From 8bbc9c457b7f9745f3d0507cf8523adda5fa5aa0 Mon Sep 17 00:00:00 2001
From: Mike Sul <mike.sul@foundries.io>
Date: Thu, 15 Jun 2023 12:25:42 +0200
Subject: [PATCH] Don't store signatures if there is none of them

Currently, the copy command prints the message 'Storing signatures' and
calls the signature storing function, even if there are no signatures
present. This can mislead users and make them believe that there are
image signatures.

The proposed change modifies the copy function to print the message and
invoke the image storing function only if there is at least one signature.

Signed-off-by: Mike <mike.sul@foundries.io>
---
 copy/single.go | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/copy/single.go b/copy/single.go
index 9afdea73d..b8569a70c 100644
--- a/copy/single.go
+++ b/copy/single.go
@@ -256,9 +256,11 @@ func (c *copier) copySingleImage(ctx context.Context, policyContext *signature.P
 	}
 	sigs = append(sigs, newSigs...)
 
-	c.Printf("Storing signatures\n")
-	if err := c.dest.PutSignaturesWithFormat(ctx, sigs, targetInstance); err != nil {
-		return nil, "", "", fmt.Errorf("writing signatures: %w", err)
+	if len(sigs) > 0 {
+		c.Printf("Storing signatures\n")
+		if err := c.dest.PutSignaturesWithFormat(ctx, sigs, targetInstance); err != nil {
+			return nil, "", "", fmt.Errorf("writing signatures: %w", err)
+		}
 	}
 
 	return manifestBytes, retManifestType, retManifestDigest, nil