diff --git a/cmd/executor/cmd/root.go b/cmd/executor/cmd/root.go index 7a648fb1d..2c8e9b69a 100644 --- a/cmd/executor/cmd/root.go +++ b/cmd/executor/cmd/root.go @@ -32,13 +32,14 @@ import ( ) var ( - dockerfilePath string - destination string - srcContext string - snapshotMode string - bucket string - logLevel string - force bool + dockerfilePath string + destination string + srcContext string + snapshotMode string + bucket string + dockerInsecureSkipTLSVerify bool + logLevel string + force bool ) func init() { @@ -47,6 +48,7 @@ func init() { RootCmd.PersistentFlags().StringVarP(&bucket, "bucket", "b", "", "Name of the GCS bucket from which to access build context as tarball.") RootCmd.PersistentFlags().StringVarP(&destination, "destination", "d", "", "Registry the final image should be pushed to (ex: gcr.io/test/example:latest)") RootCmd.PersistentFlags().StringVarP(&snapshotMode, "snapshotMode", "", "full", "Set this flag to change the file attributes inspected during snapshotting") + RootCmd.PersistentFlags().BoolVarP(&dockerInsecureSkipTLSVerify, "insecure-skip-tls-verify", "", false, "Push to insecure registry ignoring TLS verify") RootCmd.PersistentFlags().StringVarP(&logLevel, "verbosity", "v", constants.DefaultLogLevel, "Log level (debug, info, warn, error, fatal, panic") RootCmd.PersistentFlags().BoolVarP(&force, "force", "", false, "Force building outside of a container") } @@ -70,7 +72,7 @@ var RootCmd = &cobra.Command{ } logrus.Warn("kaniko is being run outside of a container. This can have dangerous effects on your system") } - if err := executor.DoBuild(dockerfilePath, srcContext, destination, snapshotMode); err != nil { + if err := executor.DoBuild(dockerfilePath, srcContext, destination, snapshotMode, dockerInsecureSkipTLSVerify); err != nil { logrus.Error(err) os.Exit(1) } diff --git a/pkg/executor/executor.go b/pkg/executor/executor.go index ee7c87e45..ab9eacd53 100644 --- a/pkg/executor/executor.go +++ b/pkg/executor/executor.go @@ -32,7 +32,7 @@ import ( "github.com/sirupsen/logrus" ) -func DoBuild(dockerfilePath, srcContext, destination, snapshotMode string) error { +func DoBuild(dockerfilePath, srcContext, destination, snapshotMode string, dockerInsecureSkipTLSVerify bool) error { // Parse dockerfile and unpack base image to root d, err := ioutil.ReadFile(dockerfilePath) if err != nil { @@ -113,7 +113,7 @@ func DoBuild(dockerfilePath, srcContext, destination, snapshotMode string) error if err := setDefaultEnv(); err != nil { return err } - return image.PushImage(sourceImage, destination) + return image.PushImage(sourceImage, destination, dockerInsecureSkipTLSVerify) } func getHasher(snapshotMode string) (func(string) (string, error), error) { diff --git a/pkg/image/image.go b/pkg/image/image.go index 52035ef69..6309f3097 100644 --- a/pkg/image/image.go +++ b/pkg/image/image.go @@ -48,7 +48,7 @@ func NewSourceImage(srcImg string) (*img.MutableSource, error) { } // PushImage pushes the final image -func PushImage(ms *img.MutableSource, destImg string) error { +func PushImage(ms *img.MutableSource, destImg string, dockerInsecureSkipTLSVerify bool) error { srcRef := &img.ProxyReference{ ImageReference: nil, Src: ms, @@ -65,7 +65,8 @@ func PushImage(ms *img.MutableSource, destImg string) error { opts := ©.Options{ DestinationCtx: &types.SystemContext{ - DockerRegistryUserAgent: fmt.Sprintf("kaniko/executor-%s", version.Version()), + DockerRegistryUserAgent: fmt.Sprintf("kaniko/executor-%s", version.Version()), + DockerInsecureSkipTLSVerify: dockerInsecureSkipTLSVerify, }, } return copy.Image(policyContext, destRef, srcRef, opts)