diff --git a/pkg/manifest/build.go b/pkg/manifest/build.go index eca633d44a..715771ba8a 100644 --- a/pkg/manifest/build.go +++ b/pkg/manifest/build.go @@ -236,7 +236,9 @@ func (p *BuildrootFromContainer) serialize() osbuild.Pipeline { pipeline.Runner = p.runner.String() image := osbuild.NewContainersInputForSingleSource(p.containerSpecs[0]) - stage, err := osbuild.NewContainerDeployStage(image, &osbuild.ContainerDeployOptions{}) + // Make skopeo copy to remove the signatures of signed containers by default to workaround + // build failures until https://github.com/containers/image/issues/2599 is implemented + stage, err := osbuild.NewContainerDeployStage(image, &osbuild.ContainerDeployOptions{RemoveSignatures: true}) if err != nil { panic(err) } diff --git a/pkg/osbuild/container_deploy_stage.go b/pkg/osbuild/container_deploy_stage.go index be7606b2f9..5d4d1dc1b8 100644 --- a/pkg/osbuild/container_deploy_stage.go +++ b/pkg/osbuild/container_deploy_stage.go @@ -9,7 +9,8 @@ type ContainerDeployInputs struct { func (ContainerDeployInputs) isStageInputs() {} type ContainerDeployOptions struct { - Exclude []string `json:"exclude,omitempty"` + Exclude []string `json:"exclude,omitempty"` + RemoveSignatures bool `json:"remove-signatures,omitempty"` } func (ContainerDeployOptions) isStageOptions() {}