diff options
author | Flavio Castelli <fcastelli@suse.com> | 2020-09-09 12:33:11 +0200 |
---|---|---|
committer | Flavio Castelli <fcastelli@suse.com> | 2020-09-09 12:33:11 +0200 |
commit | 1158025ef8d8e8d9d0d2157292d36b4d7392ea39 (patch) | |
tree | 0068fab6c0d0b1752646acd2b83a89298c2ae1b5 /cmd/podman/root.go | |
parent | be7778df6c70227dab760ea92637ed97dad29641 (diff) | |
download | podman-1158025ef8d8e8d9d0d2157292d36b4d7392ea39.tar.gz podman-1158025ef8d8e8d9d0d2157292d36b4d7392ea39.tar.bz2 podman-1158025ef8d8e8d9d0d2157292d36b4d7392ea39.zip |
Extend flags of `manifest add`
Extend the flags of `podman manifest add` to include also:
* cert-dir
* auth-file
* creds
* tls-verify
These options are useful when adding to a manifest an image that is not
part of the local image store. The image resides on a remote registry
that falls into one of these cases: it's not using tls termination, it requires
authentication or it's secured with an unknown tls certificate.
Consider the following scenario: a multi architecture manifest is created as
part of a multi-step CI pipeline running in a containerized way.
All the images referenced by the manifest live inside of a registry
secured with a self-signed tls certificate.
Without this patch the manifest creation step would have to pull all the
multi-architecture images locally via `podman pull`.
With this patch the usage of `podman pull` would not be needed because the
images' digests can be requested straight to the registry. That means the
execution of manifest creation step would be faster and result in less disk
space and network bandwidth being used.
Finally, this is a propagation of a similar fix done inside of buildah
via https://github.com/containers/buildah/pull/2593
Signed-off-by: Flavio Castelli <fcastelli@suse.com>
Diffstat (limited to 'cmd/podman/root.go')
0 files changed, 0 insertions, 0 deletions