mirror of
https://github.com/containers/podman.git
synced 2025-06-22 18:08:11 +08:00
Merge pull request #3863 from TomSweeneyRedHat/dev/tsweeney/digestfile2
Add --digestfile option to push
This commit is contained in:
OpenShift Merge Robot
@ -423,6 +423,7 @@ type PushValues struct {
|
||||
CertDir string
|
||||
Compress bool
|
||||
Creds string
|
||||
Digestfile string
|
||||
Format string
|
||||
Quiet bool
|
||||
RemoveSignatures bool
|
||||
|
||||
@ -51,6 +51,7 @@ func init() {
|
||||
pushCommand.SetUsageTemplate(UsageTemplate())
|
||||
flags := pushCommand.Flags()
|
||||
flags.StringVar(&pushCommand.Creds, "creds", "", "`Credentials` (USERNAME:PASSWORD) to use for authenticating to a registry")
|
||||
flags.StringVar(&pushCommand.Digestfile, "digestfile", "", "After copying the image, write the digest of the resulting image to the file")
|
||||
flags.StringVarP(&pushCommand.Format, "format", "f", "", "Manifest type (oci, v2s1, or v2s2) to use when pushing an image using the 'dir:' transport (default is manifest type of source)")
|
||||
flags.BoolVarP(&pushCommand.Quiet, "quiet", "q", false, "Don't output progress information when pushing images")
|
||||
flags.BoolVar(&pushCommand.RemoveSignatures, "remove-signatures", false, "Discard any pre-existing signatures in the image")
|
||||
@ -143,5 +144,5 @@ func pushCmd(c *cliconfig.PushValues) error {
|
||||
SignBy: signBy,
|
||||
}
|
||||
|
||||
return runtime.Push(getContext(), srcName, destName, manifestType, c.Authfile, c.SignaturePolicy, writer, c.Compress, so, &dockerRegistryOptions, nil)
|
||||
return runtime.Push(getContext(), srcName, destName, manifestType, c.Authfile, c.String("digestfile"), c.SignaturePolicy, writer, c.Compress, so, &dockerRegistryOptions, nil)
|
||||
}
|
||||
|
||||
@ -1758,6 +1758,7 @@ _podman_mount() {
|
||||
_podman_push() {
|
||||
local boolean_options="
|
||||
--compress
|
||||
--digestflag
|
||||
--help
|
||||
-h
|
||||
--quiet
|
||||
|
||||
@ -61,13 +61,17 @@ value can be entered. The password is entered without echo.
|
||||
**--cert-dir**=*path*
|
||||
|
||||
Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry.
|
||||
Default certificates directory is _/etc/containers/certs.d_. (Not available for remote commands) (Not available for remote commands)
|
||||
Default certificates directory is _/etc/containers/certs.d_. (Not available for remote commands)
|
||||
|
||||
**--compress**
|
||||
|
||||
Compress tarball image layers when pushing to a directory using the 'dir' transport. (default is same compression type, compressed or uncompressed, as source)
|
||||
Note: This flag can only be set when using the **dir** transport
|
||||
|
||||
**--digestfile** *Digestfile*
|
||||
|
||||
After copying the image, write the digest of the resulting image to the file. (Not available for remote commands)
|
||||
|
||||
**--format**, **-f**=*format*
|
||||
|
||||
Manifest Type (oci, v2s1, or v2s2) to use when pushing an image to a directory using the 'dir:' transport (default is manifest type of source)
|
||||
@ -93,19 +97,23 @@ TLS verification will be used unless the target registry is listed as an insecur
|
||||
|
||||
## EXAMPLE
|
||||
|
||||
This example extracts the imageID image to a local directory in docker format.
|
||||
This example pushes the image specified by the imageID to a local directory in docker format.
|
||||
|
||||
`# podman push imageID dir:/path/to/image`
|
||||
|
||||
This example extracts the imageID image to a local directory in oci format.
