summaryrefslogtreecommitdiff
path: root/cmd/podman
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2019-05-11 07:26:05 -0400
committerDaniel J Walsh <dwalsh@redhat.com>2019-05-20 13:53:32 -0400
commitbaed81029b74c8d801ea9d5cf67a78005472e6ed (patch)
treeb7c8b61992b18df56558d8dfff744990d18e3e26 /cmd/podman
parent8d5432932d21b6863f813437d649044ca2264a2d (diff)
downloadpodman-baed81029b74c8d801ea9d5cf67a78005472e6ed.tar.gz
podman-baed81029b74c8d801ea9d5cf67a78005472e6ed.tar.bz2
podman-baed81029b74c8d801ea9d5cf67a78005472e6ed.zip
Fixup Flags
Mark hidden all references to signature-policy Default all uses of --authfile Add --authfile support to podman run and podman create. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'cmd/podman')
-rw-r--r--cmd/podman/build.go3
-rw-r--r--cmd/podman/common.go18
-rw-r--r--cmd/podman/load.go7
-rw-r--r--cmd/podman/login.go18
-rw-r--r--cmd/podman/logout.go14
-rw-r--r--cmd/podman/play_kube.go18
-rw-r--r--cmd/podman/pull.go21
-rw-r--r--cmd/podman/push.go18
-rw-r--r--cmd/podman/run.go2
-rw-r--r--cmd/podman/runlabel.go18
-rw-r--r--cmd/podman/search.go9
-rw-r--r--cmd/podman/varlink/io.podman.varlink14
12 files changed, 99 insertions, 61 deletions
diff --git a/cmd/podman/build.go b/cmd/podman/build.go
index 24be9bb46..6e70c6540 100644
--- a/cmd/podman/build.go
+++ b/cmd/podman/build.go
@@ -43,7 +43,7 @@ var (
return buildCmd(&buildCommand)
},
Example: `podman build .
- podman build --cert-dir ~/auth --creds=username:password -t imageName -f Dockerfile.simple .
+ podman build --creds=username:password -t imageName -f Dockerfile.simple .
podman build --layers --force-rm --tag imageName .`,
}
)
@@ -72,6 +72,7 @@ func init() {
flags.AddFlagSet(&budFlags)
flags.AddFlagSet(&layerFlags)
flags.AddFlagSet(&fromAndBugFlags)
+ flags.MarkHidden("signature-policy")
}
func getDockerfiles(files []string) []string {
diff --git a/cmd/podman/common.go b/cmd/podman/common.go
index c0bcaa5c5..5e26d9bfd 100644
--- a/cmd/podman/common.go
+++ b/cmd/podman/common.go
@@ -4,6 +4,7 @@ import (
"context"
"fmt"
"os"
+ "path/filepath"
"strings"
"github.com/containers/buildah"
@@ -163,6 +164,10 @@ func getCreateFlags(c *cliconfig.PodmanCommand) {
"Attach to STDIN, STDOUT or STDERR (default [])",
)
createFlags.String(
+ "authfile", getAuthFile(""),
+ "Path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override",
+ )
+ createFlags.String(
"blkio-weight", "",
"Block IO weight (relative weight) accepts a weight value between 10 and 1000.",
)
@@ -553,7 +558,18 @@ func getAuthFile(authfile string) string {
if authfile != "" {
return authfile
}
- return os.Getenv("REGISTRY_AUTH_FILE")
+ if remote {
+ return ""
+ }
+ authfile = os.Getenv("REGISTRY_AUTH_FILE")
+ if authfile != "" {
+ return authfile
+ }
+ runtimeDir := os.Getenv("XDG_RUNTIME_DIR")
+ if runtimeDir != "" {
+ return filepath.Join(runtimeDir, "containers/auth.json")
+ }
+ return ""
}
// scrubServer removes 'http://' or 'https://' from the front of the
diff --git a/cmd/podman/load.go b/cmd/podman/load.go
index f3bbed48f..0c41eb792 100644
--- a/cmd/podman/load.go
+++ b/cmd/podman/load.go
@@ -40,8 +40,11 @@ func init() {
flags := loadCommand.Flags()
flags.StringVarP(&loadCommand.Input, "input", "i", "", "Read from specified archive file (default: stdin)")
