squash! copy: add option to strip sparse manifest lists

Add StripOnlyListSignatures option to strip manifest list signatures
while preserving per-instance signatures when using CopySpecificImages
with StripSparseManifestList.

This implements "Option 2" from PR podman-container-tools#655. Previously, users had to use
RemoveSignatures which removed all signatures, including per-instance
ones that would still be valid after stripping the manifest list.

The option requires explicit validation:
- Only valid with CopySpecificImages + StripSparseManifestList
- Validates at multiple points in copy.Image() and copyMultipleImages()
- When used with signed images, requires explicit signature handling

Per-instance signatures are preserved because copySingleImage handles
each instance independently.

Signed-off-by: Alex Guidi <aguidi@redhat.com>

Author: aguidirh

image/copy/copy.go

@@ -90,6 +90,10 @@ type SparseManifestListAction int
 // Options allows supplying non-default configuration modifying the behavior of CopyImage.
 type Options struct {
 	RemoveSignatures bool // Remove any pre-existing signatures. Signers and SignBy… will still add a new signature.
+	// StripOnlyListSignatures strips the manifest list signature while preserving per-instance signatures.
+	// Only valid with CopySpecificImages and SparseManifestListAction=StripSparseManifestList.
+	// If RemoveSignatures is also true, RemoveSignatures takes precedence.
+	StripOnlyListSignatures bool
 	// Signers to use to add signatures during the copy.
 	// Callers are still responsible for closing these Signer objects; they can be reused for multiple copy.Image operations in a row.
 	Signers                          []*signer.Signer
@@ -334,6 +338,9 @@ func Image(ctx context.Context, policyContext *signature.PolicyContext, destRef,
 		if len(options.EnsureCompressionVariantsExist) > 0 {
 			return nil, fmt.Errorf("EnsureCompressionVariantsExist is not implemented when not creating a multi-architecture image")
 		}
+		if options.StripOnlyListSignatures {
+			return nil, fmt.Errorf("StripOnlyListSignatures can only be used with manifest lists, not single images")
+		}
 		requireCompressionFormatMatch, err := shouldRequireCompressionFormatMatch(options)
 		if err != nil {
 			return nil, err
@@ -348,6 +355,9 @@ func Image(ctx context.Context, policyContext *signature.PolicyContext, destRef,
 		if len(options.EnsureCompressionVariantsExist) > 0 {
 			return nil, fmt.Errorf("EnsureCompressionVariantsExist is not implemented when not creating a multi-architecture image")
 		}
+		if options.StripOnlyListSignatures {
+			return nil, fmt.Errorf("StripOnlyListSignatures can only be used with CopySpecificImages and SparseManifestListAction=StripSparseManifestList, not with CopySystemImage")
+		}
 		requireCompressionFormatMatch, err := shouldRequireCompressionFormatMatch(options)
 		if err != nil {
 			return nil, err
@@ -378,6 +388,15 @@ func Image(ctx context.Context, policyContext *signature.PolicyContext, destRef,
 		if !supportsMultipleImages(c.dest) {
 			return nil, fmt.Errorf("copying multiple images: destination transport %q does not support copying multiple images as a group", destRef.Transport().Name())
 		}
+		// Validate StripOnlyListSignatures usage
+		if options.StripOnlyListSignatures {
+			if c.options.ImageListSelection != CopySpecificImages {
+				return nil, fmt.Errorf("StripOnlyListSignatures can only be used with CopySpecificImages, not CopyAllImages")
+			}
+			if options.SparseManifestListAction != StripSparseManifestList {
+				return nil, fmt.Errorf("StripOnlyListSignatures requires SparseManifestListAction=StripSparseManifestList")
+			}
+		}
 		// Copy some or all of the images.
 		switch c.options.ImageListSelection {
 		case CopyAllImages:

