2017-07-23 23:01:37 +00:00
|
|
|
package common
|
|
|
|
|
|
|
|
import (
|
|
|
|
"io"
|
2017-07-24 01:38:03 +00:00
|
|
|
"strings"
|
2017-08-04 13:04:52 +00:00
|
|
|
"syscall"
|
2017-07-23 23:01:37 +00:00
|
|
|
|
|
|
|
cp "github.com/containers/image/copy"
|
2017-07-23 23:12:36 +00:00
|
|
|
"github.com/containers/image/signature"
|
2017-07-23 23:01:37 +00:00
|
|
|
"github.com/containers/image/types"
|
2017-08-04 13:04:52 +00:00
|
|
|
"github.com/pkg/errors"
|
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
// ErrNoPassword is returned if the user did not supply a password
|
|
|
|
ErrNoPassword = errors.Wrapf(syscall.EINVAL, "password was not supplied")
|
2017-07-23 23:01:37 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
// GetCopyOptions constructs a new containers/image/copy.Options{} struct from the given parameters
|
2017-10-13 21:04:57 +00:00
|
|
|
func GetCopyOptions(reportWriter io.Writer, signaturePolicyPath string, srcDockerRegistry, destDockerRegistry *DockerRegistryOptions, signing SigningOptions, authFile string) *cp.Options {
|
2017-07-23 23:01:37 +00:00
|
|
|
if srcDockerRegistry == nil {
|
|
|
|
srcDockerRegistry = &DockerRegistryOptions{}
|
|
|
|
}
|
|
|
|
if destDockerRegistry == nil {
|
|
|
|
destDockerRegistry = &DockerRegistryOptions{}
|
|
|
|
}
|
2017-10-13 21:04:57 +00:00
|
|
|
srcContext := srcDockerRegistry.GetSystemContext(signaturePolicyPath, authFile)
|
|
|
|
destContext := destDockerRegistry.GetSystemContext(signaturePolicyPath, authFile)
|
2017-07-23 23:01:37 +00:00
|
|
|
return &cp.Options{
|
|
|
|
RemoveSignatures: signing.RemoveSignatures,
|
|
|
|
SignBy: signing.SignBy,
|
|
|
|
ReportWriter: reportWriter,
|
|
|
|
SourceCtx: srcContext,
|
|
|
|
DestinationCtx: destContext,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// GetSystemContext Constructs a new containers/image/types.SystemContext{} struct from the given signaturePolicy path
|
2017-08-22 20:40:18 +00:00
|
|
|
func GetSystemContext(signaturePolicyPath, authFilePath string) *types.SystemContext {
|
2017-07-23 23:01:37 +00:00
|
|
|
sc := &types.SystemContext{}
|
|
|
|
if signaturePolicyPath != "" {
|
|
|
|
sc.SignaturePolicyPath = signaturePolicyPath
|
|
|
|
}
|
2017-08-22 20:40:18 +00:00
|
|
|
sc.AuthFilePath = authFilePath
|
2017-07-23 23:01:37 +00:00
|
|
|
return sc
|
|
|
|
}
|
|
|
|
|
|
|
|
// CopyStringStringMap deep copies a map[string]string and returns the result
|
|
|
|
func CopyStringStringMap(m map[string]string) map[string]string {
|
|
|
|
n := map[string]string{}
|
|
|
|
for k, v := range m {
|
|
|
|
n[k] = v
|
|
|
|
}
|
|
|
|
return n
|
|
|
|
}
|
|
|
|
|
|
|
|
// IsTrue determines whether the given string equals "true"
|
|
|
|
func IsTrue(str string) bool {
|
|
|
|
return str == "true"
|
|
|
|
}
|
|
|
|
|
|
|
|
// IsFalse determines whether the given string equals "false"
|
|
|
|
func IsFalse(str string) bool {
|
|
|
|
return str == "false"
|
|
|
|
}
|
|
|
|
|
|
|
|
// IsValidBool determines whether the given string equals "true" or "false"
|
|
|
|
func IsValidBool(str string) bool {
|
|
|
|
return IsTrue(str) || IsFalse(str)
|
|
|
|
}
|
2017-07-23 23:12:36 +00:00
|
|
|
|
|
|
|
// GetPolicyContext creates a signature policy context for the given signature policy path
|
|
|
|
func GetPolicyContext(path string) (*signature.PolicyContext, error) {
|
|
|
|
policy, err := signature.DefaultPolicy(&types.SystemContext{SignaturePolicyPath: path})
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
return signature.NewPolicyContext(policy)
|
|
|
|
}
|
2017-07-24 01:38:03 +00:00
|
|
|
|
|
|
|
// ParseRegistryCreds takes a credentials string in the form USERNAME:PASSWORD
|
|
|
|
// and returns a DockerAuthConfig
|
|
|
|
func ParseRegistryCreds(creds string) (*types.DockerAuthConfig, error) {
|
|
|
|
if creds == "" {
|
|
|
|
return nil, errors.New("no credentials supplied")
|
|
|
|
}
|
2017-07-24 13:21:50 +00:00
|
|
|
if !strings.Contains(creds, ":") {
|
2017-08-04 13:04:52 +00:00
|
|
|
return &types.DockerAuthConfig{
|
|
|
|
Username: creds,
|
|
|
|
Password: "",
|
|
|
|
}, ErrNoPassword
|
2017-07-24 01:38:03 +00:00
|
|
|
}
|
|
|
|
v := strings.SplitN(creds, ":", 2)
|
|
|
|
cfg := &types.DockerAuthConfig{
|
|
|
|
Username: v[0],
|
|
|
|
Password: v[1],
|
|
|
|
}
|
|
|
|
return cfg, nil
|
|
|
|
}
|