-
Notifications
You must be signed in to change notification settings - Fork 45
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
pkcs11: Update to latest ocicrypt and roll back some changes
Update to the latest ocicrypt and adjust the code accordingly. Ocicrypt now gets the user-provided configuration for pkcs11 only if a pkcs11 key in yaml format is provided. This avoids unnecessary error messages if for example an image is pulled but doesn't need pkcs11 configuration since no keys are needed since it doesn't need to be decrypted. Also, the helper functions ending in 'WithOpts' do not exist anymore and so we roll back some of the previous changes. Also, due to the changes, the config file is searched for in this order: - ${OCICRYPT_CONFIG}="internal": use an internal allow-all policy - ${OCICRYPT_CONFIG} - ${XDG_CONFIG_HOME}/ocicrypt.conf - ${HOME}/.config/ocicrypt.conf - /etc/ocicrypt.conf The previously used IMGCRYPT_CONFIG variable is not used anymore. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
- Loading branch information
1 parent
0d835cf
commit f8581ea
Showing
17 changed files
with
326 additions
and
202 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
30 changes: 19 additions & 11 deletions
30
vendor/github.com/containers/ocicrypt/config/constructors.go
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Oops, something went wrong.