Vendor after merging mtrmac/image:default-policy

vendor/github.com/containers/image/docker/docker_transport.go

@@ -9,7 +9,7 @@ import (
 	"github.com/docker/docker/reference"
 )
 
-// Transport is an ImageTransport for Docker references.
+// Transport is an ImageTransport for Docker registry-hosted images.
 var Transport = dockerTransport{}
 
 type dockerTransport struct{}

vendor/github.com/containers/image/oci/oci_transport.go

@@ -12,7 +12,7 @@ import (
 	"github.com/docker/docker/reference"
 )
 
-// Transport is an ImageTransport for Docker references.
+// Transport is an ImageTransport for OCI directories.
 var Transport = ociTransport{}
 
 type ociTransport struct{}

vendor/github.com/containers/image/openshift/openshift_transport.go

@@ -12,7 +12,7 @@ import (
 	"github.com/docker/docker/reference"
 )
 
-// Transport is an ImageTransport for directory paths.
+// Transport is an ImageTransport for OpenShift registry-hosted images.
 var Transport = openshiftTransport{}
 
 type openshiftTransport struct{}

vendor/github.com/containers/image/signature/policy_config.go

@@ -24,6 +24,15 @@ import (
 	"github.com/docker/docker/reference"
 )
 
+// systemDefaultPolicyPath is the policy path used for DefaultPolicy().
+// You can override this at build time with
+// -ldflags '-X github.com/containers/image/signature.systemDefaultPolicyPath=$your_path'
+var systemDefaultPolicyPath = builtinDefaultPolicyPath
+
+// builtinDefaultPolicyPath is the policy pat used for DefaultPolicy().
+// DO NOT change this, instead see systemDefaultPolicyPath above.
+const builtinDefaultPolicyPath = "/etc/containers/policy.json"
+
 // InvalidPolicyFormatError is returned when parsing an invalid policy configuration.
 type InvalidPolicyFormatError string
 
@@ -33,6 +42,24 @@ func (err InvalidPolicyFormatError) Error() string {
 
 // FIXME: NewDefaultPolicy, from default file (or environment if trusted?)
 
+// DefaultPolicy returns the default policy of the system.
+// Most applications should be using this method to get the policy configured
+// by the system administrator.
+// ctx should usually be nil, can be set to override the default.
+// NOTE: When this function returns an error, report it to the user and abort.
+// DO NOT hard-code fallback policies in your application.
+func DefaultPolicy(ctx *types.SystemContext) (*Policy, error) {
+	return NewPolicyFromFile(defaultPolicyPath(ctx))
+}
+
+// defaultPolicyPath returns a path to the default policy of the system.
+func defaultPolicyPath(ctx *types.SystemContext) string {
+	if ctx != nil && ctx.SignaturePolicyPath != "" {
+		return ctx.SignaturePolicyPath
+	}
+	return systemDefaultPolicyPath
+}
+
 // NewPolicyFromFile returns a policy configured in the specified file.
 func NewPolicyFromFile(fileName string) (*Policy, error) {
 	contents, err := ioutil.ReadFile(fileName)

vendor/github.com/containers/image/types/types.go

@@ -147,3 +147,12 @@ type ImageInspectInfo struct {
 	Os            string
 	Layers        []string
 }
+
+// SystemContext allows parametrizing access to implicitly-accessed resources,
+// like configuration files in /etc and users' login state in their home directory.
+// Various components can share the same field only if their semantics is exactly
+// the same; if in doubt, add a new field.
+// It is always OK to pass nil instead of a SystemContext.
+type SystemContext struct {
+	SignaturePolicyPath string // If not "", overrides the system's default path for signature.Policy configuration.
+}

vendor/github.com/davecgh/go-spew/LICENSE

@@ -1,3 +1,5 @@
+ISC License
+
 Copyright (c) 2012-2013 Dave Collins <dave@davec.name>
 
 Permission to use, copy, modify, and distribute this software for any