image/copy/multiple.go

@@ -17,6 +17,7 @@ import (
 	"go.podman.io/image/v5/internal/image"
 	internalManifest "go.podman.io/image/v5/internal/manifest"
 	"go.podman.io/image/v5/internal/set"
+	internalsig "go.podman.io/image/v5/internal/signature"
 	"go.podman.io/image/v5/manifest"
 	"go.podman.io/image/v5/pkg/compression"
 )
@@ -219,7 +220,12 @@ func (c *copier) copyMultipleImages(ctx context.Context) (copiedManifest []byte,
 	// Compare, and perhaps keep in sync with, the version in copySingleImage.
 	cannotModifyManifestListReason := ""
 	if len(sigs) > 0 {
-		cannotModifyManifestListReason = "Would invalidate signatures"
+		// If StripOnlyListSignatures is set, we allow modification of the manifest list
+		// by stripping only the list-level signature while preserving per-instance signatures.
+		// This is handled below by setting sigs to empty (similar to RemoveSignatures).
+		if !c.options.StripOnlyListSignatures {
+			cannotModifyManifestListReason = "Would invalidate signatures"
+		}
 	}
 	if destIsDigestedReference {
 		cannotModifyManifestListReason = "Destination specifies a digest"
@@ -228,6 +234,22 @@ func (c *copier) copyMultipleImages(ctx context.Context) (copiedManifest []byte,
 		cannotModifyManifestListReason = "Instructed to preserve digests"
 	}
 
+	// Validate that when using StripSparseManifestList with signed images, the user explicitly
+	// acknowledges signature handling via either StripOnlyListSignatures or RemoveSignatures.
+	// This is consistent with requiring explicit acknowledgment for other manifest edits.
+	if c.options.SparseManifestListAction == StripSparseManifestList && len(sigs) > 0 &&
+		!c.options.RemoveSignatures && !c.options.StripOnlyListSignatures {
+		return nil, fmt.Errorf("SparseManifestListAction.StripSparseManifestList will modify the signed manifest list; use RemoveSignatures to remove all signatures, or StripOnlyListSignatures to strip only the list signature while preserving per-instance signatures")
+	}
+
+	// If StripOnlyListSignatures is set, strip the list-level signatures.
+	// Per-instance signatures will be preserved because copySingleImage handles each instance
+	// independently and won't have RemoveSignatures set (unless the user also set it).
+	if c.options.StripOnlyListSignatures && len(sigs) > 0 {
+		logrus.Debugf("Stripping manifest list signatures while preserving per-instance signatures")
+		sigs = []internalsig.Signature{}
+	}
+
 	// Determine if we'll need to convert the manifest list to a different format.
 	forceListMIMEType := c.options.ForceManifestMIMEType
 	switch forceListMIMEType {

image/copy/multiple_test.go

@@ -1,20 +1,28 @@
 package copy
 
 import (
+	"context"
 	"os"
 	"path/filepath"
 	"testing"
 
 	digest "github.com/opencontainers/go-digest"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
+	"go.podman.io/image/v5/directory"
 	internalManifest "go.podman.io/image/v5/internal/manifest"
 	"go.podman.io/image/v5/pkg/compression"
 )
 
+const (
+	// Test manifest files (relative to ../internal/manifest/testdata/)
+	ociManifestFile  = "ociv1.manifest.json"
+	ociIndexZstdFile = "oci1.index.zstd-selection.json"
+)
+
 // Test `instanceOpCopy` cases.
 func TestPrepareCopyInstancesforInstanceCopyCopy(t *testing.T) {
-	validManifest, err := os.ReadFile(filepath.Join("..", "internal", "manifest", "testdata", "oci1.index.zstd-selection.json"))
+	validManifest, err := os.ReadFile(filepath.Join("..", "internal", "manifest", "testdata", ociIndexZstdFile))
 	require.NoError(t, err)
 	list, err := internalManifest.ListFromBlob(validManifest, internalManifest.GuessMIMEType(validManifest))
 	require.NoError(t, err)
@@ -77,7 +85,7 @@ func TestPrepareCopyInstancesforInstanceCopyCopy(t *testing.T) {
 
