From 7a4fcc0c67ae426d8fb0675b2babe2a32ccb4a4d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20Mart=C3=ADn?= Date: Fri, 18 Oct 2024 16:33:03 +0200 Subject: [PATCH] feat: remove signatures in container deployments by default MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Make `skopeo copy` to remove the signatures of signed containers by default to avoid build failures until [1] is implemented. Depends: osbuild/osbuild#1906 Resolves: osbuild/bootc-image-builder#681 [1] https://github.com/containers/image/issues/2599 Signed-off-by: Miguel Martín --- pkg/manifest/build.go | 2 +- pkg/osbuild/container_deploy_stage.go | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/pkg/manifest/build.go b/pkg/manifest/build.go index eca633d44a..5ff26ede10 100644 --- a/pkg/manifest/build.go +++ b/pkg/manifest/build.go @@ -236,7 +236,7 @@ func (p *BuildrootFromContainer) serialize() osbuild.Pipeline { pipeline.Runner = p.runner.String() image := osbuild.NewContainersInputForSingleSource(p.containerSpecs[0]) - stage, err := osbuild.NewContainerDeployStage(image, &osbuild.ContainerDeployOptions{}) + stage, err := osbuild.NewContainerDeployStage(image, &osbuild.ContainerDeployOptions{RemoveSignatures: true}) if err != nil { panic(err) } diff --git a/pkg/osbuild/container_deploy_stage.go b/pkg/osbuild/container_deploy_stage.go index be7606b2f9..5d4d1dc1b8 100644 --- a/pkg/osbuild/container_deploy_stage.go +++ b/pkg/osbuild/container_deploy_stage.go @@ -9,7 +9,8 @@ type ContainerDeployInputs struct { func (ContainerDeployInputs) isStageInputs() {} type ContainerDeployOptions struct { - Exclude []string `json:"exclude,omitempty"` + Exclude []string `json:"exclude,omitempty"` + RemoveSignatures bool `json:"remove-signatures,omitempty"` } func (ContainerDeployOptions) isStageOptions() {}