flags.BoolVarP(&loadCommand.Quiet, "quiet", "q", false, "Suppress the output")
- flags.StringVar(&loadCommand.SignaturePolicy, "signature-policy", "", "Pathname of signature policy file (not usually used)")
-
+ // Disabled flags for the remote client
+ if !remote {
+ flags.StringVar(&loadCommand.SignaturePolicy, "signature-policy", "", "Pathname of signature policy file (not usually used)")
+ flags.MarkHidden("signature-policy")
+ }
}
// loadCmd gets the image/file to be loaded from the command line
diff --git a/cmd/podman/login.go b/cmd/podman/login.go
index 6bf148cca..eded2049f 100644
--- a/cmd/podman/login.go
+++ b/cmd/podman/login.go
@@ -32,25 +32,30 @@ var (
return loginCmd(&loginCommand)
},
Example: `podman login -u testuser -p testpassword localhost:5000
- podman login --authfile authdir/myauths.json quay.io
podman login -u testuser -p testpassword localhost:5000`,
}
)
func init() {
+ if !remote {
+ _loginCommand.Example = fmt.Sprintf("%s\n podman login --authfile authdir/myauths.json quay.io", _loginCommand.Example)
+
+ }
loginCommand.Command = _loginCommand
loginCommand.SetHelpTemplate(HelpTemplate())
loginCommand.SetUsageTemplate(UsageTemplate())
flags := loginCommand.Flags()
- flags.StringVar(&loginCommand.Authfile, "authfile", "", "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override")
- flags.StringVar(&loginCommand.CertDir, "cert-dir", "", "Pathname of a directory containing TLS certificates and keys used to connect to the registry")
flags.BoolVar(&loginCommand.GetLogin, "get-login", true, "Return the current login user for the registry")
flags.StringVarP(&loginCommand.Password, "password", "p", "", "Password for registry")
- flags.BoolVar(&loginCommand.TlsVerify, "tls-verify", true, "Require HTTPS and verify certificates when contacting registries")
flags.StringVarP(&loginCommand.Username, "username", "u", "", "Username for registry")
flags.BoolVar(&loginCommand.StdinPassword, "password-stdin", false, "Take the password from stdin")
-
+ // Disabled flags for the remote client
+ if !remote {
+ flags.StringVar(&loginCommand.Authfile, "authfile", getAuthFile(""), "Path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override")
+ flags.StringVar(&loginCommand.CertDir, "cert-dir", "", "Pathname of a directory containing TLS certificates and keys used to connect to the registry")
+ flags.BoolVar(&loginCommand.TlsVerify, "tls-verify", true, "Require HTTPS and verify certificates when contacting registries")
+ }
}
// loginCmd uses the authentication package to store a user's authenticated credentials
@@ -64,9 +69,8 @@ func loginCmd(c *cliconfig.LoginValues) error {
return errors.Errorf("please specify a registry to login to")
}
server := registryFromFullName(scrubServer(args[0]))
- authfile := getAuthFile(c.Authfile)
- sc := image.GetSystemContext("", authfile, false)
+ sc := image.GetSystemContext("", c.Authfile, false)
if c.Flag("tls-verify").Changed {
sc.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!c.TlsVerify)
}
diff --git a/cmd/podman/logout.go b/cmd/podman/logout.go
index ec581a098..5df838bba 100644
--- a/cmd/podman/logout.go
+++ b/cmd/podman/logout.go
@@ -24,20 +24,23 @@ var (
logoutCommand.Remote = remoteclient
return logoutCmd(&logoutCommand)
},
- Example: `podman logout docker.io
- podman logout --authfile authdir/myauths.json docker.io
