This will make the output of godoc cleaner, we can't filter out the
subpackage otherwise.
Also copy the needed fixture into the integration subpackage, instead of
referring to it using ../signature/fixtures (and we can't import
signature/fixtures_info-test.go now).
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
also remove fixtures pkg as it would clutter godoc (there's not need
to have a .go files with fixtures)
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
This does not change behavior.
Rename types.DockerImageManifest to types.ImageInspectInfo.
This naming more accurately reflects what the function does and how it is
expected to be used.
(The only outstanding non-inspection piece is the Name field, which is
kind of a subset of GetIntendedDockerReference() right now. Not sure
whether that is intentional.)
Also fold makeImageManifest into its only user.
This does not change behavior.
Splits listing of repository tags, which is not a property of an image,
from the image.Manifest gathering of information about an image.
Compute the digest ourselves, the registry is in general untrusted and
computing it ourserlves is easy enough.
The stop passing the unverifiedCanonicalDigest value around, simplifying
ImageSource.GetManifest and related code. In particular, remove
retrieveRawManifest and have internal users just call Manifest() now that
we don't need the digest.
Does not change behavior.
This will allow us to move collecting some of the data to the (skopeo
inspect) code and to have a more focused types.Image API, where
types.Image.Manifest() does not return a grab bag of manifest-unrelated
data, eventually.
For how it actually makes the coupling more explicit by having
types.Image.Manifest() return a types.DockerImageManifest instead of the
too generic types.ImageManifest. We will need to think about which
parts of DockerImageManifest are truly generic, later.
Does not change behavior.
This better expresses the purpose of this method (it is working with
more, currently much more, than the manifest), and frees up the Manifest
method name for a simple getter of the raw blob.
No change in behavior.
These functions are guaranteed-cached versions of the same method in
types.ImageSource. Both will be needed for signature policy evaluation,
and the symmetry with ImageSource is nice.
Also replaces the equivalent RawManifest method, preferring to keep
the same naming convention as types.ImageSource.
Does not change behavior. This is a straightforward move and update of
package references, except for:
- Adding a duplicate definition of manifestSchema1 to
cmd/skopeo/copy.go. This will need to be cleaned up later, for now
preferring to make no design changes in this commit.
- Renaming parseDockerImage to NewDockerImage, to both make it public
and consistent with common golang conventions.
No semantic change, only a reorganization: The utilities now return
jsonFormatError instead of InvalidSignatureError, but their only
caller maps it back.
The dir: source type does not return the value, the value is
untrusted/not validated, and it is not at all clear why we should print
it in the first place.
This expects a GPG key fingerprint as a value of the argument (though
other key identification methods, like mitr@volny.cz, happen to work).
Do we need to namespace this (gpg:…)?
Note that this is unusable at the moment because only the dir: backend
implements storing signatures, and this backend does can not determine
the canonical Docker reference to use as a signed image identity.
This copies an image from ImageSource to ImageDestination, e.g.
skopeo copy atomic:mitr/busybox:latest dir:t-down # pull
skopeo copy dir:t-up atomic:mitr/busybox:latest # push
