diff --git a/vendor/github.com/containers/image/docker/docker_transport.go b/vendor/github.com/containers/image/docker/docker_transport.go index e2166636..68cb0060 100644 --- a/vendor/github.com/containers/image/docker/docker_transport.go +++ b/vendor/github.com/containers/image/docker/docker_transport.go @@ -9,7 +9,7 @@ import ( "github.com/docker/docker/reference" ) -// Transport is an ImageTransport for Docker references. +// Transport is an ImageTransport for Docker registry-hosted images. var Transport = dockerTransport{} type dockerTransport struct{} diff --git a/vendor/github.com/containers/image/oci/oci_transport.go b/vendor/github.com/containers/image/oci/oci_transport.go index f3afd221..be96a85e 100644 --- a/vendor/github.com/containers/image/oci/oci_transport.go +++ b/vendor/github.com/containers/image/oci/oci_transport.go @@ -12,7 +12,7 @@ import ( "github.com/docker/docker/reference" ) -// Transport is an ImageTransport for Docker references. +// Transport is an ImageTransport for OCI directories. var Transport = ociTransport{} type ociTransport struct{} diff --git a/vendor/github.com/containers/image/openshift/openshift_transport.go b/vendor/github.com/containers/image/openshift/openshift_transport.go index 13f99c6b..96b5f085 100644 --- a/vendor/github.com/containers/image/openshift/openshift_transport.go +++ b/vendor/github.com/containers/image/openshift/openshift_transport.go @@ -12,7 +12,7 @@ import ( "github.com/docker/docker/reference" ) -// Transport is an ImageTransport for directory paths. +// Transport is an ImageTransport for OpenShift registry-hosted images. var Transport = openshiftTransport{} type openshiftTransport struct{} diff --git a/vendor/github.com/containers/image/signature/policy_config.go b/vendor/github.com/containers/image/signature/policy_config.go index 1f74e19d..20821a35 100644 --- a/vendor/github.com/containers/image/signature/policy_config.go +++ b/vendor/github.com/containers/image/signature/policy_config.go @@ -24,6 +24,15 @@ import ( "github.com/docker/docker/reference" ) +// systemDefaultPolicyPath is the policy path used for DefaultPolicy(). +// You can override this at build time with +// -ldflags '-X github.com/containers/image/signature.systemDefaultPolicyPath=$your_path' +var systemDefaultPolicyPath = builtinDefaultPolicyPath + +// builtinDefaultPolicyPath is the policy pat used for DefaultPolicy(). +// DO NOT change this, instead see systemDefaultPolicyPath above. +const builtinDefaultPolicyPath = "/etc/containers/policy.json" + // InvalidPolicyFormatError is returned when parsing an invalid policy configuration. type InvalidPolicyFormatError string @@ -33,6 +42,24 @@ func (err InvalidPolicyFormatError) Error() string { // FIXME: NewDefaultPolicy, from default file (or environment if trusted?) +// DefaultPolicy returns the default policy of the system. +// Most applications should be using this method to get the policy configured +// by the system administrator. +// ctx should usually be nil, can be set to override the default. +// NOTE: When this function returns an error, report it to the user and abort. +// DO NOT hard-code fallback policies in your application. +func DefaultPolicy(ctx *types.SystemContext) (*Policy, error) { + return NewPolicyFromFile(defaultPolicyPath(ctx)) +} + +// defaultPolicyPath returns a path to the default policy of the system. +func defaultPolicyPath(ctx *types.SystemContext) string { + if ctx != nil && ctx.SignaturePolicyPath != "" { + return ctx.SignaturePolicyPath + } + return systemDefaultPolicyPath +} + // NewPolicyFromFile returns a policy configured in the specified file. func NewPolicyFromFile(fileName string) (*Policy, error) { contents, err := ioutil.ReadFile(fileName) diff --git a/vendor/github.com/containers/image/types/types.go b/vendor/github.com/containers/image/types/types.go index b67e6b30..c5eb5ab6 100644 --- a/vendor/github.com/containers/image/types/types.go +++ b/vendor/github.com/containers/image/types/types.go @@ -147,3 +147,12 @@ type ImageInspectInfo struct { Os string Layers []string } + +// SystemContext allows parametrizing access to implicitly-accessed resources, +// like configuration files in /etc and users' login state in their home directory. +// Various components can share the same field only if their semantics is exactly +// the same; if in doubt, add a new field. +// It is always OK to pass nil instead of a SystemContext. +type SystemContext struct { + SignaturePolicyPath string // If not "", overrides the system's default path for signature.Policy configuration. +} diff --git a/vendor/github.com/davecgh/go-spew/LICENSE b/vendor/github.com/davecgh/go-spew/LICENSE index 2a7cfd2b..bb673323 100644 --- a/vendor/github.com/davecgh/go-spew/LICENSE +++ b/vendor/github.com/davecgh/go-spew/LICENSE @@ -1,3 +1,5 @@ +ISC License + Copyright (c) 2012-2013 Dave Collins Permission to use, copy, modify, and distribute this software for any