Merge pull request #409 from dtaniwaki/insecure-pull

Separate Insecure Pull Options
2018-10-26 15:00:27 -07:00 · 2018-10-26 15:00:27 -07:00 · 458152910a
parent 1996bf810a e8aab7e17e
commit 458152910a
4 changed files with 34 additions and 22 deletions
--- a/README.md
+++ b/README.md
@ -298,11 +298,19 @@ Set this flag if you only want to build the image, without pushing to a registry
 #### --insecure
-Set this flag if you want to connect to a plain HTTP registry. It is supposed to be used for testing purposes only and should not be used in production!
+Set this flag if you want to push images to a plain HTTP registry. It is supposed to be used for testing purposes only and should not be used in production!
 #### --skip-tls-verify
-Set this flag to skip TLS certificate validation when connecting to a registry. It is supposed to be used for testing purposes only and should not be used in production!
+Set this flag to skip TLS certificate validation when pushing images to a registry. It is supposed to be used for testing purposes only and should not be used in production!
 #### --insecure-pull
 Set this flag if you want to pull images from a plain HTTP registry. It is supposed to be used for testing purposes only and should not be used in production!
 #### --skip-tls-verify-pull
 Set this flag to skip TLS certificate validation when pulling images from a registry. It is supposed to be used for testing purposes only and should not be used in production!
 #### --cache
--- a/cmd/executor/cmd/root.go
+++ b/cmd/executor/cmd/root.go
@ -91,8 +91,10 @@ func addKanikoOptionsFlags(cmd *cobra.Command) {
 	RootCmd.PersistentFlags().VarP(&opts.Destinations, "destination", "d", "Registry the final image should be pushed to. Set it repeatedly for multiple destinations.")
 	RootCmd.PersistentFlags().StringVarP(&opts.SnapshotMode, "snapshotMode", "", "full", "Change the file attributes inspected during snapshotting")
 	RootCmd.PersistentFlags().VarP(&opts.BuildArgs, "build-arg", "", "This flag allows you to pass in ARG values at build time. Set it repeatedly for multiple values.")
-	RootCmd.PersistentFlags().BoolVarP(&opts.Insecure, "insecure", "", false, "Pull and push to insecure registry using plain HTTP")
+	RootCmd.PersistentFlags().BoolVarP(&opts.Insecure, "insecure", "", false, "Push to insecure registry using plain HTTP")
 	RootCmd.PersistentFlags().BoolVarP(&opts.SkipTLSVerify, "skip-tls-verify", "", false, "Push to insecure registry ignoring TLS verify")
 	RootCmd.PersistentFlags().BoolVarP(&opts.InsecurePull, "insecure-pull", "", false, "Pull from insecure registry using plain HTTP")
 	RootCmd.PersistentFlags().BoolVarP(&opts.SkipTLSVerifyPull, "skip-tls-verify-pull", "", false, "Pull from insecure registry ignoring TLS verify")
 	RootCmd.PersistentFlags().StringVarP(&opts.TarPath, "tarPath", "", "", "Path to save the image in as a tarball instead of pushing")
 	RootCmd.PersistentFlags().BoolVarP(&opts.SingleSnapshot, "single-snapshot", "", false, "Take a single snapshot at the end of the build.")
 	RootCmd.PersistentFlags().BoolVarP(&opts.Reproducible, "reproducible", "", false, "Strip timestamps out of the image to make it reproducible")
--- a/pkg/config/options.go
+++ b/pkg/config/options.go
@ -18,23 +18,25 @@ package config
 // KanikoOptions are options that are set by command line arguments
 type KanikoOptions struct {
-	DockerfilePath string
+	DockerfilePath    string
-	SrcContext     string
+	SrcContext        string
-	SnapshotMode   string
+	SnapshotMode      string
-	Bucket         string
+	Bucket            string
-	TarPath        string
+	TarPath           string
-	Target         string
+	Target            string
-	CacheRepo      string
+	CacheRepo         string
-	CacheDir       string
+	CacheDir          string
-	Destinations   multiArg
+	Destinations      multiArg
-	BuildArgs      multiArg
+	BuildArgs         multiArg
-	Insecure       bool
+	Insecure          bool
-	SkipTLSVerify  bool
+	SkipTLSVerify     bool
-	SingleSnapshot bool
+	InsecurePull      bool
-	Reproducible   bool
+	SkipTLSVerifyPull bool
-	NoPush         bool
+	SingleSnapshot    bool
-	Cache          bool
+	Reproducible      bool
-	Cleanup        bool
+	NoPush            bool
 	Cache             bool
 	Cleanup           bool
 }
 // WarmerOptions are options that are set by command line arguments to the cache warmer.
--- a/pkg/util/image_util.go
+++ b/pkg/util/image_util.go
@ -102,7 +102,7 @@ func remoteImage(image string, opts *config.KanikoOptions) (v1.Image, error) {
 		return nil, err
 	}
-	if opts.Insecure {
+	if opts.InsecurePull {
 		newReg, err := name.NewInsecureRegistry(ref.Context().RegistryStr(), name.WeakValidation)
 		if err != nil {
 			return nil, err
@ -118,7 +118,7 @@ func remoteImage(image string, opts *config.KanikoOptions) (v1.Image, error) {
 	}
 	tr := http.DefaultTransport.(*http.Transport)
-	if opts.SkipTLSVerify {
+	if opts.SkipTLSVerifyPull {
 		tr.TLSClientConfig = &tls.Config{
 			InsecureSkipVerify: true,
 		}