-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow save image remove-signatures #7956
Conversation
Tests and bash completions? |
bash completions added. I am figuring out how to test this. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@QiWang19 You have new option coded as available to remote users but not coded in the tunnel or bindings packages
712d577
to
6bd899f
Compare
@jwhonce PTAL |
15ef3ea
to
2323246
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When would a user ever specify --remove-signatures=false?
test/e2e/save_test.go
Outdated
@@ -116,6 +120,71 @@ var _ = Describe("Podman save", func() { | |||
Expect(save).To(ExitWithError()) | |||
}) | |||
|
|||
It("podman save remove signature", func() { | |||
SkipIfRemote("podman-remote doesn't suppport tls-verify option") |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Podman remote now supports tls-verify.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
podman remove push --tls-verify works, but still see unknown flag: --tls-verify
with podman pull,
in the test int remote ubuntu-19 root host https://api.cirrus-ci.com/v1/task/4566543570829312/logs/main.log
[+2546s] Running: /var/tmp/go/src/github.com/containers/podman/bin/podman-remote --remote --url unix:/run/podman/podman-1695fe65d29f17c37c0cd8754dbdd796e29036e2adea66ec67ab760001892f06.sock --remote --url unix:/run/podman/podman-1695fe65d29f17c37c0cd8754dbdd796e29036e2adea66ec67ab760001892f06.sock pull --tls-verify=false --signature-policy=sign/policy.json localhost:5000/alpine
[+2546s] Error: unknown flag: --tls-verify
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I opened a PR to fix this.
The user will use --remove-signatures=false, current image format doesn't support pushing signatures to it. |
526aa7b
to
ffe11ea
Compare
@QiWang19 Shouldn't the code do this automatically, IE Does the code know which image stores support signatures? Would the user just get an error telling them to remove signatures and now they need to run the command again with the flag? Does not seem like a good UI experience? |
On the suggestion under the issue #7659 (comment), the remove-signatures defaults to true and avoids the user from getting the error. |
@QiWang19 Sure, but under what circumstance would the user ever set this to False. When would the user not want to remove-signatures? Bottom line is there a situation where a user would ever type in |
If we want signatures to be pushed to a registry, |
22f4a48
to
bef019b
Compare
When would I ever do a |
Remove the option and remove the signature in the code, the current image format doesn't support saving signatures. |
remove signatures to podman save since the image formats do not support signatures Close: containers#7659 Signed-off-by: Qi Wang <[email protected]>
LGTM |
LGTM |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: jwhonce, QiWang19, rhatdan The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/lgtm |
remove signatures in podman save since the image formats do not support signatures
Close: #7659
Signed-off-by: Qi Wang [email protected]