skopeo-1.2.0-6.el9
- unify vendored branches - add validation script Signed-off-by: Jindrich Novy <jnovy@redhat.com>
This commit is contained in:
parent
f114552b3c
commit
c056adfab1
217
.gitignore
vendored
217
.gitignore
vendored
@ -1,216 +1 @@
|
||||
/skopeo-98aca9c.tar.gz
|
||||
/skopeo-3eefe21.tar.gz
|
||||
/skopeo-30db2ad.tar.gz
|
||||
/skopeo-82b121c.tar.gz
|
||||
/skopeo-8094910.tar.gz
|
||||
/skopeo-015f1c8.tar.gz
|
||||
/skopeo-9e971b4.tar.gz
|
||||
/skopeo-ffe92ed.tar.gz
|
||||
/skopeo-362bfc5.tar.gz
|
||||
/skopeo-d830391.tar.gz
|
||||
/skopeo-550a480.tar.gz
|
||||
/skopeo-2b3af4a.tar.gz
|
||||
/skopeo-0224d8c.tar.gz
|
||||
/skopeo-e802625.tar.gz
|
||||
/skopeo-0b73154.tar.gz
|
||||
/skopeo-d5e34c1.tar.gz
|
||||
/skopeo-5d24b67.tar.gz
|
||||
/skopeo-1bbd87f.tar.gz
|
||||
/skopeo-a41cd0a.tar.gz
|
||||
/skopeo-875dd2e.tar.gz
|
||||
/skopeo-28d4e08.tar.gz
|
||||
/skopeo-dd2c3e3.tar.gz
|
||||
/skopeo-7fd6f66.tar.gz
|
||||
/skopeo-2e8377a.tar.gz
|
||||
/skopeo-93876ac.tar.gz
|
||||
/skopeo-0270e56.tar.gz
|
||||
/skopeo-7add6fc.tar.gz
|
||||
/skopeo-28080c8.tar.gz
|
||||
/skopeo-ab2bc6e.tar.gz
|
||||
/skopeo-1f11b8b.tar.gz
|
||||
/skopeo-c4808f0.tar.gz
|
||||
/skopeo-79225f2.tar.gz
|
||||
/skopeo-2d04db9.tar.gz
|
||||
/skopeo-7e9a664.tar.gz
|
||||
/skopeo.spec
|
||||
/skopeo-ca3bff6.tar.gz
|
||||
/skopeo-5c61108.tar.gz
|
||||
/skopeo-f9baaa6.tar.gz
|
||||
/skopeo-0144aa8.tar.gz
|
||||
/skopeo-6e23a32.tar.gz
|
||||
/skopeo-196bc48.tar.gz
|
||||
/skopeo-ae64ff7.tar.gz
|
||||
/skopeo-e3034e1.tar.gz
|
||||
/skopeo-e814f96.tar.gz
|
||||
/skopeo-5aa217f.tar.gz
|
||||
/skopeo-761a681.tar.gz
|
||||
/skopeo-fbc2e4f.tar.gz
|
||||
/skopeo-41d8dd8.tar.gz
|
||||
/skopeo-a51e38e.tar.gz
|
||||
/skopeo-ecd675e.tar.gz
|
||||
/skopeo-05212df.tar.gz
|
||||
/skopeo-3e98377.tar.gz
|
||||
/skopeo-17bea86.tar.gz
|
||||
/skopeo-f7c608e.tar.gz
|
||||
/skopeo-42b01df.tar.gz
|
||||
/skopeo-bba2874.tar.gz
|
||||
/skopeo-b329dd0.tar.gz
|
||||
/skopeo-b8b9913.tar.gz
|
||||
/skopeo-fee5981.tar.gz
|
||||
/skopeo-932b037.tar.gz
|
||||
/skopeo-2134209.tar.gz
|
||||
/skopeo-2031e17.tar.gz
|
||||
/skopeo-0490018.tar.gz
|
||||
/skopeo-94728fb.tar.gz
|
||||
/skopeo-d93a581.tar.gz
|
||||
/skopeo-0975497.tar.gz
|
||||
/skopeo-854f766.tar.gz
|
||||
/skopeo-c73bcba.tar.gz
|
||||
/skopeo-81c5e94.tar.gz
|
||||
/skopeo-18ee5f8.tar.gz
|
||||
/skopeo-e255ccc.tar.gz
|
||||
/skopeo-2af7114.tar.gz
|
||||
/skopeo-0fa335c.tar.gz
|
||||
