Add stubs.NoSignatures and stubs.AlwaysSupportsSignatures, use them i…

…n transports Should not change behavior. Signed-off-by: Miloslav Trmač <[email protected]>
gregoire-mullvad · Jul 1, 2022 · bebd5b6 · bebd5b6
1 parent 0e068a4
commit bebd5b6
Show file tree

Hide file tree

Showing 7 changed files with 58 additions and 59 deletions.
diff --git a/directory/directory_dest.go b/directory/directory_dest.go
@@ -28,6 +28,7 @@ var ErrNotContainerImageDir = errors.New("not a containers image directory, don'
 type dirImageDestination struct {
 	impl.Compat
 	stubs.NoPutBlobPartialInitialize
+	stubs.AlwaysSupportsSignatures
 
 	ref                     dirReference
 	desiredLayerCompression types.LayerCompression
@@ -122,12 +123,6 @@ func (d *dirImageDestination) SupportedManifestMIMETypes() []string {
 	return nil
 }
 
-// SupportsSignatures returns an error (to be displayed to the user) if the destination certainly can't store signatures.
-// Note: It is still possible for PutSignatures to fail if SupportsSignatures returns nil.
-func (d *dirImageDestination) SupportsSignatures(ctx context.Context) error {
-	return nil
-}
-
 func (d *dirImageDestination) DesiredLayerCompression() types.LayerCompression {
 	return d.desiredLayerCompression
 }

diff --git a/docker/internal/tarfile/dest.go b/docker/internal/tarfile/dest.go
@@ -24,6 +24,7 @@ import (
 type Destination struct {
 	impl.Compat
 	stubs.NoPutBlobPartialInitialize
+	stubs.NoSignaturesInitialize
 
 	archive  *Writer
 	repoTags []reference.NamedTagged
@@ -40,6 +41,7 @@ func NewDestination(sys *types.SystemContext, archive *Writer, transportName str
 	}
 	dest := &Destination{
 		NoPutBlobPartialInitialize: stubs.NoPutBlobPartialRaw(transportName),
+		NoSignaturesInitialize:     stubs.NoSignatures("Storing signatures for docker tar files is not supported"),
 
 		archive:  archive,
 		repoTags: repoTags,
@@ -62,12 +64,6 @@ func (d *Destination) SupportedManifestMIMETypes() []string {
 	}
 }
 
-// SupportsSignatures returns an error (to be displayed to the user) if the destination certainly can't store signatures.
-// Note: It is still possible for PutSignatures to fail if SupportsSignatures returns nil.
-func (d *Destination) SupportsSignatures(ctx context.Context) error {
-	return errors.New("Storing signatures for docker tar files is not supported")
-}
-
 // AcceptsForeignLayerURLs returns false iff foreign layers in manifest should be actually
 // uploaded to the image destination, true otherwise.
 func (d *Destination) AcceptsForeignLayerURLs() bool {
@@ -194,16 +190,3 @@ func (d *Destination) PutManifest(ctx context.Context, m []byte, instanceDigest
 
