cli/command/image: move AddTargetToAllSignableRoles to cli/trust
This utility was shared between the "image" and "trust" packages, and a shallow wrapper around features in the cli/trust package. Move it there instead and rename it to `trust.AddToAllSignableRoles`. There are no known external consumers of this utility, so skipping a deprecation. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn
parent
d95385057f
commit
7a6270d190
@ -137,7 +137,7 @@ func PushTrustedReference(ctx context.Context, ioStreams command.Streams, repoIn
|
||||
err = repo.AddTarget(target, data.CanonicalTargetsRole)
|
||||
case nil:
|
||||
// already initialized and we have successfully downloaded the latest metadata
|
||||
err = AddTargetToAllSignableRoles(repo, target)
|
||||
err = trust.AddToAllSignableRoles(repo, target)
|
||||
default:
|
||||
return trust.NotaryError(repoInfo.Name.Name(), err)
|
||||
}
|
||||
@ -155,19 +155,6 @@ func PushTrustedReference(ctx context.Context, ioStreams command.Streams, repoIn
|
||||
return nil
|
||||
}
|
||||
|
||||
// AddTargetToAllSignableRoles attempts to add the image target to all the top level delegation roles we can
|
||||
// (based on whether we have the signing key and whether the role's path allows
|
||||
// us to).
|
||||
// If there are no delegation roles, we add to the targets role.
|
||||
func AddTargetToAllSignableRoles(repo client.Repository, target *client.Target) error {
|
||||
signableRoles, err := trust.GetSignableRoles(repo, target)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return repo.AddTarget(target, signableRoles...)
|
||||
}
|
||||
|
||||
// trustedPull handles content trust pulling of an image
|
||||
func trustedPull(ctx context.Context, cli command.Cli, imgRefAndAuth trust.ImageRefAndAuth, opts PullOptions) error {
|
||||
refs, err := getTrustedPullTargets(cli, imgRefAndAuth)
|
||||
|
||||
@ -116,7 +116,7 @@ func signAndPublishToTarget(out io.Writer, imgRefAndAuth trust.ImageRefAndAuth,
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
err = image.AddTargetToAllSignableRoles(notaryRepo, &target)
|
||||
err = trust.AddToAllSignableRoles(notaryRepo, &target)
|
||||
if err == nil {
|
||||
prettyPrintExistingSignatureInfo(out, existingSigInfo)
|
||||
err = notaryRepo.Publish()
|
||||
|
||||
@ -239,6 +239,20 @@ func NotaryError(repoName string, err error) error {
|
||||
return err
|
||||
}
|
||||
|
||||
// AddToAllSignableRoles attempts to add the image target to all the top level
|
||||
// delegation roles we can (based on whether we have the signing key and whether
|
||||
// the role's path allows us to).
|
||||
//
|
||||
// If there are no delegation roles, we add to the targets role.
|
||||
func AddToAllSignableRoles(repo client.Repository, target *client.Target) error {
|
||||
signableRoles, err := GetSignableRoles(repo, target)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return repo.AddTarget(target, signableRoles...)
|
||||
}
|
||||
|
||||
// GetSignableRoles returns a list of roles for which we have valid signing
|
||||
// keys, given a notary repository and a target
|
||||
func GetSignableRoles(repo client.Repository, target *client.Target) ([]data.RoleName, error) {
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user