/skopeo-565dbf3.tar.gz
|
||||
/skopeo-5f45112.tar.gz
|
||||
/skopeo-b58088a.tar.gz
|
||||
/skopeo-8a9641c.tar.gz
|
||||
/skopeo-2ad9ae5.tar.gz
|
||||
/skopeo-19025f5.tar.gz
|
||||
/skopeo-65b3aa9.tar.gz
|
||||
/skopeo-bf8089c.tar.gz
|
||||
/skopeo-202c1ea.tar.gz
|
||||
/skopeo-c040b28.tar.gz
|
||||
/skopeo-44bc4a9.tar.gz
|
||||
/skopeo-ee9e9df.tar.gz
|
||||
/skopeo-481bb94.tar.gz
|
||||
/skopeo-1e2d6f6.tar.gz
|
||||
/skopeo-c4b0c7c.tar.gz
|
||||
/skopeo-9019e27.tar.gz
|
||||
/skopeo-18f0e1e.tar.gz
|
||||
/skopeo-5ae6b16.tar.gz
|
||||
/skopeo-7eb5f39.tar.gz
|
||||
/skopeo-fa6e580.tar.gz
|
||||
/skopeo-881edbf.tar.gz
|
||||
/skopeo-f72e39f.tar.gz
|
||||
/skopeo-5b0a789.tar.gz
|
||||
/skopeo-5f9a6ea.tar.gz
|
||||
/skopeo-4b6a5da.tar.gz
|
||||
/skopeo-8057da7.tar.gz
|
||||
/skopeo-a263b35.tar.gz
|
||||
/skopeo-153520e.tar.gz
|
||||
/skopeo-02432cf.tar.gz
|
||||
/skopeo-10d0ebb.tar.gz
|
||||
/skopeo-75b7d1e.tar.gz
|
||||
/skopeo-1094c7d.tar.gz
|
||||
/skopeo-307d9c2.tar.gz
|
||||
/skopeo-332bb45.tar.gz
|
||||
/skopeo-24f4f82.tar.gz
|
||||
/skopeo-39540db.tar.gz
|
||||
/skopeo-34ab4c4.tar.gz
|
||||
/skopeo-912b7e1.tar.gz
|
||||
/skopeo-ce6ec77.tar.gz
|
||||
/skopeo-2bfa895.tar.gz
|
||||
/skopeo-73248bd.tar.gz
|
||||
/skopeo-3ed6e83.tar.gz
|
||||
/skopeo-9c402f3.tar.gz
|
||||
/skopeo-e8d49d6.tar.gz
|
||||
/skopeo-407f2e9.tar.gz
|
||||
/skopeo-5291aac.tar.gz
|
||||
/skopeo-c3e6b4f.tar.gz
|
||||
/skopeo-8652b65.tar.gz
|
||||
/skopeo-e955849.tar.gz
|
||||
/skopeo-763e488.tar.gz
|
||||
/skopeo-4489ddd.tar.gz
|
||||
/skopeo-7cbb8ad.tar.gz
|
||||
/skopeo-7a0a8c2.tar.gz
|
||||
/skopeo-b541fef.tar.gz
|
||||
/skopeo-7170702.tar.gz
|
||||
/skopeo-12865fd.tar.gz
|
||||
/skopeo-7fee7d5.tar.gz
|
||||
/skopeo-e31d5a0.tar.gz
|
||||
/skopeo-501452a.tar.gz
|
||||
/skopeo-a6f5ef1.tar.gz
|
||||
/skopeo-018a010.tar.gz
|
||||
/skopeo-eb199dc.tar.gz
|
||||
/skopeo-6db5626.tar.gz
|
||||
/skopeo-bd20786.tar.gz
|
||||
/skopeo-3e9d8ae.tar.gz
|
||||
/skopeo-5d512e2.tar.gz
|
||||
/skopeo-8fa3326.tar.gz
|
||||
/skopeo-71a8ff0.tar.gz
|
||||
/skopeo-6ac3dce.tar.gz
|
||||
/skopeo-9d63c7c.tar.gz
|
||||
/skopeo-9d21b48.tar.gz
|
||||
/skopeo-101901a.tar.gz
|
||||
/skopeo-2d91b93.tar.gz
|
||||
/skopeo-2415f3f.tar.gz
|
||||
/skopeo-b230a50.tar.gz
|
||||
/skopeo-e7a7f01.tar.gz
|
||||
/skopeo-1ddb736.tar.gz
|
||||
/skopeo-42f68c1.tar.gz
|
||||
/skopeo-a6ab229.tar.gz
|
||||
/skopeo-8936e76.tar.gz
|
||||
/skopeo-71a14d7.tar.gz
|
||||