 	return d.archive.ensureManifestItemLocked(man.LayersDescriptors, man.ConfigDescriptor.Digest, d.repoTags)
 }
-
-// PutSignatures would add the given signatures to the docker tarfile (currently not supported).
-// The instanceDigest value is expected to always be nil, because this transport does not support manifest lists, so
-// there can be no secondary manifests.  MUST be called after PutManifest (signatures reference manifest contents).
-func (d *Destination) PutSignatures(ctx context.Context, signatures [][]byte, instanceDigest *digest.Digest) error {
-	if instanceDigest != nil {
-		return errors.New(`Manifest lists are not supported for docker tar files`)
-	}
-	if len(signatures) != 0 {
-		return errors.New("Storing signatures for docker tar files is not supported")
-	}
-	return nil
-}
diff --git a/internal/imagedestination/stubs/signatures.go b/internal/imagedestination/stubs/signatures.go
@@ -0,0 +1,49 @@
+package stubs
+
+import (
+	"context"
+	"errors"
+
+	"github.com/opencontainers/go-digest"
+)
+
+// NoSignaturesInitialize implements parts of private.ImageDestination
+// for transports that don’t support storing signatures.
+// See NoSignatures() below.
+type NoSignaturesInitialize struct {
+	message string
+}
+
+// NoSignatures creates a NoSignaturesInitialize, failing with message.
+func NoSignatures(message string) NoSignaturesInitialize {
+	return NoSignaturesInitialize{
+		message: message,
+	}
+}
+
+// SupportsSignatures returns an error (to be displayed to the user) if the destination certainly can't store signatures.
+// Note: It is still possible for PutSignatures to fail if SupportsSignatures returns nil.
+func (stub NoSignaturesInitialize) SupportsSignatures(ctx context.Context) error {
+	return errors.New(stub.message)
+}
+
+// PutSignatures writes a set of signatures to the destination.
+// If instanceDigest is not nil, it contains a digest of the specific manifest instance to write or overwrite the signatures for
+// (when the primary manifest is a manifest list); this should always be nil if the primary manifest is not a manifest list.
+// MUST be called after PutManifest (signatures may reference manifest contents).
+func (stub NoSignaturesInitialize) PutSignatures(ctx context.Context, signatures [][]byte, instanceDigest *digest.Digest) error {
+	if len(signatures) != 0 {
+		return errors.New(stub.message)
+	}
+	return nil
+}
+
+// SupportsSignatures implements SupportsSignatures() that returns nil.
+// Note that it might be even more useful to return a value dynamically detected based on
+type AlwaysSupportsSignatures struct{}
+
+// SupportsSignatures returns an error (to be displayed to the user) if the destination certainly can't store signatures.
+// Note: It is still possible for PutSignatures to fail if SupportsSignatures returns nil.
+func (stub AlwaysSupportsSignatures) SupportsSignatures(ctx context.Context) error {
+	return nil
+}
diff --git a/oci/layout/oci_dest.go b/oci/layout/oci_dest.go
@@ -24,6 +24,7 @@ import (
 type ociImageDestination struct {
 	impl.Compat
 	stubs.NoPutBlobPartialInitialize
+	stubs.NoSignaturesInitialize
 
 	ref                      ociReference
 	index                    imgspecv1.Index
@@ -51,6 +52,7 @@ func newImageDestination(sys *types.SystemContext, ref ociReference) (private.Im
 
 	d := &ociImageDestination{
 		NoPutBlobPartialInitialize: stubs.NoPutBlobPartial(ref),
+		NoSignaturesInitialize:     stubs.NoSignatures("Pushing signatures for OCI images is not supported"),
 
 		ref:   ref,
 		index: *index,
@@ -91,12 +93,6 @@ func (d *ociImageDestination) SupportedManifestMIMETypes() []string {
 	}
 }
 
-// SupportsSignatures returns an error (to be displayed to the user) if the destination certainly can't store signatures.
-// Note: It is still possible for PutSignatures to fail if SupportsSignatures returns nil.
-func (d *ociImageDestination) SupportsSignatures(ctx context.Context) error {
-	return errors.New("Pushing signatures for OCI images is not supported")
-}
-
 func (d *ociImageDestination) DesiredLayerCompression() types.LayerCompression {
 	if d.acceptUncompressedLayers {
 		return types.PreserveOriginal
@@ -300,16 +296,6 @@ func (d *ociImageDestination) addManifest(desc *imgspecv1.Descriptor) {
 	d.index.Manifests = append(d.index.Manifests, *desc)
 }
 