|
||||
This example pushes the image specified by the imageID to a local directory in oci format.
|
||||
|
||||
`# podman push imageID oci-archive:/path/to/layout:image:tag`
|
||||
|
||||
This example extracts the imageID image to a container registry named registry.example.com
|
||||
This example pushes the image specified by the imageID to a container registry named registry.example.com
|
||||
|
||||
`# podman push imageID docker://registry.example.com/repository:tag`
|
||||
|
||||
This example extracts the imageID image and puts into the local docker container store
|
||||
This example pushes the image specified by the imageID to a container registry named registry.example.com and saves the digest in the specified digestfile.
|
||||
|
||||
`# podman push --digestfile=/tmp/mydigest imageID docker://registry.example.com/repository:tag`
|
||||
|
||||
This example pushes the image specified by the imageID and puts it into the local docker container store
|
||||
|
||||
`# podman push imageID docker-daemon:image:tag`
|
||||
|
||||
|
||||
@ -5,6 +5,7 @@ import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
@ -555,7 +556,7 @@ func (i *Image) UntagImage(tag string) error {
|
||||
|
||||
// PushImageToHeuristicDestination pushes the given image to "destination", which is heuristically parsed.
|
||||
// Use PushImageToReference if the destination is known precisely.
|
||||
func (i *Image) PushImageToHeuristicDestination(ctx context.Context, destination, manifestMIMEType, authFile, signaturePolicyPath string, writer io.Writer, forceCompress bool, signingOptions SigningOptions, dockerRegistryOptions *DockerRegistryOptions, additionalDockerArchiveTags []reference.NamedTagged) error {
|
||||
func (i *Image) PushImageToHeuristicDestination(ctx context.Context, destination, manifestMIMEType, authFile, digestFile, signaturePolicyPath string, writer io.Writer, forceCompress bool, signingOptions SigningOptions, dockerRegistryOptions *DockerRegistryOptions, additionalDockerArchiveTags []reference.NamedTagged) error {
|
||||
if destination == "" {
|
||||
return errors.Wrapf(syscall.EINVAL, "destination image name must be specified")
|
||||
}
|
||||
@ -573,11 +574,11 @@ func (i *Image) PushImageToHeuristicDestination(ctx context.Context, destination
|
||||
return err
|
||||
}
|
||||
}
|
||||
return i.PushImageToReference(ctx, dest, manifestMIMEType, authFile, signaturePolicyPath, writer, forceCompress, signingOptions, dockerRegistryOptions, additionalDockerArchiveTags)
|
||||
return i.PushImageToReference(ctx, dest, manifestMIMEType, authFile, digestFile, signaturePolicyPath, writer, forceCompress, signingOptions, dockerRegistryOptions, additionalDockerArchiveTags)
|
||||
}
|
||||
|
||||
// PushImageToReference pushes the given image to a location described by the given path
|
||||
func (i *Image) PushImageToReference(ctx context.Context, dest types.ImageReference, manifestMIMEType, authFile, signaturePolicyPath string, writer io.Writer, forceCompress bool, signingOptions SigningOptions, dockerRegistryOptions *DockerRegistryOptions, additionalDockerArchiveTags []reference.NamedTagged) error {
|
||||
func (i *Image) PushImageToReference(ctx context.Context, dest types.ImageReference, manifestMIMEType, authFile, digestFile, signaturePolicyPath string, writer io.Writer, forceCompress bool, signingOptions SigningOptions, dockerRegistryOptions *DockerRegistryOptions, additionalDockerArchiveTags []reference.NamedTagged) error {
|
||||
sc := GetSystemContext(signaturePolicyPath, authFile, forceCompress)
|
||||
sc.BlobInfoCacheDir = filepath.Join(i.imageruntime.store.GraphRoot(), "cache")
|
||||
|
||||
@ -599,10 +600,22 @@ func (i *Image) PushImageToReference(ctx context.Context, dest types.ImageRefere
|
||||
copyOptions := getCopyOptions(sc, writer, nil, dockerRegistryOptions, signingOptions, manifestMIMEType, additionalDockerArchiveTags)
|
||||
copyOptions.DestinationCtx.SystemRegistriesConfPath = registries.SystemRegistriesConfPath() // FIXME: Set this more globally. Probably no reason not to have it in every types.SystemContext, and to compute the value just once in one place.