/skopeo-4ca9b13.tar.gz
|
||||
/skopeo-2af1726.tar.gz
|
||||
/skopeo-fbf0612.tar.gz
|
||||
/skopeo-0d9939d.tar.gz
|
||||
/skopeo-a214a30.tar.gz
|
||||
/skopeo-dcaee94.tar.gz
|
||||
/skopeo-91a88de.tar.gz
|
||||
/skopeo-96353f2.tar.gz
|
||||
/skopeo-3a94432.tar.gz
|
||||
/skopeo-8b4b954.tar.gz
|
||||
/skopeo-a2c1d46.tar.gz
|
||||
/skopeo-c6b488a.tar.gz
|
||||
/skopeo-f9b0d93.tar.gz
|
||||
/skopeo-161ef5a.tar.gz
|
||||
/skopeo-827293a.tar.gz
|
||||
/skopeo-0bd78a0.tar.gz
|
||||
/skopeo-b70dfae.tar.gz
|
||||
/skopeo-091f924.tar.gz
|
||||
/skopeo-6b78619.tar.gz
|
||||
/skopeo-96bd4a0.tar.gz
|
||||
/skopeo-233e61c.tar.gz
|
||||
/skopeo-7815c8a.tar.gz
|
||||
/skopeo-ba8cbf5.tar.gz
|
||||
/skopeo-ac6b871.tar.gz
|
||||
/skopeo-6182aa3.tar.gz
|
||||
/skopeo-ee72e80.tar.gz
|
||||
/skopeo-840c487.tar.gz
|
||||
/skopeo-dc5f68f.tar.gz
|
||||
/skopeo-f63685f.tar.gz
|
||||
/skopeo-6e295a2.tar.gz
|
||||
/skopeo-6284ceb.tar.gz
|
||||
/skopeo-2fa7b99.tar.gz
|
||||
/skopeo-29eec32.tar.gz
|
||||
/skopeo-89fb89a.tar.gz
|
||||
/skopeo-494d237.tar.gz
|
||||
/skopeo-153f18d.tar.gz
|
||||
/skopeo-6252c22.tar.gz
|
||||
/skopeo-62fd5a7.tar.gz
|
||||
/skopeo-5e88eb5.tar.gz
|
||||
/skopeo-c052ed7.tar.gz
|
||||
/skopeo-78d2f67.tar.gz
|
||||
/skopeo-baeaad6.tar.gz
|
||||
/skopeo-0f94dbc.tar.gz
|
||||
/skopeo-0c2c7f4.tar.gz
|
||||
/skopeo-ea10e61.tar.gz
|
||||
/skopeo-88c8c47.tar.gz
|
||||
/skopeo-5d5756c.tar.gz
|
||||
/skopeo-87484a1.tar.gz
|
||||
/skopeo-a13b581.tar.gz
|
||||
/skopeo-c4998eb.tar.gz
|
||||
/skopeo-ae26454.tar.gz
|
||||
/skopeo-662f9ac.tar.gz
|
||||
/skopeo-23cb1b7.tar.gz
|
||||
/skopeo-5dd09d7.tar.gz
|
||||
/skopeo-45a9efb.tar.gz
|
||||
/skopeo-12ab19f.tar.gz
|
||||
/skopeo-bbd800f.tar.gz
|
||||
/skopeo-77293ff.tar.gz
|
||||
/skopeo-8151b89.tar.gz
|
||||
/skopeo-44beab6.tar.gz
|
||||
/skopeo-6dabefa.tar.gz
|
||||
/skopeo-d8bc8b6.tar.gz
|
||||
/*.tar.gz
|
||||
|
@ -10,7 +10,7 @@ The mounts.conf file specifies volume mount directories that are automatically m
|
||||
The format of the mounts.conf is the volume format `/SRC:/DEST`, one mount per line. For example, a mounts.conf with the line `/usr/share/secrets:/run/secrets` would cause the contents of the `/usr/share/secrets` directory on the host to be mounted on the `/run/secrets` directory inside the container. Setting mountpoints allows containers to use the files of the host, for instance, to use the host's subscription to some enterprise Linux distribution.
