diff --git a/go.mod b/go.mod index 0fb533b8..b554982f 100644 --- a/go.mod +++ b/go.mod @@ -39,7 +39,7 @@ require ( github.com/mitchellh/mapstructure v1.5.0 github.com/nmcclain/ldap v0.0.0-20210720162743-7f8d1e44eeba github.com/notaryproject/notation-core-go v1.1.0 - github.com/notaryproject/notation-go v1.1.1 + github.com/notaryproject/notation-go v1.2.1 github.com/olekukonko/tablewriter v0.0.5 github.com/opencontainers/distribution-spec/specs-go v0.0.0-20240201174943-0f98d91a0afe github.com/opencontainers/go-digest v1.0.0 @@ -443,6 +443,7 @@ require ( github.com/urfave/cli/v2 v2.27.4 // indirect github.com/vbatts/tar-split v0.11.6 // indirect github.com/vbauerster/mpb/v8 v8.8.3 // indirect + github.com/veraison/go-cose v1.2.1 // indirect github.com/vmihailenco/msgpack/v5 v5.3.5 // indirect github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect github.com/x448/float16 v0.8.4 // indirect diff --git a/go.sum b/go.sum index 337fce02..7222e2d7 100644 --- a/go.sum +++ b/go.sum @@ -1227,8 +1227,8 @@ github.com/nmcclain/ldap v0.0.0-20210720162743-7f8d1e44eeba h1:DO8NFYdcRv1dnyAIN github.com/nmcclain/ldap v0.0.0-20210720162743-7f8d1e44eeba/go.mod h1:4S0XndRL8HNOaQBfdViJ2F/GPCgL524xlXRuXFH12/U= github.com/notaryproject/notation-core-go v1.1.0 h1:xCybcONOKcCyPNihJUSa+jRNsyQFNkrk0eJVVs1kWeg= github.com/notaryproject/notation-core-go v1.1.0/go.mod h1:+6AOh41JPrnVLbW/19SJqdhVHwKgIINBO/np0e7nXJA= -github.com/notaryproject/notation-go v1.1.1 h1:EAY8ERBWhrdaG9MIumSZ9xyUHktgr6OkCByd75HR+FA= -github.com/notaryproject/notation-go v1.1.1/go.mod h1:XykI2i5jHb6cGf+bcG/cIeNfNO2u4Xoy2mkuOKHjVVI= +github.com/notaryproject/notation-go v1.2.1 h1:fbCMBcvg1xttrisd5CyM60QDectGYYF701Us0M3cKN8= +github.com/notaryproject/notation-go v1.2.1/go.mod h1:re9V+TfuNRaUq5e3NuNcCJN53++sL2KbnJrjGyOUpgE= github.com/notaryproject/notation-plugin-framework-go v1.0.0 h1:6Qzr7DGXoCgXEQN+1gTZWuJAZvxh3p8Lryjn5FaLzi4= github.com/notaryproject/notation-plugin-framework-go v1.0.0/go.mod h1:RqWSrTOtEASCrGOEffq0n8pSg2KOgKYiWqFWczRSics= github.com/notaryproject/tspclient-go v0.2.0 h1:g/KpQGmyk/h7j60irIRG1mfWnibNOzJ8WhLqAzuiQAQ= diff --git a/pkg/extensions/imagetrust/notation.go b/pkg/extensions/imagetrust/notation.go index 744491c9..f801e6b4 100644 --- a/pkg/extensions/imagetrust/notation.go +++ b/pkg/extensions/imagetrust/notation.go @@ -79,19 +79,21 @@ func NewCertificateLocalStorage(rootDir string) (*CertificateLocalStorage, error } for _, truststoreType := range truststore.Types { - defaultTruststore := path.Join(dir, "truststore", "x509", string(truststoreType), truststoreName) + if truststoreType != truststore.TypeTSA { + defaultTruststore := path.Join(dir, "truststore", "x509", string(truststoreType), truststoreName) + + _, err = os.Stat(defaultTruststore) + if os.IsNotExist(err) { + err = os.MkdirAll(defaultTruststore, defaultDirPerms) + if err != nil { + return nil, err + } + } - _, err = os.Stat(defaultTruststore) - if os.IsNotExist(err) { - err = os.MkdirAll(defaultTruststore, defaultDirPerms) if err != nil { return nil, err } } - - if err != nil { - return nil, err - } } return certStorage, nil @@ -117,7 +119,9 @@ func InitTrustpolicyFile(notationStorage certificateStorage) error { truststores := []string{} for _, truststoreType := range truststore.Types { - truststores = append(truststores, fmt.Sprintf("\"%s:%s\"", string(truststoreType), truststoreName)) + if truststoreType != truststore.TypeTSA { + truststores = append(truststores, fmt.Sprintf("\"%s:%s\"", string(truststoreType), truststoreName)) + } } defaultTruststores := strings.Join(truststores, ",")