container create: fix --tls-verify parsing

Make sure that the value is only set if specified on the CLI. c/image already defaults to true but if set in the system context, we'd skip settings in the registries.conf. Fixes: #11933 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
author: Valentin Rothberg <rothberg@redhat.com> 2021-10-22 16:07:26 +0200
committer: Valentin Rothberg <rothberg@redhat.com> 2021-10-27 14:36:25 +0200
commit: ff31f2264da1550be97055865dea639eb0882327 (patch)
tree: f3b3c2f81c1825ac9bbce41e9e16279fccc23604 /cmd/podman
parent: 979b6312286b4bd993d7be0413e1e95c4a0bad56 (diff)
download: podman-ff31f2264da1550be97055865dea639eb0882327.tar.gz
podman-ff31f2264da1550be97055865dea639eb0882327.tar.bz2
podman-ff31f2264da1550be97055865dea639eb0882327.zip
2 files changed, 9 insertions, 6 deletions
diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go
index 6270bad16..fbc8fb8ab 100644
--- a/cmd/podman/common/create.go
+++ b/cmd/podman/common/create.go
@@ -5,6 +5,7 @@ import (
 
 	"github.com/containers/common/pkg/auth"
 	"github.com/containers/common/pkg/completion"
+	commonFlag "github.com/containers/common/pkg/flag"
 	"github.com/containers/podman/v3/cmd/podman/registry"
 	"github.com/containers/podman/v3/libpod/define"
 	"github.com/containers/podman/v3/pkg/domain/entities"
@@ -589,12 +590,9 @@ func DefineCreateFlags(cmd *cobra.Command, cf *entities.ContainerCreateOptions,
 		)
 		_ = cmd.RegisterFlagCompletionFunc(timeoutFlagName, completion.AutocompleteNone)
 
-		// Flag for TLS verification, so that `run` and `create` commands can make use of it.
-		// Make sure to use `=` while using this flag i.e `--tls-verify=false/true`
-		tlsVerifyFlagName := "tls-verify"
-		createFlags.BoolVar(
+		commonFlag.OptionalBoolFlag(createFlags,
 			&cf.TLSVerify,
-			tlsVerifyFlagName, true,
+			"tls-verify",
 			"Require HTTPS and verify certificates when contacting registries for pulling images",
 		)
 
diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go
index 3be426ae2..d35c1a192 100644
--- a/cmd/podman/containers/create.go
+++ b/cmd/podman/containers/create.go
@@ -303,6 +303,11 @@ func PullImage(imageName string, cliVals entities.ContainerCreateOptions) (strin
 		}
 	}
 
+	skipTLSVerify := types.OptionalBoolUndefined
+	if cliVals.TLSVerify.Present() {
+		skipTLSVerify = types.NewOptionalBool(!cliVals.TLSVerify.Value())
+	}
+
 	pullReport, pullErr := registry.ImageEngine().Pull(registry.GetContext(), imageName, entities.ImagePullOptions{
 		Authfile:        cliVals.Authfile,
 		Quiet:           cliVals.Quiet,
@@ -311,7 +316,7 @@ func PullImage(imageName string, cliVals entities.ContainerCreateOptions) (strin
 		Variant:         cliVals.Variant,
 		SignaturePolicy: cliVals.SignaturePolicy,
 		PullPolicy:      pullPolicy,
-		SkipTLSVerify:   types.NewOptionalBool(!cliVals.TLSVerify), // If Flag changed for TLS Verification
+		SkipTLSVerify:   skipTLSVerify,
 	})
 	if pullErr != nil {
 		return "", pullErr
author	Valentin Rothberg <rothberg@redhat.com>	2021-10-22 16:07:26 +0200
committer	Valentin Rothberg <rothberg@redhat.com>	2021-10-27 14:36:25 +0200
commit	ff31f2264da1550be97055865dea639eb0882327 (patch)
tree	f3b3c2f81c1825ac9bbce41e9e16279fccc23604 /cmd/podman
parent	979b6312286b4bd993d7be0413e1e95c4a0bad56 (diff)
download	podman-ff31f2264da1550be97055865dea639eb0882327.tar.gz podman-ff31f2264da1550be97055865dea639eb0882327.tar.bz2 podman-ff31f2264da1550be97055865dea639eb0882327.zip