+ Example: `podman logout quay.io
podman logout --all`,
}
)
func init() {
+ if !remote {
+ _logoutCommand.Example = fmt.Sprintf("%s\n podman logout --authfile authdir/myauths.json quay.io", _logoutCommand.Example)
+
+ }
logoutCommand.Command = _logoutCommand
logoutCommand.SetHelpTemplate(HelpTemplate())
logoutCommand.SetUsageTemplate(UsageTemplate())
flags := logoutCommand.Flags()
flags.BoolVarP(&logoutCommand.All, "all", "a", false, "Remove the cached credentials for all registries in the auth file")
- flags.StringVar(&logoutCommand.Authfile, "authfile", "", "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override")
-
+ flags.StringVar(&logoutCommand.Authfile, "authfile", getAuthFile(""), "Path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override")
+ markFlagHiddenForRemoteClient("authfile", flags)
}
// logoutCmd uses the authentication package to remove the authenticated of a registry
@@ -54,9 +57,8 @@ func logoutCmd(c *cliconfig.LogoutValues) error {
if len(args) == 1 {
server = scrubServer(args[0])
}
- authfile := getAuthFile(c.Authfile)
- sc := image.GetSystemContext("", authfile, false)
+ sc := image.GetSystemContext("", c.Authfile, false)
if c.All {
if err := config.RemoveAllAuthentication(sc); err != nil {
diff --git a/cmd/podman/play_kube.go b/cmd/podman/play_kube.go
index e778bafb9..ed1510a71 100644
--- a/cmd/podman/play_kube.go
+++ b/cmd/podman/play_kube.go
@@ -47,22 +47,28 @@ var (
playKubeCommand.Remote = remoteclient
return playKubeCmd(&playKubeCommand)
},
- Example: `podman play kube demo.yml
- podman play kube --cert-dir /mycertsdir --tls-verify=true --quiet myWebPod`,
+ Example: `podman play kube demo.yml`,
}
)
func init() {
+ if !remote {
+ _playKubeCommand.Example = fmt.Sprintf("%s\n podman play kube --cert-dir /mycertsdir --tls-verify=true --quiet myWebPod", _playKubeCommand.Example)
+ }
playKubeCommand.Command = _playKubeCommand
playKubeCommand.SetHelpTemplate(HelpTemplate())
playKubeCommand.SetUsageTemplate(UsageTemplate())
flags := playKubeCommand.Flags()
- flags.StringVar(&playKubeCommand.Authfile, "authfile", "", "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override")
- flags.StringVar(&playKubeCommand.CertDir, "cert-dir", "", "`Pathname` of a directory containing TLS certificates and keys")
flags.StringVar(&playKubeCommand.Creds, "creds", "", "`Credentials` (USERNAME:PASSWORD) to use for authenticating to a registry")
flags.BoolVarP(&playKubeCommand.Quiet, "quiet", "q", false, "Suppress output information when pulling images")
- flags.StringVar(&playKubeCommand.SignaturePolicy, "signature-policy", "", "`Pathname` of signature policy file (not usually used)")
- flags.BoolVar(&playKubeCommand.TlsVerify, "tls-verify", true, "Require HTTPS and verify certificates when contacting registries")
+ // Disabled flags for the remote client
+ if !remote {
+ flags.StringVar(&playKubeCommand.Authfile, "authfile", getAuthFile(""), "Path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override")
+ flags.StringVar(&playKubeCommand.CertDir, "cert-dir", "", "`Pathname` of a directory containing TLS certificates and keys")
+ flags.StringVar(&playKubeCommand.SignaturePolicy, "signature-policy", "", "`Pathname` of signature policy file (not usually used)")