|
||||
|
||||
## FILES
|
||||
Some distributions may provide a `/usr/share/containers/mounts.conf` file to provide default mounts, but users can create a `/etc/containers/mounts.conf`, to specify their own special volumes to mount in the container.
|
||||
Some distributions may provide a `/usr/share/containers/mounts.conf` file to provide default mounts, but users can create a `/etc/containers/mounts.conf`, to specify their own special volumes to mount in the container. When Podman runs in rootless mode, the file `$HOME/.config/containers/mounts.conf` will override the default if it exists.
|
||||
|
||||
## HISTORY
|
||||
Aug 2018, Originally compiled by Valentin Rothberg <vrothberg@suse.com>
|
||||
|
@ -177,7 +177,7 @@ One of the following alternatives are supported:
|
||||
```json
|
||||
{"type":"matchRepoDigestOrExact"}
|
||||
```
|
||||
- The identity in the signature must be in the same repository as the image identity. This is useful e.g. to pull an image using the `:latest` tag when the image is signed with a tag specifying an exact image version.
|
||||
- The identity in the signature must be in the same repository as the image identity. This is useful e.g. to pull an image using the `:latest` tag when the image is signed with a tag specifing an exact image version.
|
||||
|
||||
```json
|
||||
{"type":"matchRepository"}
|
||||
|
@ -224,7 +224,7 @@ The contents of this string is not defined in detail; however each implementatio
|
||||
Consumers of container signatures MAY recognize specific values or sets of values of `optional.creator`
|
||||
(perhaps augmented with `optional.timestamp`),
|
||||
and MAY change their processing of the signature based on these values
|
||||
(usually to accommodate violations of this specification in past versions of the signing software which cannot be fixed retroactively),
|
||||
(usually to acommodate violations of this specification in past versions of the signing software which cannot be fixed retroactively),
|
||||
as long as the semantics of the invalid document, as created by such an implementation, is clear.
|
||||
|
||||
If consumers of signatures do change their behavior based on the `optional.creator` value,
|
||||
|
@ -75,7 +75,7 @@ The `storage.options` table supports the following options:
|
||||
remap-group = "containers"
|
||||
|
||||
**root-auto-userns-user**=""
|
||||
Root-auto-userns-user is a user name which can be used to look up one or more UID/GID ranges in the /etc/subuid and /etc/subgid file. These ranges will be partitioned to containers configured to create automatically a user namespace. Containers configured to automatically create a user namespace can still overlap with containers having an explicit mapping set. This setting is ignored when running as rootless.
|
||||
Root-auto-userns-user is a user name which can be used to look up one or more UID/GID ranges in the /etc/subuid and /etc/subgid file. These ranges will be partioned to containers configured to create automatically a user namespace. Containers configured to automatically create a user namespace can still overlap with containers having an explicit mapping set. This setting is ignored when running as rootless.
|
||||
|
||||
**auto-userns-min-size**=1024
|
||||
Auto-userns-min-size is the minimum size for a user namespace created automatically.