|
||||
// Copy the image to the remote destination
|
||||
_, err = cp.Image(ctx, policyContext, dest, src, copyOptions)
|
||||
manifestBytes, err := cp.Image(ctx, policyContext, dest, src, copyOptions)
|
||||
if err != nil {
|
||||
return errors.Wrapf(err, "Error copying image to the remote destination")
|
||||
}
|
||||
digest, err := manifest.Digest(manifestBytes)
|
||||
if err != nil {
|
||||
return errors.Wrapf(err, "error computing digest of manifest of new image %q", transports.ImageName(dest))
|
||||
}
|
||||
|
||||
logrus.Debugf("Successfully pushed %s with digest %s", transports.ImageName(dest), digest.String())
|
||||
|
||||
if digestFile != "" {
|
||||
if err = ioutil.WriteFile(digestFile, []byte(digest.String()), 0644); err != nil {
|
||||
return errors.Wrapf(err, "failed to write digest to file %q", digestFile)
|
||||
}
|
||||
}
|
||||
i.newImageEvent(events.Push)
|
||||
return nil
|
||||
}
|
||||
@ -1358,7 +1371,7 @@ func (i *Image) Save(ctx context.Context, source, format, output string, moreTag
|
||||
return err
|
||||
}
|
||||
}
|
||||
if err := i.PushImageToReference(ctx, destRef, manifestType, "", "", writer, compress, SigningOptions{}, &DockerRegistryOptions{}, additionaltags); err != nil {
|
||||
if err := i.PushImageToReference(ctx, destRef, manifestType, "", "", "", writer, compress, SigningOptions{}, &DockerRegistryOptions{}, additionaltags); err != nil {
|
||||
return errors.Wrapf(err, "unable to save %q", source)
|
||||
}
|
||||
i.newImageEvent(events.Save)
|
||||
|
||||
@ -201,12 +201,12 @@ func (r *LocalRuntime) RemoveVolumes(ctx context.Context, c *cliconfig.VolumeRmV
|
||||
}
|
||||
|
||||
// Push is a wrapper to push an image to a registry
|
||||
func (r *LocalRuntime) Push(ctx context.Context, srcName, destination, manifestMIMEType, authfile, signaturePolicyPath string, writer io.Writer, forceCompress bool, signingOptions image.SigningOptions, dockerRegistryOptions *image.DockerRegistryOptions, additionalDockerArchiveTags []reference.NamedTagged) error {
|
||||
func (r *LocalRuntime) Push(ctx context.Context, srcName, destination, manifestMIMEType, authfile, digestfile, signaturePolicyPath string, writer io.Writer, forceCompress bool, signingOptions image.SigningOptions, dockerRegistryOptions *image.DockerRegistryOptions, additionalDockerArchiveTags []reference.NamedTagged) error {
|
||||
newImage, err := r.ImageRuntime().NewFromLocal(srcName)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return newImage.PushImageToHeuristicDestination(ctx, destination, manifestMIMEType, authfile, signaturePolicyPath, writer, forceCompress, signingOptions, dockerRegistryOptions, nil)
|
||||
return newImage.PushImageToHeuristicDestination(ctx, destination, manifestMIMEType, authfile, digestfile, signaturePolicyPath, writer, forceCompress, signingOptions, dockerRegistryOptions, nil)
|
||||
}
|
||||
|
||||
// InspectVolumes returns a slice of volumes based on an arg list or --all
|
||||
|
||||
@ -619,7 +619,7 @@ func (r *LocalRuntime) RemoveVolumes(ctx context.Context, c *cliconfig.VolumeRmV
