1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
From 45441676e34e6410ae8af6dbb46b6161c5c81a7c Mon Sep 17 00:00:00 2001
From: Rahil Bhimjiani <me@rahil.website>
Date: Thu, 7 Dec 2023 14:12:26 +0530
Subject: [PATCH] Moving policy.json and default.yaml from containers/skopeo
It makes more sense to keep these 2 files along with their man
pages...in c/image
https://github.com/containers/common/pull/1757
Signed-off-by: Rahil Bhimjiani <me@rahil.website>
---
Makefile | 11 +++++++++++
default-policy.json | 14 ++++++++++++++
default.yaml | 27 +++++++++++++++++++++++++++
3 files changed, 52 insertions(+)
create mode 100644 default-policy.json
create mode 100644 default.yaml
diff --git a/Makefile b/Makefile
index f329ef083..5e9799b19 100644
--- a/Makefile
+++ b/Makefile
@@ -24,6 +24,13 @@ GOMD2MAN ?= $(shell command -v go-md2man || echo '$(GOBIN)/go-md2man')
MANPAGES_MD = $(wildcard docs/*.5.md)
MANPAGES ?= $(MANPAGES_MD:%.md=%)
+ifeq ($(shell uname -s),FreeBSD)
+CONTAINERSCONFDIR ?= /usr/local/etc/containers
+else
+CONTAINERSCONFDIR ?= /etc/containers
+endif
+REGISTRIESDDIR ?= ${CONTAINERSCONFDIR}/registries.d
+
# N/B: This value is managed by Renovate, manual changes are
# possible, as long as they don't disturb the formatting
# (i.e. DO NOT ADD A 'v' prefix!)
@@ -46,6 +53,10 @@ install-docs: docs
install -m 644 docs/*.5 ${MANINSTALLDIR}/man5/
install: install-docs
+ install -d -m 755 ${DESTDIR}${CONTAINERSCONFDIR}
+ install -m 644 default-policy.json ${DESTDIR}${CONTAINERSCONFDIR}/policy.json
+ install -d -m 755 ${DESTDIR}${REGISTRIESDDIR}
+ install -m 644 default.yaml ${DESTDIR}${REGISTRIESDDIR}/default.yaml
cross:
GOOS=windows $(MAKE) build BUILDTAGS="$(BUILDTAGS) $(BUILD_TAGS_WINDOWS_CROSS)"
diff --git a/default-policy.json b/default-policy.json
new file mode 100644
index 000000000..dffc54a62
--- /dev/null
+++ b/default-policy.json
@@ -0,0 +1,14 @@
+{
+ "default": [
+ {
+ "type": "insecureAcceptAnything"
+ }
+ ],
+ "transports":
+ {
+ "docker-daemon":
+ {
+ "": [{"type":"insecureAcceptAnything"}]
+ }
+ }
+}
diff --git a/default.yaml b/default.yaml
new file mode 100644
index 000000000..9e892d760
--- /dev/null
+++ b/default.yaml
@@ -0,0 +1,27 @@
+# This is a default registries.d configuration file. You may
+# add to this file or create additional files in registries.d/.
+#
+# lookaside: for reading/writing simple signing signatures
+# lookaside-staging: for writing simple signing signatures, preferred over lookaside
+#
+# lookaside and lookaside-staging take a value of the following:
+# lookaside: {schema}://location
+#
+# For reading signatures, schema may be http, https, or file.
+# For writing signatures, schema may only be file.
+
+# The default locations are built-in, for both reading and writing:
+# /var/lib/containers/sigstore for root, or
+# ~/.local/share/containers/sigstore for non-root users.
+default-docker:
+# lookaside: https://…
+# lookaside-staging: file:///…
+
+# The 'docker' indicator here is the start of the configuration
+# for docker registries.
+#
+# docker:
+#
+# privateregistry.com:
+# lookaside: https://privateregistry.com/sigstore/
+# lookaside-staging: /mnt/nfs/privateregistry/sigstore
|
GitWeb