Consolidate reading messages, and checking for support, into a helper

Signed-off-by: Miloslav Trmač <mitr@redhat.com>

copy/copy.go

@@ -395,23 +395,11 @@ func (c *copier) copyMultipleImages(ctx context.Context, policyContext *signatur
 	}
 	updatedList := originalList.Clone()
 
-	// Read and/or clear the set of signatures for this list.
-	var sigs [][]byte
-	if options.RemoveSignatures {
-		sigs = [][]byte{}
-	} else {
-		c.Printf("Getting image list signatures\n")
-		s, err := unparsedToplevel.Signatures(ctx)
-		if err != nil {
-			return nil, perrors.Wrap(err, "reading signatures")
-		}
-		sigs = s
-	}
-	if len(sigs) != 0 {
-		c.Printf("Checking if image list destination supports signatures\n")
-		if err := c.dest.SupportsSignatures(ctx); err != nil {
-			return nil, perrors.Wrapf(err, "Can not copy signatures to %s", transports.ImageName(c.dest.Reference()))
-		}
+	sigs, err := c.sourceSignatures(ctx, unparsedToplevel, options,
+		"Getting image list signatures",
+		"Checking if image list destination supports signatures")
+	if err != nil {
+		return nil, err
 	}
 
 	// If the destination is a digested reference, make a note of that, determine what digest value we're
@@ -639,22 +627,11 @@ func (c *copier) copyOneImage(ctx context.Context, policyContext *signature.Poli
 		return nil, "", "", err
 	}
 
-	var sigs [][]byte
-	if options.RemoveSignatures {
-		sigs = [][]byte{}
-	} else {
-		c.Printf("Getting image source signatures\n")
-		s, err := src.Signatures(ctx)
-		if err != nil {
-			return nil, "", "", perrors.Wrap(err, "reading signatures")
-		}
-		sigs = s
-	}
-	if len(sigs) != 0 {
-		c.Printf("Checking if image destination supports signatures\n")
-		if err := c.dest.SupportsSignatures(ctx); err != nil {
-			return nil, "", "", perrors.Wrapf(err, "Can not copy signatures to %s", transports.ImageName(c.dest.Reference()))
-		}
+	sigs, err := c.sourceSignatures(ctx, src, options,
+		"Getting image source signatures",
+		"Checking if image destination supports signatures")
+	if err != nil {
+		return nil, "", "", err
 	}
 
 	// Determine if we're allowed to modify the manifest.

copy/sign.go

@@ -1,14 +1,41 @@
 package copy
 
 import (
+	"context"
 	"fmt"
 
 	"github.com/containers/image/v5/docker/reference"
 	"github.com/containers/image/v5/signature"
 	"github.com/containers/image/v5/transports"
+	"github.com/containers/image/v5/types"
 	perrors "github.com/pkg/errors"
 )
 
+// sourceSignatures returns signatures from unparsedSource based on options,
+// and verifies that they can be used (to avoid copying a large image when we
+// can tell in advance that it would ultimately fail)
+func (c *copier) sourceSignatures(ctx context.Context, unparsed types.UnparsedImage, options *Options,
+	gettingSignaturesMessage, checkingDestMessage string) ([][]byte, error) {
+	var sigs [][]byte
+	if options.RemoveSignatures {
+		sigs = [][]byte{}
+	} else {
+		c.Printf("%s\n", gettingSignaturesMessage)
+		s, err := unparsed.Signatures(ctx)
+		if err != nil {
+			return nil, perrors.Wrap(err, "reading signatures")
+		}
+		sigs = s
+	}
+	if len(sigs) != 0 {
+		c.Printf("%s\n", checkingDestMessage)
+		if err := c.dest.SupportsSignatures(ctx); err != nil {
+			return nil, perrors.Wrapf(err, "Can not copy signatures to %s", transports.ImageName(c.dest.Reference()))
+		}
+	}
+	return sigs, nil
+}
+
 // createSignature creates a new signature of manifest using keyIdentity.
 func (c *copier) createSignature(manifest []byte, keyIdentity string, passphrase string, identity reference.Named) ([]byte, error) {
 	mech, err := signature.NewGPGSigningMechanism()