|
||||
|
@ -59,27 +59,29 @@
|
||||
# List of default capabilities for containers. If it is empty or commented out,
|
||||
# the default capabilities defined in the container engine will be added.
|
||||
#
|
||||
default_capabilities = [
|
||||
"CHOWN",
|
||||
"DAC_OVERRIDE",
|
||||
"FOWNER",
|
||||
"FSETID",
|
||||
"KILL",
|
||||
"NET_BIND_SERVICE",
|
||||
"SETFCAP",
|
||||
"SETGID",
|
||||
"SETPCAP",
|
||||
"SETUID",
|
||||
"SYS_CHROOT"
|
||||
]
|
||||
# default_capabilities = [
|
||||
# "AUDIT_WRITE",
|
||||
# "CHOWN",
|
||||
# "DAC_OVERRIDE",
|
||||
# "FOWNER",
|
||||
# "FSETID",
|
||||
# "KILL",
|
||||
# "MKNOD",
|
||||
# "NET_BIND_SERVICE",
|
||||
# "NET_RAW",
|
||||
# "SETGID",
|
||||
# "SETPCAP",
|
||||
# "SETUID",
|
||||
# "SYS_CHROOT",
|
||||
# ]
|
||||
|
||||
# A list of sysctls to be set in containers by default,
|
||||
# specified as "name=value",
|
||||
# for example:"net.ipv4.ping_group_range = 0 1000".
|
||||
#
|
||||
default_sysctls = [
|
||||
"net.ipv4.ping_group_range=0 1",
|
||||
]
|
||||
# default_sysctls = [
|
||||
# "net.ipv4.ping_group_range=0 1000",
|
||||
# ]
|
||||
|
||||
# A list of ulimits to be set in containers by default, specified as
|
||||
# "<ulimit name>=<soft limit>:<hard limit>", for example:
|
||||
|
@ -1,25 +1,68 @@
|
||||
# For more information on this configuration file, see containers-registries.conf(5).
|
||||
#
|
||||
# There are multiple versions of the configuration syntax available, where the
|
||||
# second iteration is backwards compatible to the first one. Mixing up both
|
||||
# formats will result in an runtime error.
|
||||
#
|
||||
# The initial configuration format looks like this:
|
||||
#
|
||||
# NOTE: RISK OF USING UNQUALIFIED IMAGE NAMES
|
||||
# We recommend always using fully qualified image names including the registry
|
||||
# server (full dns name), namespace, image name, and tag
|
||||
# (e.g., registry.redhat.io/ubi8/ubi:latest). Pulling by digest (i.e.,
|
||||
# quay.io/repository/name@digest) further eliminates the ambiguity of tags.
|
||||
# When using short names, there is always an inherent risk that the image being
|
||||
# pulled could be spoofed. For example, a user wants to pull an image named
|
||||
# `foobar` from a registry and expects it to come from myregistry.com. If
|
||||
# myregistry.com is not first in the search list, an attacker could place a
|
||||
# different `foobar` image at a registry earlier in the search list. The user
|
||||
# would accidentally pull and run the attacker's image and code rather than the
|
||||
# intended content. We recommend only adding registries which are completely
|
||||
# trusted (i.e., registries which don't allow unknown or anonymous users to
|
||||
# create accounts with arbitrary names). This will prevent an image from being
|
||||
# spoofed, squatted or otherwise made insecure. If it is necessary to use one
|
||||
# of these registries, it should be added at the end of the list.
|
||||
# Red Hat recommends always using fully qualified image names including the registry server (full dns name),
|
||||
# namespace, image name, and tag (ex. registry.redhat.io/ubi8/ubu:latest). When using short names, there is
|
||||
# always an inherent risk that the image being pulled could be spoofed. For example, a user wants to.
|
||||
# pull an image named `foobar` from a registry and expects it to come from myregistry.com. If myregistry.com
|
||||
# is not first in the search list, an attacker could place a different `foobar` image at a registry earlier
|
||||
# in the search list. The user would accidentally pull and run the attacker's image and code rather than the
|
||||
# intended content. Red Hat recommends only adding registries which are completely trusted, i.e. registries
|
||||
# which don't allow unknown or anonymous users to create accounts with arbitrary names. This will prevent
|
||||
# an image from being spoofed, squatted or otherwise made insecure. If it is necessary to use one of these
|
||||
# registries, it should be added at the end of the list.
|
||||
#
|
||||
# It is recommended to use fully-qualified images for pulling as the
|
||||
# destination registry is unambiguous. Pulling by digest
|
||||
# (i.e., quay.io/repository/name@digest) further eliminates the ambiguity of
|
||||
# tags.
|
||||
|
||||
# The following registries are a set of secure defaults provided by Red Hat.
|
||||
# Each of these registries provides container images curated, patched
|
||||
# and maintained by Red Hat and its partners
|
||||
#[registries.search]
|
||||
#registries = ['registry.access.redhat.com', 'registry.redhat.io']