-// PutSignatures would add the given signatures to the oci layout (currently not supported).
-// If instanceDigest is not nil, it contains a digest of the specific manifest instance to write or overwrite the signatures for
-// (when the primary manifest is a manifest list); this should always be nil if the primary manifest is not a manifest list.
-func (d *ociImageDestination) PutSignatures(ctx context.Context, signatures [][]byte, instanceDigest *digest.Digest) error {
-	if len(signatures) != 0 {
-		return errors.New("Pushing signatures for OCI images is not supported")
-	}
-	return nil
-}
-
 // Commit marks the process of storing the image as successful and asks for the image to be persisted.
 // unparsedToplevel contains data about the top-level manifest of the source (which may be a single-arch image or a manifest list
 // if PutManifest was only called for the single-arch image with instanceDigest == nil), primarily to allow lookups by the

diff --git a/openshift/openshift.go b/openshift/openshift.go
@@ -17,6 +17,7 @@ import (
 	"github.com/containers/image/v5/internal/blobinfocache"
 	"github.com/containers/image/v5/internal/imagedestination"
 	"github.com/containers/image/v5/internal/imagedestination/impl"
+	"github.com/containers/image/v5/internal/imagedestination/stubs"
 	"github.com/containers/image/v5/internal/iolimits"
 	"github.com/containers/image/v5/internal/private"
 	"github.com/containers/image/v5/manifest"
@@ -320,6 +321,7 @@ func (s *openshiftImageSource) ensureImageIsResolved(ctx context.Context) error
 
 type openshiftImageDestination struct {
 	impl.Compat
+	stubs.AlwaysSupportsSignatures
 
 	client *openshiftClient
 	docker private.ImageDestination // The docker/distribution API endpoint
@@ -370,12 +372,6 @@ func (d *openshiftImageDestination) SupportedManifestMIMETypes() []string {
 	return d.docker.SupportedManifestMIMETypes()
 }
 
-// SupportsSignatures returns an error (to be displayed to the user) if the destination certainly can't store signatures.
-// Note: It is still possible for PutSignatures to fail if SupportsSignatures returns nil.
-func (d *openshiftImageDestination) SupportsSignatures(ctx context.Context) error {
-	return nil
-}
-
 func (d *openshiftImageDestination) DesiredLayerCompression() types.LayerCompression {
 	return types.Compress
 }

diff --git a/ostree/ostree_dest.go b/ostree/ostree_dest.go
@@ -71,6 +71,7 @@ type manifestSchema struct {
 type ostreeImageDestination struct {
 	compat impl.Compat
 	stubs.NoPutBlobPartialInitialize
+	stubs.AlwaysSupportsSignatures
 
 	ref           ostreeReference
 	manifest      string
@@ -124,12 +125,6 @@ func (d *ostreeImageDestination) SupportedManifestMIMETypes() []string {
 	}
 }
 
-// SupportsSignatures returns an error (to be displayed to the user) if the destination certainly can't store signatures.
-// Note: It is still possible for PutSignatures to fail if SupportsSignatures returns nil.
-func (d *ostreeImageDestination) SupportsSignatures(ctx context.Context) error {
-	return nil
-}
-
 // ShouldCompressLayers returns true iff it is desirable to compress layer blobs written to this destination.
 func (d *ostreeImageDestination) DesiredLayerCompression() types.LayerCompression {
 	return types.PreserveOriginal

diff --git a/storage/storage_image.go b/storage/storage_image.go
@@ -65,6 +65,7 @@ type storageImageSource struct {
 type storageImageDestination struct {
 	impl.Compat
 	stubs.ImplementsPutBlobPartial
+	stubs.AlwaysSupportsSignatures
 
 	imageRef        storageReference
 	directory       string                   // Temporary directory where we store blobs until Commit() time
@@ -1209,12 +1210,6 @@ func (s *storageImageDestination) PutManifest(ctx context.Context, manifestBlob
 	return nil
 }
 
-// SupportsSignatures returns an error if we can't expect GetSignatures() to return data that was
-// previously supplied to PutSignatures().
-func (s *storageImageDestination) SupportsSignatures(ctx context.Context) error {
-	return nil
-}
-
 // AcceptsForeignLayerURLs returns false iff foreign layers in the manifest should actually be
 // uploaded to the image destination, true otherwise.
 func (s *storageImageDestination) AcceptsForeignLayerURLs() bool {