 // Test `instanceOpClone` cases.
 func TestPrepareCopyInstancesforInstanceCopyClone(t *testing.T) {
-	validManifest, err := os.ReadFile(filepath.Join("..", "internal", "manifest", "testdata", "oci1.index.zstd-selection.json"))
+	validManifest, err := os.ReadFile(filepath.Join("..", "internal", "manifest", "testdata", ociIndexZstdFile))
 	require.NoError(t, err)
 	list, err := internalManifest.ListFromBlob(validManifest, internalManifest.GuessMIMEType(validManifest))
 	require.NoError(t, err)
@@ -194,3 +202,189 @@ func convertInstanceCopyToSimplerInstanceCopy(copies []instanceOp) []simplerInst
 	}
 	return res
 }
+
+// TestStripOnlyListSignaturesValidation tests the validation logic for StripOnlyListSignatures
+// by actually calling copy.Image() with various option combinations.
+func TestStripOnlyListSignaturesValidation(t *testing.T) {
+	tests := []struct {
+		name          string
+		manifestFile  string // Relative to testdata directory
+		options       *Options
+		expectedError string
+	}{
+		{
+			name:         "Invalid: StripOnlyListSignatures with single image (not manifest list)",
+			manifestFile: ociManifestFile,
+			options: &Options{
+				ImageListSelection:       CopySpecificImages,
+				SparseManifestListAction: StripSparseManifestList,
+				StripOnlyListSignatures:  true,
+			},
+			expectedError: "StripOnlyListSignatures can only be used with manifest lists, not single images",
+		},
+		{
+			name:         "Invalid: StripOnlyListSignatures with CopySystemImage",
+			manifestFile: ociIndexZstdFile,
+			options: &Options{
+				ImageListSelection:       CopySystemImage,
+				SparseManifestListAction: StripSparseManifestList,
+				StripOnlyListSignatures:  true,
+			},
+			expectedError: "StripOnlyListSignatures can only be used with CopySpecificImages and SparseManifestListAction=StripSparseManifestList, not with CopySystemImage",
+		},
+		{
+			name:         "Invalid: StripOnlyListSignatures with CopyAllImages",
+			manifestFile: ociIndexZstdFile,
+			options: &Options{
+				ImageListSelection:       CopyAllImages,
+				SparseManifestListAction: StripSparseManifestList,
+				StripOnlyListSignatures:  true,
+			},
+			expectedError: "StripOnlyListSignatures can only be used with CopySpecificImages, not CopyAllImages",
+		},
+		{
+			name:         "Invalid: StripOnlyListSignatures without StripSparseManifestList",
+			manifestFile: ociIndexZstdFile,
+			options: &Options{
+				ImageListSelection:       CopySpecificImages,
+				SparseManifestListAction: KeepSparseManifestList,
+				StripOnlyListSignatures:  true,
+			},
+			expectedError: "StripOnlyListSignatures requires SparseManifestListAction=StripSparseManifestList",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			// Load the appropriate manifest for this test case
+			manifest, err := os.ReadFile(filepath.Join("..", "internal", "manifest", "testdata", tt.manifestFile))
+			require.NoError(t, err)
+
+			// Set up source directory with the manifest
+			srcDir := t.TempDir()
+			srcManifestPath := filepath.Join(srcDir, "manifest.json")
+			require.NoError(t, os.WriteFile(srcManifestPath, manifest, 0644))
+
+			// Set up destination directory
+			destDir := t.TempDir()
+
+			// Create source and destination references
+			// Note: We use directory transport for simplicity, even though copy.Image
+			// will fail later in the process. The validation we're testing happens
+			// early in copy.Image() before it tries to actually copy data.
+			srcRef, err := directory.NewReference(srcDir)
+			require.NoError(t, err)
+			destRef, err := directory.NewReference(destDir)
+			require.NoError(t, err)
+
+			// Call the real copy.Image() function
+			_, err = Image(context.Background(), nil, destRef, srcRef, tt.options)
+
+			// Verify the error matches expectations (all test cases in this function are invalid)
+			require.Error(t, err, "Expected validation error from copy.Image()")
+			assert.Equal(t, tt.expectedError, err.Error())
+		})
+	}
+}
+
+// TestStripSparseManifestListRequiresSignatureHandling tests that when using