+ flags.BoolVar(&playKubeCommand.TlsVerify, "tls-verify", true, "Require HTTPS and verify certificates when contacting registries")
+ flags.MarkHidden("signature-policy")
+ }
}
func playKubeCmd(c *cliconfig.KubePlayValues) error {
diff --git a/cmd/podman/pull.go b/cmd/podman/pull.go
index f6a5beb17..115f437d8 100644
--- a/cmd/podman/pull.go
+++ b/cmd/podman/pull.go
@@ -36,28 +36,31 @@ var (
return pullCmd(&pullCommand)
},
Example: `podman pull imageName
- podman pull --cert-dir image/certs --authfile temp-auths/myauths.json docker://docker.io/myrepo/finaltest
podman pull fedora:latest`,
}
)
func init() {
+
+ if !remote {
+ _pullCommand.Example = fmt.Sprintf("%s\n podman pull --cert-dir image/certs --authfile temp-auths/myauths.json docker://docker.io/myrepo/finaltest", _pullCommand.Example)
+
+ }
pullCommand.Command = _pullCommand
pullCommand.SetHelpTemplate(HelpTemplate())
pullCommand.SetUsageTemplate(UsageTemplate())
flags := pullCommand.Flags()
flags.BoolVar(&pullCommand.AllTags, "all-tags", false, "All tagged images in the repository will be pulled")
- flags.StringVar(&pullCommand.CertDir, "cert-dir", "", "`Pathname` of a directory containing TLS certificates and keys")
flags.StringVar(&pullCommand.Creds, "creds", "", "`Credentials` (USERNAME:PASSWORD) to use for authenticating to a registry")
flags.BoolVarP(&pullCommand.Quiet, "quiet", "q", false, "Suppress output information when pulling images")
-
// Disabled flags for the remote client
if !remote {
- flags.StringVar(&pullCommand.Authfile, "authfile", "", "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override")
+ flags.StringVar(&pullCommand.Authfile, "authfile", getAuthFile(""), "Path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override")
+ flags.StringVar(&pullCommand.CertDir, "cert-dir", "", "`Pathname` of a directory containing TLS certificates and keys")
flags.StringVar(&pullCommand.SignaturePolicy, "signature-policy", "", "`Pathname` of signature policy file (not usually used)")
flags.BoolVar(&pullCommand.TlsVerify, "tls-verify", true, "Require HTTPS and verify certificates when contacting registries")
+ flags.MarkHidden("signature-policy")
}
-
}
// pullCmd gets the data from the command line and calls pullImage
@@ -138,8 +141,6 @@ func pullCmd(c *cliconfig.PullValues) (retError error) {
return nil
}
- authfile := getAuthFile(c.String("authfile"))
-
// FIXME: the default pull consults the registries.conf's search registries
// while the all-tags pull does not. This behavior must be fixed in the
// future and span across c/buildah, c/image and c/libpod to avoid redundant
@@ -148,7 +149,7 @@ func pullCmd(c *cliconfig.PullValues) (retError error) {
// See https://bugzilla.redhat.com/show_bug.cgi?id=1701922 for background
// information.
if !c.Bool("all-tags") {
- newImage, err := runtime.New(getContext(), imgArg, c.SignaturePolicy, authfile, writer, &dockerRegistryOptions, image.SigningOptions{}, true, nil)
+ newImage, err := runtime.New(getContext(), imgArg, c.SignaturePolicy, c.Authfile, writer, &dockerRegistryOptions, image.SigningOptions{}, true, nil)
if err != nil {
return errors.Wrapf(err, "error pulling image %q", imgArg)
}
@@ -158,7 +159,7 @@ func pullCmd(c *cliconfig.PullValues) (retError error) {
// FIXME: all-tags should use the libpod backend instead of baking its own bread.
