public_git
/
kaniko
mirror of https://github.com/GoogleContainerTools/kaniko
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #932 from cvgw/u/cvgw/issue-925_fix_pull_insecure 

Fix #925 broken insecure pull
This commit is contained in:
Tejal Desai 2019-12-23 11:30:37 -08:00 committed by GitHub
parent 732b270035 328847ffc2
commit eafb80227b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
pkg/util/image_util.go
View File

@ -99,15 +99,6 @@ func remoteImage(image string, opts *config.KanikoOptions) (v1.Image, error) {
return nil, err
}
rOpts, err := prepareRemoteRequest(ref, opts)
if err != nil {
return nil, err
}
return remote.Image(ref, rOpts...)
}
func prepareRemoteRequest(ref name.Reference, opts *config.KanikoOptions) ([]remote.Option, error) {
registryName := ref.Context().RegistryStr()
if opts.InsecurePull || opts.InsecureRegistries.Contains(registryName) {
newReg, err := name.NewRegistry(registryName, name.WeakValidation, name.Insecure)
@ -124,13 +115,23 @@ func prepareRemoteRequest(ref name.Reference, opts *config.KanikoOptions) ([]rem
}
}
rOpts := remoteOptions(registryName, opts)
if err != nil {
return nil, err
}
return remote.Image(ref, rOpts...)
}
func remoteOptions(registryName string, opts *config.KanikoOptions) []remote.Option {
tr := http.DefaultTransport.(*http.Transport)
if opts.SkipTLSVerifyPull || opts.SkipTLSVerifyRegistries.Contains(registryName) {
tr.TLSClientConfig = &tls.Config{
InsecureSkipVerify: true,
}
}
return []remote.Option{remote.WithTransport(tr), remote.WithAuthFromKeychain(creds.GetKeychain())}, nil
return []remote.Option{remote.WithTransport(tr), remote.WithAuthFromKeychain(creds.GetKeychain())}
}
func cachedImage(opts *config.KanikoOptions, image string) (v1.Image, error) {