Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow choosing between a gpgme and openpgp signature backend using a build tag #207

Merged
merged 4 commits into from
Mar 29, 2017
Merged

Allow choosing between a gpgme and openpgp signature backend using a build tag #207

merged 4 commits into from
Mar 29, 2017

Commits on Mar 28, 2017

  1. Remove SigningMechanism.ImportKeysFromBytes in favor of ephemeral mec… 

    …hanism objects

Instead of SigningMechanism.ImportKeysFromBytes, which may modify
long-term state in the user’s home directory, provide
NewEphemeralGPGSigningMechanism, which combines creation of a temporary
directory and key import; users of NewGPGSigningMechanism (using
$GNUPGHOME etc.) and (test-suite) users of
newGPGSigningMechanismInDirectory can no longer import keys.

To support this, all users of SigningMechanism must call .Close() on the
object.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
    @mtrmac
    mtrmac committed Mar 28, 2017
    Configuration menu
    Copy the full SHA
    d19336d View commit details
    Browse the repository at this point in the history

  2. Allow choosing between a gpgme and openpgp signature backend using a … 

    …build tag

The default is gpgme; a containers_image_openpgp build tag can be used
to use openpgp instead.

openpgp does not currently support signing, and is based on mfojtik's
implementation (adding GPG home directory support, parsing of unarmored
keys, and fixing ImportKeysFromBytes semantics).

Also adds build documentation, including the new
containers_image_openpgp build tag, to README.md.

This does not yet hook this into Travis, because that needs a
corresponding skopeo build infrastructure and test update to make it
possible.  That is a separate commit (perhaps a separate PR)?

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
    @mtrmac
    mtrmac committed Mar 28, 2017
    Configuration menu
    Copy the full SHA
    f5768e7 View commit details
    Browse the repository at this point in the history

  3. Propagate BUILDTAGS also to skopeo's (make check) 

    Signed-off-by: Miloslav Trmač <mitr@redhat.com>
    @mtrmac
    mtrmac committed Mar 28, 2017
    Configuration menu
    Copy the full SHA
    8c17b7b View commit details
    Browse the repository at this point in the history

  4. Test both the default and openpgp variants in Travis. 

    This uses the Travis test matrix support; arguably the total time might
be smaller if setting up the VM only once and running both variants
within the shell script.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
    @mtrmac
    mtrmac committed Mar 28, 2017
    Configuration menu
    Copy the full SHA
    1a37631 View commit details
    Browse the repository at this point in the history