spec := imgArg
- systemContext := image.GetSystemContext("", authfile, false)
+ systemContext := image.GetSystemContext("", c.Authfile, false)
srcRef, err := alltransports.ParseImageName(spec)
if err != nil {
dockerTransport := "docker://"
@@ -186,7 +187,7 @@ func pullCmd(c *cliconfig.PullValues) (retError error) {
var foundIDs []string
foundImage := true
for _, name := range names {
- newImage, err := runtime.New(getContext(), name, c.String("signature-policy"), authfile, writer, &dockerRegistryOptions, image.SigningOptions{}, true, nil)
+ newImage, err := runtime.New(getContext(), name, c.SignaturePolicy, c.Authfile, writer, &dockerRegistryOptions, image.SigningOptions{}, true, nil)
if err != nil {
logrus.Errorf("error pulling image %q", name)
foundImage = false
diff --git a/cmd/podman/push.go b/cmd/podman/push.go
index ee14b15e2..497820156 100644
--- a/cmd/podman/push.go
+++ b/cmd/podman/push.go
@@ -35,18 +35,20 @@ var (
return pushCmd(&pushCommand)
},
Example: `podman push imageID docker://registry.example.com/repository:tag
- podman push imageID oci-archive:/path/to/layout:image:tag
- podman push --authfile temp-auths/myauths.json alpine docker://docker.io/myrepo/alpine`,
+ podman push imageID oci-archive:/path/to/layout:image:tag`,
}
)
func init() {
+ if !remote {
+ _pushCommand.Example = fmt.Sprintf("%s\n podman push --authfile temp-auths/myauths.json alpine docker://docker.io/myrepo/alpine", _pushCommand.Example)
+
+ }
+
pushCommand.Command = _pushCommand
pushCommand.SetHelpTemplate(HelpTemplate())
pushCommand.SetUsageTemplate(UsageTemplate())
flags := pushCommand.Flags()
- flags.MarkHidden("signature-policy")
- flags.StringVar(&pushCommand.CertDir, "cert-dir", "", "`Pathname` of a directory containing TLS certificates and keys")
flags.StringVar(&pushCommand.Creds, "creds", "", "`Credentials` (USERNAME:PASSWORD) to use for authenticating to a registry")
flags.StringVarP(&pushCommand.Format, "format", "f", "", "Manifest type (oci, v2s1, or v2s2) to use when pushing an image using the 'dir:' transport (default is manifest type of source)")
flags.BoolVarP(&pushCommand.Quiet, "quiet", "q", false, "Don't output progress information when pushing images")
@@ -55,10 +57,12 @@ func init() {
// Disabled flags for the remote client
if !remote {
- flags.StringVar(&pushCommand.Authfile, "authfile", "", "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override")
+ flags.StringVar(&pushCommand.Authfile, "authfile", getAuthFile(""), "Path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override")
+ flags.StringVar(&pushCommand.CertDir, "cert-dir", "", "`Pathname` of a directory containing TLS certificates and keys")
flags.BoolVar(&pushCommand.Compress, "compress", false, "Compress tarball image layers when pushing to a directory using the 'dir' transport. (default is same compression type as source)")
flags.StringVar(&pushCommand.SignaturePolicy, "signature-policy", "", "`Pathname` of signature policy file (not usually used)")
flags.BoolVar(&pushCommand.TlsVerify, "tls-verify", true, "Require HTTPS and verify certificates when contacting registries")
+ flags.MarkHidden("signature-policy")
}
}
@@ -138,7 +142,5 @@ func pushCmd(c *cliconfig.PushValues) error {
SignBy: signBy,
}
- authfile := getAuthFile(c.Authfile)
-
- return runtime.Push(getContext(), srcName, destName, manifestType, authfile, c.SignaturePolicy, writer, c.Compress, so, &dockerRegistryOptions, nil)
+ return runtime.Push(getContext(), srcName, destName, manifestType, c.Authfile, c.SignaturePolicy, writer, c.Compress, so, &dockerRegistryOptions, nil)
}
diff --git a/cmd/podman/run.go b/cmd/podman/run.go
index 01b12d282..7d84d716b 100644
--- a/cmd/podman/run.go
+++ b/cmd/podman/run.go
@@ -36,6 +36,8 @@ func init() {
flags.SetInterspersed(false)
flags.Bool("sig-proxy", true, "Proxy received signals to the process")
getCreateFlags(&runCommand.PodmanCommand)
+ markFlagHiddenForRemoteClient("authfile", flags)
+ flags.MarkHidden("signature-policy")