|
||||
|
||||
# To ensure compatibility with docker we've included docker.io in the default search list. However Red Hat
|
||||
# does not curate, patch or maintain container images from the docker.io registry.
|
||||
[registries.search]
|
||||
registries = ['registry.access.redhat.com', 'registry.redhat.io', 'docker.io']
|
||||
|
||||
# The following registries entry can be used for convenience but includes
|
||||
# container images built by the community. This set of content comes with all
|
||||
# of the risks of any user generated content including security and performance
|
||||
# issues. To use this list first comment out the default list, then uncomment
|
||||
# the following list
|
||||
#[registries.search]
|
||||
#registries = ['registry.access.redhat.com', 'registry.redhat.io', 'docker.io', 'quay.io']
|
||||
|
||||
# Registries that do not use TLS when pulling images or uses self-signed
|
||||
# certificates.
|
||||
[registries.insecure]
|
||||
registries = []
|
||||
|
||||
# Blocked Registries, blocks the `docker daemon` from pulling from the blocked registry. If you specify
|
||||
# "*", then the docker daemon will only be allowed to pull from registries listed above in the search
|
||||
# registries. Blocked Registries is deprecated because other container runtimes and tools will not use it.
|
||||
# It is recommended that you use the trust policy file /etc/containers/policy.json to control which
|
||||
# registries you want to allow users to pull and push from. policy.json gives greater flexibility, and
|
||||
# supports all container runtimes and tools including the docker daemon, cri-o, buildah ...
|
||||
# The atomic CLI `atomic trust` can be used to easily configure the policy.json file.
|
||||
[registries.block]
|
||||
registries = []
|
||||
|
||||
# The second version of the configuration format allows to specify registry
|
||||
# mirrors:
|
||||
#
|
||||
# # An array of host[:port] registries to try when pulling an unqualified image, in order.
|
||||
unqualified-search-registries = ['registry.fedoraproject.org', 'registry.access.redhat.com', 'registry.centos.org', 'docker.io']
|
||||
|
||||
unqualified-search-registries = ["registry.fedoraproject.org", "registry.access.redhat.com", "registry.centos.org", "docker.io"]
|
||||
#
|
||||
# [[registry]]
|
||||
# # The "prefix" field is used to choose the relevant [[registry]] TOML table;
|
||||
# # (only) the TOML table with the longest match for the input image name
|
||||
@ -66,5 +109,5 @@ unqualified-search-registries = ['registry.fedoraproject.org', 'registry.access.
|
||||
# # Given the above, a pull of example.com/foo/image:latest will try:
|
||||
# # 1. example-mirror-0.local/mirror-for-foo/image:latest
|
||||
# # 2. example-mirror-1.local/mirrors/foo/image:latest
|
||||
# # 3. internal-registry-for-example.net/bar/image:latest
|
||||
# # 3. internal-registry-for-example.net/bar/myimage:latest
|
||||
# # in order, and use the first one that exists.
|
||||
|
@ -101,6 +101,7 @@
|
||||
"fchdir",
|
||||
"fchmod",
|
||||
"fchmodat",
|
||||
"fchmodat2",
|
||||
"fchown",
|
||||
"fchown32",
|
||||
"fchownat",
|
||||
|
1185
skopeo.spec
1185
skopeo.spec
File diff suppressed because it is too large
Load Diff
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (skopeo-d8bc8b6.tar.gz) = 04c3fcb4a61df01aad6fb2c938009524cce3476759d868c75b24641013a998db3c7f8a910b2a350f84d74c1bc5471fc20c5ea7939175faa25dccf17353d57823
|
||||
a5ed58289138f56752f5d8ff5c9b836d skopeo-1.2.0-2b4097b.tar.gz
|
||||
|
@ -47,7 +47,7 @@ additionalimagestores = [
|
||||
# remap-group = "containers"
|
||||
|
||||
# Root-auto-userns-user is a user name which can be used to look up one or more UID/GID
|
||||
# ranges in the /etc/subuid and /etc/subgid file. These ranges will be partitioned
|
||||
# ranges in the /etc/subuid and /etc/subgid file. These ranges will be partioned
|
||||
# to containers configured to create automatically a user namespace. Containers
|
||||
# configured to automatically create a user namespace can still overlap with containers
|
||||
# having an explicit mapping set.
|
||||
|
Loading…
Reference in New Issue
Block a user