Implement separation between Insecure (HTTP) registry and skipping TLS verification into two separate command line parameters

2018-08-24 14:20:32 +02:00 · 2018-08-24 14:20:32 +02:00 · 4ba6148621
parent bb75c04618
commit 4ba6148621
3 changed files with 17 additions and 15 deletions
--- a/cmd/executor/cmd/root.go
+++ b/cmd/executor/cmd/root.go
@ -85,7 +85,8 @@ func addKanikoOptionsFlags(cmd *cobra.Command) {
 	RootCmd.PersistentFlags().VarP(&opts.Destinations, "destination", "d", "Registry the final image should be pushed to. Set it repeatedly for multiple destinations.")
 	RootCmd.PersistentFlags().StringVarP(&opts.SnapshotMode, "snapshotMode", "", "full", "Change the file attributes inspected during snapshotting")
 	RootCmd.PersistentFlags().VarP(&opts.BuildArgs, "build-arg", "", "This flag allows you to pass in ARG values at build time. Set it repeatedly for multiple values.")
-	RootCmd.PersistentFlags().BoolVarP(&opts.DockerInsecureSkipTLSVerify, "insecure-skip-tls-verify", "", false, "Push to insecure registry ignoring TLS verify")
+	RootCmd.PersistentFlags().BoolVarP(&opts.DockerInsecure, "insecure", "", false, "Push to insecure registry using plain HTTP")
+	RootCmd.PersistentFlags().BoolVarP(&opts.SkipTlsVerify, "skip-tls-verify", "", false, "Push to insecure registry ignoring TLS verify")
 	RootCmd.PersistentFlags().StringVarP(&opts.TarPath, "tarPath", "", "", "Path to save the image in as a tarball instead of pushing")
 	RootCmd.PersistentFlags().BoolVarP(&opts.SingleSnapshot, "single-snapshot", "", false, "Take a single snapshot at the end of the build.")
 	RootCmd.PersistentFlags().BoolVarP(&opts.Reproducible, "reproducible", "", false, "Strip timestamps out of the image to make it reproducible")
--- a/pkg/executor/push.go
+++ b/pkg/executor/push.go
@ -67,7 +67,7 @@ func DoPush(image v1.Image, opts *options.KanikoOptions) error {

 	// continue pushing unless an error occurs
 	for _, destRef := range destRefs {
-		if opts.DockerInsecureSkipTLSVerify {
+		if opts.DockerInsecure {
 			newReg, err := name.NewInsecureRegistry(destRef.Repository.Registry.Name(), name.WeakValidation)
 			if err != nil {
 				return errors.Wrap(err, "getting new insecure registry")
@ -87,7 +87,7 @@ func DoPush(image v1.Image, opts *options.KanikoOptions) error {

 		// Create a transport to set our user-agent.
 		tr := http.DefaultTransport
-		if opts.DockerInsecureSkipTLSVerify {
+		if opts.SkipTlsVerify {
 			tr.(*http.Transport).TLSClientConfig = &tls.Config{
 				InsecureSkipVerify: true,
 			}
--- a/pkg/options/options.go
+++ b/pkg/options/options.go
@ -18,16 +18,17 @@ package options

 // KanikoOptions are options that are set by command line arguments
 type KanikoOptions struct {
-	DockerfilePath              string
-	Destinations                multiArg
-	SrcContext                  string
-	SnapshotMode                string
-	Bucket                      string
-	DockerInsecureSkipTLSVerify bool
-	BuildArgs                   multiArg
-	TarPath                     string
-	SingleSnapshot              bool
-	Reproducible                bool
-	Target                      string
-	NoPush                      bool
+	DockerfilePath string
+	Destinations   multiArg
+	SrcContext     string
+	SnapshotMode   string
+	Bucket         string
+	DockerInsecure bool
+	SkipTlsVerify  bool
+	BuildArgs      multiArg
+	TarPath        string
+	SingleSnapshot bool
+	Reproducible   bool
+	Target         string
+	NoPush         bool
 }