}
func runCmd(c *cliconfig.RunValues) error {
diff --git a/cmd/podman/runlabel.go b/cmd/podman/runlabel.go
index e87b88992..59cbc7aa4 100644
--- a/cmd/podman/runlabel.go
+++ b/cmd/podman/runlabel.go
@@ -45,8 +45,6 @@ func init() {
runlabelCommand.SetHelpTemplate(HelpTemplate())
runlabelCommand.SetUsageTemplate(UsageTemplate())
flags := runlabelCommand.Flags()
- flags.StringVar(&runlabelCommand.Authfile, "authfile", "", "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override")
- flags.StringVar(&runlabelCommand.CertDir, "cert-dir", "", "`Pathname` of a directory containing TLS certificates and keys")
flags.StringVar(&runlabelCommand.Creds, "creds", "", "`Credentials` (USERNAME:PASSWORD) to use for authenticating to a registry")
flags.BoolVar(&runlabelCommand.Display, "display", false, "Preview the command that the label would run")
flags.BoolVar(&runlabelCommand.Replace, "replace", false, "Replace existing container with a new one from the image")
@@ -61,10 +59,17 @@ func init() {
flags.BoolP("pull", "p", false, "Pull the image if it does not exist locally prior to executing the label contents")
flags.BoolVarP(&runlabelCommand.Quiet, "quiet", "q", false, "Suppress output information when installing images")
- flags.StringVar(&runlabelCommand.SignaturePolicy, "signature-policy", "", "`Pathname` of signature policy file (not usually used)")
- flags.BoolVar(&runlabelCommand.TlsVerify, "tls-verify", true, "Require HTTPS and verify certificates when contacting registries")
+ // Disabled flags for the remote client
+ if !remote {
+ flags.StringVar(&runlabelCommand.Authfile, "authfile", getAuthFile(""), "Path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override")
+ flags.StringVar(&runlabelCommand.CertDir, "cert-dir", "", "`Pathname` of a directory containing TLS certificates and keys")
+ flags.StringVar(&runlabelCommand.SignaturePolicy, "signature-policy", "", "`Pathname` of signature policy file (not usually used)")
+ flags.BoolVar(&runlabelCommand.TlsVerify, "tls-verify", true, "Require HTTPS and verify certificates when contacting registries")
- flags.MarkDeprecated("pull", "podman will pull if not found in local storage")
+ flags.MarkDeprecated("pull", "podman will pull if not found in local storage")
+ flags.MarkHidden("signature-policy")
+ }
+ markFlagHiddenForRemoteClient("authfile", flags)
}
// installCmd gets the data from the command line and calls installImage
@@ -137,8 +142,7 @@ func runlabelCmd(c *cliconfig.RunlabelValues) error {
dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!c.TlsVerify)
}
- authfile := getAuthFile(c.Authfile)
- runLabel, imageName, err := shared.GetRunlabel(label, runlabelImage, ctx, runtime, true, c.Creds, dockerRegistryOptions, authfile, c.SignaturePolicy, stdOut)
+ runLabel, imageName, err := shared.GetRunlabel(label, runlabelImage, ctx, runtime, true, c.Creds, dockerRegistryOptions, c.Authfile, c.SignaturePolicy, stdOut)
if err != nil {
return err
}
diff --git a/cmd/podman/search.go b/cmd/podman/search.go
index b236f3055..ba04002f6 100644
--- a/cmd/podman/search.go
+++ b/cmd/podman/search.go
@@ -43,12 +43,15 @@ func init() {
searchCommand.SetHelpTemplate(HelpTemplate())
searchCommand.SetUsageTemplate(UsageTemplate())
flags := searchCommand.Flags()
- flags.StringVar(&searchCommand.Authfile, "authfile", "", "Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json. Use REGISTRY_AUTH_FILE environment variable to override")
flags.StringSliceVarP(&searchCommand.Filter, "filter", "f", []string{}, "Filter output based on conditions provided (default [])")
flags.StringVar(&searchCommand.Format, "format", "", "Change the output format to a Go template")
flags.IntVar(&searchCommand.Limit, "limit", 0, "Limit the number of results")
flags.BoolVar(&searchCommand.NoTrunc, "no-trunc", false, "Do not truncate the output")
- flags.BoolVar(&searchCommand.TlsVerify, "tls-verify", true, "Require HTTPS and verify certificates when contacting registries")
