From fc31e3bddda936af35ff86c59c522f91c123ec12 Mon Sep 17 00:00:00 2001 From: Ian Campbell Date: Fri, 13 Oct 2017 15:52:04 +0100 Subject: [PATCH] linuxkit pkg: defer content trust passphrase setup until we know it is needed Otherwise "linuxkit pkg build" etc will needlessly run the command (which might prompt the user). Signed-off-by: Ian Campbell --- src/cmd/linuxkit/pkg.go | 4 +--- src/cmd/linuxkit/pkg_push.go | 4 ++++ src/cmd/linuxkit/pkglib/pkglib.go | 5 +++++ 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/src/cmd/linuxkit/pkg.go b/src/cmd/linuxkit/pkg.go index 57777f6e1..01f7b45d3 100644 --- a/src/cmd/linuxkit/pkg.go +++ b/src/cmd/linuxkit/pkg.go @@ -20,7 +20,7 @@ func pkgUsage() { fmt.Printf("See '%s pkg [command] --help' for details.\n\n", invoked) } -func setupContentTrust() { +func setupContentTrustPassphrase() { // If it is already set there is nothing to do. if _, ok := os.LookupEnv("DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE"); ok { return @@ -49,8 +49,6 @@ func pkg(args []string) { os.Exit(1) } - setupContentTrust() - switch args[0] { case "build": pkgBuild(args[1:]) diff --git a/src/cmd/linuxkit/pkg_push.go b/src/cmd/linuxkit/pkg_push.go index a66faef94..7a84779fa 100644 --- a/src/cmd/linuxkit/pkg_push.go +++ b/src/cmd/linuxkit/pkg_push.go @@ -28,6 +28,10 @@ func pkgPush(args []string) { os.Exit(1) } + if p.TrustEnabled() { + setupContentTrustPassphrase() + } + fmt.Printf("Building and pushing %q\n", p.Tag()) var opts []pkglib.BuildOpt diff --git a/src/cmd/linuxkit/pkglib/pkglib.go b/src/cmd/linuxkit/pkglib/pkglib.go index 27e401f77..a5578d7f9 100644 --- a/src/cmd/linuxkit/pkglib/pkglib.go +++ b/src/cmd/linuxkit/pkglib/pkglib.go @@ -192,6 +192,11 @@ func (p Pkg) Tag() string { return p.org + "/" + p.image + ":" + p.hash } +// TrustEnabled returns true if trust is enabled +func (p Pkg) TrustEnabled() bool { + return p.trust +} + func (p Pkg) archSupported(want string) bool { for _, supp := range p.arches { if supp == want {