From 66a052255f2af18736f8dbae1914c6a91294737b Mon Sep 17 00:00:00 2001 From: tralexa <39952205+tralexa@users.noreply.github.com> Date: Sun, 2 Jun 2019 12:24:22 +0300 Subject: [PATCH 1/6] Insecure is now honored --- pkg/cache/cache.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkg/cache/cache.go b/pkg/cache/cache.go index d11de89af..33c7cae5b 100644 --- a/pkg/cache/cache.go +++ b/pkg/cache/cache.go @@ -59,7 +59,7 @@ func (rc *RegistryCache) RetrieveLayer(ck string) (v1.Image, error) { } registryName := cacheRef.Repository.Registry.Name() - if rc.Opts.InsecureRegistries.Contains(registryName) { + if rc.Opts.Insecure || rc.Opts.InsecureRegistries.Contains(registryName) { newReg, err := name.NewInsecureRegistry(registryName, name.WeakValidation) if err != nil { return nil, err From a1cc42bdb753d1c079afbb06f058a5597d843f41 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=90=D0=BD=D1=82=D0=BE=D0=BD=20=D0=9A=D0=BE=D1=81=D1=82?= =?UTF-8?q?=D0=B5=D0=BD=D0=BA=D0=BE?= Date: Tue, 10 Sep 2019 00:44:27 +0200 Subject: [PATCH 2/6] Fix https://github.com/GoogleContainerTools/kaniko/issues/756 --- pkg/util/fs_util.go | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/pkg/util/fs_util.go b/pkg/util/fs_util.go index d22dcb4aa..fa7a5db7d 100644 --- a/pkg/util/fs_util.go +++ b/pkg/util/fs_util.go @@ -121,6 +121,10 @@ func DeleteFilesystem() error { logrus.Info("Deleting filesystem...") return filepath.Walk(constants.RootDir, func(path string, info os.FileInfo, _ error) error { if CheckWhitelist(path) { + if ! isExist(path) { + logrus.Debugf("Path %s whitelisted, but not exists", path) + return nil + } if info.IsDir() { return filepath.SkipDir } @@ -137,6 +141,13 @@ func DeleteFilesystem() error { return os.RemoveAll(path) }) } +// isExists returns tru if path exists +func isExist(path string) bool { + if _, err := os.Stat(path); err == nil { + return true + } + return false +} // ChildDirInWhitelist returns true if there is a child file or directory of the path in the whitelist func childDirInWhitelist(path string) bool { From 62acf3ac1ddbc70ad1670f285c08dd06390e2ecd Mon Sep 17 00:00:00 2001 From: alexa Date: Mon, 16 Sep 2019 16:35:45 +0300 Subject: [PATCH 3/6] change schema to http when Insecure flag is enabled --- pkg/executor/push.go | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/pkg/executor/push.go b/pkg/executor/push.go index e0ebf2111..f34e60d25 100644 --- a/pkg/executor/push.go +++ b/pkg/executor/push.go @@ -77,6 +77,13 @@ func CheckPushPermissions(opts *config.KanikoOptions) error { } registryName := destRef.Repository.Registry.Name() + if opts.Insecure || opts.InsecureRegistries.Contains(registryName) { + newReg, err := name.NewRegistry(registryName, name.WeakValidation, name.Insecure) + if err != nil { + return errors.Wrap(err, "getting new insecure registry") + } + destRef.Repository.Registry = newReg + } tr := makeTransport(opts, registryName) if err := remote.CheckPushPermission(destRef, creds.GetKeychain(), tr); err != nil { return errors.Wrapf(err, "checking push permission for %q", destRef) From a21129f8899260fcc73dc5abd6cebad7d9bbdae0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=90=D0=BD=D1=82=D0=BE=D0=BD=20=D0=9A=D0=BE=D1=81=D1=82?= =?UTF-8?q?=D0=B5=D0=BD=D0=BA=D0=BE?= Date: Wed, 18 Sep 2019 10:43:26 +0200 Subject: [PATCH 4/6] Fix typo and run go fmt over fs_util --- pkg/util/fs_util.go | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pkg/util/fs_util.go b/pkg/util/fs_util.go index fa7a5db7d..81a268c09 100644 --- a/pkg/util/fs_util.go +++ b/pkg/util/fs_util.go @@ -121,8 +121,8 @@ func DeleteFilesystem() error { logrus.Info("Deleting filesystem...") return filepath.Walk(constants.RootDir, func(path string, info os.FileInfo, _ error) error { if CheckWhitelist(path) { - if ! isExist(path) { - logrus.Debugf("Path %s whitelisted, but not exists", path) + if !isExist(path) { + logrus.Debugf("Path %s whitelisted, but not exists", path) return nil } if info.IsDir() { @@ -141,7 +141,8 @@ func DeleteFilesystem() error { return os.RemoveAll(path) }) } -// isExists returns tru if path exists + +// isExists returns true if path exists func isExist(path string) bool { if _, err := os.Stat(path); err == nil { return true From 0bd5eb51f70c05c507e7760c1dabd93381be4342 Mon Sep 17 00:00:00 2001 From: Herrmann Hinz Date: Wed, 18 Sep 2019 12:33:04 +0200 Subject: [PATCH 5/6] double help text about skip-verify-tls removed --- README.md | 4 ---- 1 file changed, 4 deletions(-) diff --git a/README.md b/README.md index d1720da88..38a4a63a3 100644 --- a/README.md +++ b/README.md @@ -430,10 +430,6 @@ Set this flag to skip TLS certificate validation when pushing to a registry. It Set this flag to skip TLS certificate validation when pulling from a registry. It is supposed to be used for testing purposes only and should not be used in production! -#### --skip-tls-verify-pull - -Set this flag to skip TLS certificate validation when pulling from a registry. It is supposed to be used for testing purposes only and should not be used in production! - #### --snapshotMode You can set the `--snapshotMode=` flag to set how kaniko will snapshot the filesystem. From 7154d2e66b46214a4e01e47a47e386bf6c63fbd4 Mon Sep 17 00:00:00 2001 From: Sascha Askani Date: Wed, 18 Sep 2019 15:29:48 +0200 Subject: [PATCH 6/6] fix missing version bump to 0.12.0 in Makefile --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index e5633bf20..c7d14562b 100644 --- a/Makefile +++ b/Makefile @@ -14,7 +14,7 @@ # Bump these on release VERSION_MAJOR ?= 0 -VERSION_MINOR ?= 11 +VERSION_MINOR ?= 12 VERSION_BUILD ?= 0 VERSION ?= v$(VERSION_MAJOR).$(VERSION_MINOR).$(VERSION_BUILD)