+ // Disabled flags for the remote client
+ if !remote {
+ flags.StringVar(&searchCommand.Authfile, "authfile", getAuthFile(""), "Path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override")
+ flags.BoolVar(&searchCommand.TlsVerify, "tls-verify", true, "Require HTTPS and verify certificates when contacting registries")
+ }
}
func searchCmd(c *cliconfig.SearchValues) error {
@@ -70,7 +73,7 @@ func searchCmd(c *cliconfig.SearchValues) error {
NoTrunc: c.NoTrunc,
Limit: c.Limit,
Filter: *filter,
- Authfile: getAuthFile(c.Authfile),
+ Authfile: c.Authfile,
}
if c.Flag("tls-verify").Changed {
searchOptions.InsecureSkipTLSVerify = types.NewOptionalBool(!c.TlsVerify)
diff --git a/cmd/podman/varlink/io.podman.varlink b/cmd/podman/varlink/io.podman.varlink
index faaecdb6b..ed7b49c68 100644
--- a/cmd/podman/varlink/io.podman.varlink
+++ b/cmd/podman/varlink/io.podman.varlink
@@ -414,7 +414,6 @@ type BuildInfo (
remoteIntermediateCtrs: bool,
reportWriter: string,
runtimeArgs: []string,
- signaturePolicyPath: string,
squash: bool
)
@@ -467,13 +466,9 @@ type PodContainerErrorData (
type Runlabel(
image: string,
authfile: string,
- certDir: string,
- creds: string,
display: bool,
name: string,
pull: bool,
- signaturePolicyPath: string,
- tlsVerify: ?bool,
label: string,
extraArgs: []string,
opts: [string]string
@@ -759,11 +754,10 @@ method InspectImage(name: string) -> (image: string)
# [ImageNotFound](#ImageNotFound) error is returned.
method HistoryImage(name: string) -> (history: []ImageHistory)
-# PushImage takes three input arguments: the name or ID of an image, the fully-qualified destination name of the image,
-# and a boolean as to whether tls-verify should be used (with false disabling TLS, not affecting the default behavior).
+# PushImage takes two input arguments: the name or ID of an image, the fully-qualified destination name of the image,
# It will return an [ImageNotFound](#ImageNotFound) error if
# the image cannot be found in local storage; otherwise it will return a [MoreResponse](#MoreResponse)
-method PushImage(name: string, tag: string, tlsverify: ?bool, signaturePolicy: string, creds: string, certDir: string, compress: bool, format: string, removeSignatures: bool, signBy: string) -> (reply: MoreResponse)
+method PushImage(name: string, tag: string, compress: bool, format: string, removeSignatures: bool, signBy: string) -> (reply: MoreResponse)
# TagImage takes the name or ID of an image in local storage as well as the desired tag name. If the image cannot
# be found, an [ImageNotFound](#ImageNotFound) error will be returned; otherwise, the ID of the image is returned on success.
@@ -784,7 +778,7 @@ method RemoveImage(name: string, force: bool) -> (image: string)
# SearchImages searches available registries for images that contain the
# contents of "query" in their name. If "limit" is given, limits the amount of
# search results per registry.
-method SearchImages(query: string, limit: ?int, tlsVerify: ?bool, filter: ImageSearchFilter) -> (results: []ImageSearchResult)
+method SearchImages(query: string, limit: ?int, filter: ImageSearchFilter) -> (results: []ImageSearchResult)
# DeleteUnusedImages deletes any images not associated with a container. The IDs of the deleted images are returned
# in a string array.
@@ -825,7 +819,7 @@ method ExportImage(name: string, destination: string, compress: bool, tags: []st
# PullImage pulls an image from a repository to local storage. After a successful pull, the image id and logs
# are returned as a [MoreResponse](#MoreResponse). This connection also will handle a WantsMores request to send
# status as it occurs.
-method PullImage(name: string, certDir: string, creds: string, signaturePolicy: string, tlsVerify: ?bool) -> (reply: MoreResponse)
+method PullImage(name: string) -> (reply: MoreResponse)
# CreatePod creates a new empty pod. It uses a [PodCreate](#PodCreate) type for input.
# On success, the ID of the newly created pod will be returned.