-
Notifications
You must be signed in to change notification settings - Fork 381
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Don't store signatures if there is none of them #2001
Don't store signatures if there is none of them #2001
Conversation
c016ed9
to
90699ce
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks.
If we are improving this, the major user-visible aspect is actually that (typically during a pull) it may be the Commit
that takes a long time, and that’s currently being attributed to storing signatures. That’s certainly not ideal; but just dropping that and attributing the delay to the previous layer copies would not be clearly better.
So I think the Commit
step should cause a progress log (potentially with a per-transport opt-in to avoid noise?), and we can revisit the signature step afterwards.
Currently, the copy command prints the message 'Storing signatures' and calls the signature storing function, even if there are no signatures present. This can mislead users and make them believe that there are image signatures. The proposed change modifies the copy function to print the message and invoke the image storing function only if there is at least one signature. Signed-off-by: Mike <mike.sul@foundries.io>
90699ce
to
8bbc9c4
Compare
The previous step is not layer copy iiuc, rather
Do you mean that |
My mistake; it’s the manifest step indeed. That’s certainly less misleading than a layer copy — a bit: “why does writing a 1KB file take a minute?”. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM.
Either way, this is an improvement. |
After[1] c/image no longer prints "Storing signatures" so we should not check for it. [1] containers/image#2001 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
After[1] c/image no longer prints "Storing signatures" so we should not check for it. [1] containers/image#2001 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Currently, the copy command prints the message 'Storing signatures' and calls the signature storing function, even if there are no signatures present. This can mislead users and make them believe that there are image signatures.
The proposed change modifies the copy function to print the message and invoke the image storing function only if there is at least one signature.