Minimally update for the DockerInsecureSkipTLSVerify type change

Following SystemContext.DockerInsecureSkipTLSVerify, make the
DockerRegistryOne also an OptionalBool, and update callers.

Explicitly document that --tls-verify=true and --tls-verify unset
have different behavior in those commands where the behavior changed
(or where it hasn't changed but the documentation needed updating).

Also make the --tls-verify man page sections a tiny bit more consistent
throughout.

This is a minimal fix, without changing the existing "--tls-verify=true"
paths nor existing manual insecure registry lookups.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>

1 files changed, 5 insertions, 2 deletions

diff --git a/cmd/podman/runlabel.go b/cmd/podman/runlabel.go
index b0d87d0d9..48a296260 100644
--- a/cmd/podman/runlabel.go
+++ b/cmd/podman/runlabel.go
@@ -6,6 +6,7 @@ import (
 	"os"
 	"strings"
 
+	"github.com/containers/image/types"
 	"github.com/containers/libpod/cmd/podman/libpodruntime"
 	"github.com/containers/libpod/cmd/podman/shared"
 	"github.com/containers/libpod/libpod/image"
@@ -153,8 +154,10 @@ func runlabelCmd(c *cli.Context) error {
 	}
 
 	dockerRegistryOptions := image.DockerRegistryOptions{
-		DockerCertPath:              c.String("cert-dir"),
-		DockerInsecureSkipTLSVerify: !c.BoolT("tls-verify"),
+		DockerCertPath: c.String("cert-dir"),
+	}
+	if c.IsSet("tls-verify") {
+		dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!c.BoolT("tls-verify"))
 	}
 
 	authfile := getAuthFile(c.String("authfile"))