|
||||
return iopodman.VolumeRemove().Call(r.Conn, rmOpts)
|
||||
}
|
||||
|
||||
func (r *LocalRuntime) Push(ctx context.Context, srcName, destination, manifestMIMEType, authfile, signaturePolicyPath string, writer io.Writer, forceCompress bool, signingOptions image.SigningOptions, dockerRegistryOptions *image.DockerRegistryOptions, additionalDockerArchiveTags []reference.NamedTagged) error {
|
||||
func (r *LocalRuntime) Push(ctx context.Context, srcName, destination, manifestMIMEType, authfile, digestfile, signaturePolicyPath string, writer io.Writer, forceCompress bool, signingOptions image.SigningOptions, dockerRegistryOptions *image.DockerRegistryOptions, additionalDockerArchiveTags []reference.NamedTagged) error {
|
||||
|
||||
reply, err := iopodman.PushImage().Send(r.Conn, varlink.More, srcName, destination, forceCompress, manifestMIMEType, signingOptions.RemoveSignatures, signingOptions.SignBy)
|
||||
if err != nil {
|
||||
|
||||
@ -353,7 +353,7 @@ func (i *LibpodAPI) PushImage(call iopodman.VarlinkCall, name, tag string, compr
|
||||
output := bytes.NewBuffer([]byte{})
|
||||
c := make(chan error)
|
||||
go func() {
|
||||
err := newImage.PushImageToHeuristicDestination(getContext(), destname, manifestType, "", "", output, compress, so, &dockerRegistryOptions, nil)
|
||||
err := newImage.PushImageToHeuristicDestination(getContext(), destname, manifestType, "", "", "", output, compress, so, &dockerRegistryOptions, nil)
|
||||
c <- err
|
||||
close(c)
|
||||
}()
|
||||
@ -615,7 +615,7 @@ func (i *LibpodAPI) ExportImage(call iopodman.VarlinkCall, name, destination str
|
||||
return err
|
||||
}
|
||||
|
||||
if err := newImage.PushImageToHeuristicDestination(getContext(), destination, "", "", "", nil, compress, image.SigningOptions{}, &image.DockerRegistryOptions{}, additionalTags); err != nil {
|
||||
if err := newImage.PushImageToHeuristicDestination(getContext(), destination, "", "", "", "", nil, compress, image.SigningOptions{}, &image.DockerRegistryOptions{}, additionalTags); err != nil {
|
||||
return call.ReplyErrorOccurred(err.Error())
|
||||
}
|
||||
return call.ReplyExportImage(newImage.ID())
|
||||
|
||||
@ -76,6 +76,14 @@ var _ = Describe("Podman push", func() {
|
||||
push := podmanTest.PodmanNoCache([]string{"push", "--tls-verify=false", "--remove-signatures", ALPINE, "localhost:5000/my-alpine"})
|
||||
push.WaitWithDefaultTimeout()
|
||||
Expect(push.ExitCode()).To(Equal(0))
|
||||
|
||||
// Test --digestfile option
|
||||
push2 := podmanTest.PodmanNoCache([]string{"push", "--tls-verify=false", "--digestfile=/tmp/digestfile.txt", "--remove-signatures", ALPINE, "localhost:5000/my-alpine"})
|
||||
push2.WaitWithDefaultTimeout()
|
||||
fi, err := os.Lstat("/tmp/digestfile.txt")
|
||||
Expect(err).To(BeNil())
|
||||
Expect(fi.Name()).To(Equal("digestfile.txt"))
|
||||
Expect(push2.ExitCode()).To(Equal(0))
|
||||
})
|
||||
|
||||
It("podman push to local registry with authorization", func() {
|
||||
|
||||
Reference in New Issue
Block a user