+// StripSparseManifestList with a signed manifest list, the user must explicitly
+// choose how to handle signatures via RemoveSignatures or StripOnlyListSignatures.
+func TestStripSparseManifestListRequiresSignatureHandling(t *testing.T) {
+	// Load a manifest list
+	manifest, err := os.ReadFile(filepath.Join("..", "internal", "manifest", "testdata", ociIndexZstdFile))
+	require.NoError(t, err)
+
+	tests := []struct {
+		name          string
+		options       *Options
+		addSignature  bool
+		expectedError string
+	}{
+		{
+			name: "Valid: StripSparseManifestList with signed manifest + RemoveSignatures",
+			options: &Options{
+				ImageListSelection:       CopySpecificImages,
+				Instances:                []digest.Digest{digest.Digest("sha256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")},
+				SparseManifestListAction: StripSparseManifestList,
+				RemoveSignatures:         true,
+			},
+			addSignature:  true,
+			expectedError: "",
+		},
+		{
+			name: "Valid: StripSparseManifestList with signed manifest + StripOnlyListSignatures",
+			options: &Options{
+				ImageListSelection:       CopySpecificImages,
+				Instances:                []digest.Digest{digest.Digest("sha256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")},
+				SparseManifestListAction: StripSparseManifestList,
+				StripOnlyListSignatures:  true,
+			},
+			addSignature:  true,
+			expectedError: "",
+		},
+		{
+			name: "Invalid: StripSparseManifestList with signed manifest without signature handling",
+			options: &Options{
+				ImageListSelection:       CopySpecificImages,
+				Instances:                []digest.Digest{digest.Digest("sha256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")},
+				SparseManifestListAction: StripSparseManifestList,
+			},
+			addSignature:  true,
+			expectedError: "SparseManifestListAction.StripSparseManifestList will modify the signed manifest list; use RemoveSignatures to remove all signatures, or StripOnlyListSignatures to strip only the list signature while preserving per-instance signatures",
+		},
+		{
+			name: "Valid: StripSparseManifestList with unsigned manifest (no signature handling needed)",
+			options: &Options{
+				ImageListSelection:       CopySpecificImages,
+				Instances:                []digest.Digest{digest.Digest("sha256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")},
+				SparseManifestListAction: StripSparseManifestList,
+			},
+			addSignature:  false,
+			expectedError: "",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			// Set up source directory with the manifest
+			srcDir := t.TempDir()
+			srcManifestPath := filepath.Join(srcDir, "manifest.json")
+			require.NoError(t, os.WriteFile(srcManifestPath, manifest, 0644))
+
+			// Add a signature file if requested
+			if tt.addSignature {
+				// For directory transport, signatures are stored as "signature-1", "signature-2", etc.
+				// Copy an existing signature file from testdata
+				existingSignature, err := os.ReadFile(filepath.Join("..", "internal", "signature", "testdata", "simple.signature"))
+				require.NoError(t, err)
+				signaturePath := filepath.Join(srcDir, "signature-1")
+				require.NoError(t, os.WriteFile(signaturePath, existingSignature, 0644))
+			}
+
+			// Set up destination directory
+			destDir := t.TempDir()
+
+			// Create source and destination references
+			srcRef, err := directory.NewReference(srcDir)
+			require.NoError(t, err)
+			destRef, err := directory.NewReference(destDir)
+			require.NoError(t, err)
+
+			// Call the real copy.Image() function
+			_, err = Image(context.Background(), nil, destRef, srcRef, tt.options)
+
+			// Verify the error matches expectations
+			if tt.expectedError != "" {
+				require.Error(t, err, "Expected validation error from copy.Image()")
+				assert.Equal(t, tt.expectedError, err.Error())
+			} else {
+				// Note: The copy may fail for other reasons (missing blobs, etc.)
+				// but should not fail with the signature handling error
+				if err != nil {
+					assert.NotContains(t, err.Error(), "will modify the signed manifest list")
+				}
+			}
+		})
+	}
+}