diff --git a/Makefile b/Makefile index e5633bf20..c7d14562b 100644 --- a/Makefile +++ b/Makefile @@ -14,7 +14,7 @@ # Bump these on release VERSION_MAJOR ?= 0 -VERSION_MINOR ?= 11 +VERSION_MINOR ?= 12 VERSION_BUILD ?= 0 VERSION ?= v$(VERSION_MAJOR).$(VERSION_MINOR).$(VERSION_BUILD) diff --git a/README.md b/README.md index d1720da88..38a4a63a3 100644 --- a/README.md +++ b/README.md @@ -430,10 +430,6 @@ Set this flag to skip TLS certificate validation when pushing to a registry. It Set this flag to skip TLS certificate validation when pulling from a registry. It is supposed to be used for testing purposes only and should not be used in production! -#### --skip-tls-verify-pull - -Set this flag to skip TLS certificate validation when pulling from a registry. It is supposed to be used for testing purposes only and should not be used in production! - #### --snapshotMode You can set the `--snapshotMode=` flag to set how kaniko will snapshot the filesystem. diff --git a/pkg/cache/cache.go b/pkg/cache/cache.go index 102411c5d..0953a28f6 100644 --- a/pkg/cache/cache.go +++ b/pkg/cache/cache.go @@ -59,7 +59,7 @@ func (rc *RegistryCache) RetrieveLayer(ck string) (v1.Image, error) { } registryName := cacheRef.Repository.Registry.Name() - if rc.Opts.InsecureRegistries.Contains(registryName) { + if rc.Opts.Insecure || rc.Opts.InsecureRegistries.Contains(registryName) { newReg, err := name.NewRegistry(registryName, name.WeakValidation, name.Insecure) if err != nil { return nil, err diff --git a/pkg/executor/push.go b/pkg/executor/push.go index e21fdc5fe..4ee4b0d2b 100644 --- a/pkg/executor/push.go +++ b/pkg/executor/push.go @@ -77,6 +77,13 @@ func CheckPushPermissions(opts *config.KanikoOptions) error { } registryName := destRef.Repository.Registry.Name() + if opts.Insecure || opts.InsecureRegistries.Contains(registryName) { + newReg, err := name.NewRegistry(registryName, name.WeakValidation, name.Insecure) + if err != nil { + return errors.Wrap(err, "getting new insecure registry") + } + destRef.Repository.Registry = newReg + } tr := makeTransport(opts, registryName) if err := remote.CheckPushPermission(destRef, creds.GetKeychain(), tr); err != nil { return errors.Wrapf(err, "checking push permission for %q", destRef) diff --git a/pkg/util/fs_util.go b/pkg/util/fs_util.go index 4abfcd4a4..338caa02a 100644 --- a/pkg/util/fs_util.go +++ b/pkg/util/fs_util.go @@ -121,6 +121,10 @@ func DeleteFilesystem() error { logrus.Info("Deleting filesystem...") return filepath.Walk(constants.RootDir, func(path string, info os.FileInfo, _ error) error { if CheckWhitelist(path) { + if !isExist(path) { + logrus.Debugf("Path %s whitelisted, but not exists", path) + return nil + } if info.IsDir() { return filepath.SkipDir } @@ -138,6 +142,14 @@ func DeleteFilesystem() error { }) } +// isExists returns true if path exists +func isExist(path string) bool { + if _, err := os.Stat(path); err == nil { + return true + } + return false +} + // ChildDirInWhitelist returns true if there is a child file or directory of the path in the whitelist func childDirInWhitelist(path string) bool { for _, d := range whitelist {