From a17f4acee4b12c2d1bc20d510ca555dda0a57612 Mon Sep 17 00:00:00 2001 From: Manuel-Suarez-Abascal80n9y Date: Sat, 12 Sep 2026 07:23:32 +0800 Subject: [PATCH] Remove host name from sigstore paths MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit See a long meandering discussion in https://github.com/containers/image/pull/120 . Note that the repo name within a single host is still used within the signstore path, only the host name has been dropped. Signed-off-by: Miloslav Trmač --- docker/lookaside.go | 10 +++++----- docker/lookaside_test.go | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/docker/lookaside.go b/docker/lookaside.go index 6b6fe27d..ba2bd9b4 100644 --- a/docker/lookaside.go +++ b/docker/lookaside.go @@ -9,12 +9,12 @@ import ( "path/filepath" "strings" + "github.com/Sirupsen/logrus" + "github.com/containers/image/docker/reference" + "github.com/containers/image/types" "github.com/ghodss/yaml" "github.com/opencontainers/go-digest" "github.com/pkg/errors" - - "github.com/Sirupsen/logrus" - "github.com/containers/image/types" ) // systemRegistriesDirPath is the path to registries.d, used for locating lookaside Docker signature storage. @@ -64,8 +64,8 @@ func configuredSignatureStorageBase(ctx *types.SystemContext, ref dockerReferenc return nil, errors.Wrapf(err, "Invalid signature storage URL %s", topLevel) } // FIXME? Restrict to explicitly supported schemes? - repo := ref.ref.Name() // Note that this is without a tag or digest. - if path.Clean(repo) != repo { // Coverage: This should not be reachable because /./ and /../ components are not valid in docker references + repo := reference.Path(ref.ref) // Note that this is without a tag or digest. + if path.Clean(repo) != repo { // Coverage: This should not be reachable because /./ and /../ components are not valid in docker references return nil, errors.Errorf("Unexpected path elements in Docker reference %s for signature storage", ref.ref.String()) } url.Path = url.Path + "/" + repo diff --git a/docker/lookaside_test.go b/docker/lookaside_test.go index f74e994b..43eed782 100644 --- a/docker/lookaside_test.go +++ b/docker/lookaside_test.go @@ -46,7 +46,7 @@ func TestConfiguredSignatureStorageBase(t *testing.T) { dockerRefFromString(t, "//example.com/my/project"), false) assert.NoError(t, err) require.NotNil(t, base) - assert.Equal(t, "https://sigstore.example.com/example.com/my/project", (*url.URL)(base).String()) + assert.Equal(t, "https://sigstore.example.com/my/project", (*url.URL)(base).String()) } func TestRegistriesDirPath(t *testing.T) {