summaryrefslogtreecommitdiff
path: root/pkg/api/server
diff options
context:
space:
mode:
authorVladimir Kochnev <hashtable@yandex.ru>2022-07-25 16:00:23 +0300
committerMatthew Heon <matthew.heon@pm.me>2022-07-26 14:44:05 -0400
commite6ebfbd1e0106d8ddcf19a1ec3f97052592f49ad (patch)
tree18ee57abaae057fdd78a836ee61dd70a670fa8e8 /pkg/api/server
parent64bc2ee97f2dbcada22cff4364416abb81a3272a (diff)
downloadpodman-e6ebfbd1e0106d8ddcf19a1ec3f97052592f49ad.tar.gz
podman-e6ebfbd1e0106d8ddcf19a1ec3f97052592f49ad.tar.bz2
podman-e6ebfbd1e0106d8ddcf19a1ec3f97052592f49ad.zip
Set TLSVerify=true by default for API endpoints
Option defaults in API must be the same as in CLI. ``` % podman image push --help % podman image pull --help % podman manifest push --help % podman image search --help ``` All of these CLI commands them have --tls-verify=true by default: ``` --tls-verify require HTTPS and verify certificates when accessing the registry (default true) ``` As for `podman image build`, it doesn't have any means to control `tlsVerify` parameter but it must be true by default. Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
Diffstat (limited to 'pkg/api/server')
-rw-r--r--pkg/api/server/register_images.go8
-rw-r--r--pkg/api/server/register_manifest.go10
2 files changed, 9 insertions, 9 deletions
diff --git a/pkg/api/server/register_images.go b/pkg/api/server/register_images.go
index 11ab8cae0..1bfedd77e 100644
--- a/pkg/api/server/register_images.go
+++ b/pkg/api/server/register_images.go
@@ -192,8 +192,8 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// - in: query
// name: tlsVerify
// type: boolean
- // default: false
- // description: skip TLS verification for registries
+ // default: true
+ // description: Require HTTPS and verify signatures when contacting registries.
// - in: query
// name: listTags
// type: boolean
@@ -1120,8 +1120,8 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// - in: query
// name: tlsVerify
// type: boolean
- // default: false
- // description: skip TLS verification for registries
+ // default: true
+ // description: Require HTTPS and verify signatures when contacting registries.
// - in: query
// name: listTags
// type: boolean
diff --git a/pkg/api/server/register_manifest.go b/pkg/api/server/register_manifest.go
index 4fadb92fd..19b507047 100644
--- a/pkg/api/server/register_manifest.go
+++ b/pkg/api/server/register_manifest.go
@@ -69,12 +69,12 @@ func (s *APIServer) registerManifestHandlers(r *mux.Router) error {
// name: all
// description: push all images
// type: boolean
- // default: false
+ // default: true
// - in: query
// name: tlsVerify
// type: boolean
- // default: false
- // description: skip TLS verification for registries
+ // default: true
+ // description: Require HTTPS and verify signatures when contacting registries.
// responses:
// 200:
// schema:
@@ -195,8 +195,8 @@ func (s *APIServer) registerManifestHandlers(r *mux.Router) error {
// - in: query
// name: tlsVerify
// type: boolean
- // default: false
- // description: skip TLS verification for registries
+ // default: true
+ // description: Require HTTPS and verify signatures when contacting registries.
// - in: body
// name: options
// description: options for mutating a manifest