public_git
/
kaniko
mirror of https://github.com/GoogleContainerTools/kaniko
1
0
Fork 0
Code Issues Releases Wiki Activity

Implement separation between Insecure (HTTP) registry and skipping TLS verification into two separate command line parameters

This commit is contained in:
Sebastian Jackel 2018-08-24 14:20:32 +02:00
parent bb75c04618
commit 4ba6148621
3 changed files with 17 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cmd/executor/cmd/root.go
View File

@ -85,7 +85,8 @@ func addKanikoOptionsFlags(cmd *cobra.Command) {
RootCmd.PersistentFlags().VarP(&opts.Destinations, "destination", "d", "Registry the final image should be pushed to. Set it repeatedly for multiple destinations.")
RootCmd.PersistentFlags().StringVarP(&opts.SnapshotMode, "snapshotMode", "", "full", "Change the file attributes inspected during snapshotting")
RootCmd.PersistentFlags().VarP(&opts.BuildArgs, "build-arg", "", "This flag allows you to pass in ARG values at build time. Set it repeatedly for multiple values.")
RootCmd.PersistentFlags().BoolVarP(&opts.DockerInsecureSkipTLSVerify, "insecure-skip-tls-verify", "", false, "Push to insecure registry ignoring TLS verify")
RootCmd.PersistentFlags().BoolVarP(&opts.DockerInsecure, "insecure", "", false, "Push to insecure registry using plain HTTP")
RootCmd.PersistentFlags().BoolVarP(&opts.SkipTlsVerify, "skip-tls-verify", "", false, "Push to insecure registry ignoring TLS verify")
RootCmd.PersistentFlags().StringVarP(&opts.TarPath, "tarPath", "", "", "Path to save the image in as a tarball instead of pushing")
RootCmd.PersistentFlags().BoolVarP(&opts.SingleSnapshot, "single-snapshot", "", false, "Take a single snapshot at the end of the build.")
RootCmd.PersistentFlags().BoolVarP(&opts.Reproducible, "reproducible", "", false, "Strip timestamps out of the image to make it reproducible")

4
pkg/executor/push.go
View File

@ -67,7 +67,7 @@ func DoPush(image v1.Image, opts *options.KanikoOptions) error {
// continue pushing unless an error occurs
for _, destRef := range destRefs {
if opts.DockerInsecureSkipTLSVerify {
if opts.DockerInsecure {
newReg, err := name.NewInsecureRegistry(destRef.Repository.Registry.Name(), name.WeakValidation)
if err != nil {
return errors.Wrap(err, "getting new insecure registry")
@ -87,7 +87,7 @@ func DoPush(image v1.Image, opts *options.KanikoOptions) error {
// Create a transport to set our user-agent.
tr := http.DefaultTransport
if opts.DockerInsecureSkipTLSVerify {
if opts.SkipTlsVerify {
tr.(*http.Transport).TLSClientConfig = &tls.Config{
InsecureSkipVerify: true,
}

3
pkg/options/options.go
View File

@ -23,7 +23,8 @@ type KanikoOptions struct {
SrcContext string
SnapshotMode string
Bucket string
DockerInsecureSkipTLSVerify bool
DockerInsecure bool
SkipTlsVerify bool
BuildArgs multiArg
TarPath string
SingleSnapshot bool