign.go

@@ -14,6 +14,7 @@ import (
 	"github.com/containers/libpod/cmd/podman/cliconfig"
 	"github.com/containers/libpod/cmd/podman/libpodruntime"
 	"github.com/containers/libpod/libpod/image"
+	"github.com/containers/libpod/pkg/rootless"
 	"github.com/containers/libpod/pkg/trust"
 	"github.com/containers/libpod/pkg/util"
 	"github.com/pkg/errors"
@@ -130,6 +131,16 @@ func signCmd(c *cliconfig.SignValues) error {
 			return errors.Wrapf(err, "error pulling image %s", signimage)
 		}
 
+		if rootless.IsRootless() {
+			if sigStoreDir == "" {
+				runtimeConfig, err := runtime.GetConfig()
+				if err != nil {
+					return err
+				}
+
+				sigStoreDir = filepath.Join(filepath.Dir(runtimeConfig.StorageConfig.GraphRoot), "sigstore")
+			}
+		} else {
 			registryInfo := trust.HaveMatchRegistry(rawSource.Reference().DockerReference().String(), registryConfigs)
 			if registryInfo != nil {
 				if sigStoreDir == "" {
@@ -146,6 +157,7 @@ func signCmd(c *cliconfig.SignValues) error {
 			if sigStoreDir == "" {
 				sigStoreDir = SignatureStoreDir
 			}
+		}
 
 		repos, err := newImage.RepoDigests()
 		if err != nil {