From 3873aa05e3a7f1db29853eaeaf35751f785f70a4 Mon Sep 17 00:00:00 2001
From: Yoan Blanc <yoan@dosimple.ch>
Date: Fri, 25 Oct 2019 11:34:49 +0200
Subject: [PATCH] root: add --registry-mirror flag

Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
---
 cmd/executor/cmd/root.go |  1 +
 pkg/config/options.go    |  1 +
 pkg/util/image_util.go   | 18 ++++++++++++++++--
 3 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/cmd/executor/cmd/root.go b/cmd/executor/cmd/root.go
index 199f3fa7a..eb244be21 100644
--- a/cmd/executor/cmd/root.go
+++ b/cmd/executor/cmd/root.go
@@ -140,6 +140,7 @@ func addKanikoOptionsFlags(cmd *cobra.Command) {
 	RootCmd.PersistentFlags().DurationVarP(&opts.CacheTTL, "cache-ttl", "", time.Hour*336, "Cache timeout in hours. Defaults to two weeks.")
 	RootCmd.PersistentFlags().VarP(&opts.InsecureRegistries, "insecure-registry", "", "Insecure registry using plain HTTP to push and pull. Set it repeatedly for multiple registries.")
 	RootCmd.PersistentFlags().VarP(&opts.SkipTLSVerifyRegistries, "skip-tls-verify-registry", "", "Insecure registry ignoring TLS verify to push and pull. Set it repeatedly for multiple registries.")
+	RootCmd.PersistentFlags().StringVarP(&opts.RegistryMirror, "registry-mirror", "", "", "Registry mirror to use has pull-through cache instead of docker.io.")
 }
 
 // addHiddenFlags marks certain flags as hidden from the executor help text
diff --git a/pkg/config/options.go b/pkg/config/options.go
index 44af681ec..862ec9e11 100644
--- a/pkg/config/options.go
+++ b/pkg/config/options.go
@@ -51,6 +51,7 @@ type KanikoOptions struct {
 	Cleanup                 bool
 	InsecureRegistries      multiArg
 	SkipTLSVerifyRegistries multiArg
+	RegistryMirror          string
 }
 
 // WarmerOptions are options that are set by command line arguments to the cache warmer.
diff --git a/pkg/util/image_util.go b/pkg/util/image_util.go
index 0978a6fef..e24134c78 100644
--- a/pkg/util/image_util.go
+++ b/pkg/util/image_util.go
@@ -101,11 +101,25 @@ func remoteImage(image string, opts *config.KanikoOptions) (v1.Image, error) {
 	}
 
 	registryName := ref.Context().RegistryStr()
-	if opts.InsecurePull || opts.InsecureRegistries.Contains(registryName) {
-		newReg, err := name.NewRegistry(registryName, name.WeakValidation, name.Insecure)
+	var newReg name.Registry
+
+	if opts.RegistryMirror != "" && registryName == name.DefaultRegistry {
+		registryName = opts.RegistryMirror
+
+		newReg, err = name.NewRegistry(opts.RegistryMirror, name.StrictValidation)
 		if err != nil {
 			return nil, err
 		}
+	}
+
+	if opts.InsecurePull || opts.InsecureRegistries.Contains(registryName) {
+		newReg, err = name.NewRegistry(registryName, name.WeakValidation, name.Insecure)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if newReg != ref.Context().Registry {
 		if tag, ok := ref.(name.Tag); ok {
 			tag.Repository.Registry = newReg
 			ref = tag