diff options
| author | Daniel J Walsh <dwalsh@redhat.com> | 2019-05-11 07:26:05 -0400 |
|---|---|---|
| committer | Daniel J Walsh <dwalsh@redhat.com> | 2019-05-20 13:53:32 -0400 |
| commit | baed81029b74c8d801ea9d5cf67a78005472e6ed (patch) | |
| tree | b7c8b61992b18df56558d8dfff744990d18e3e26 /pkg/varlinkapi | |
| parent | 8d5432932d21b6863f813437d649044ca2264a2d (diff) | |
| download | podman-baed81029b74c8d801ea9d5cf67a78005472e6ed.tar.gz podman-baed81029b74c8d801ea9d5cf67a78005472e6ed.tar.bz2 podman-baed81029b74c8d801ea9d5cf67a78005472e6ed.zip | |
Fixup Flags
Mark hidden all references to signature-policy
Default all uses of --authfile
Add --authfile support to podman run and podman create.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'pkg/varlinkapi')
| -rw-r--r-- | pkg/varlinkapi/images.go | 70 |
1 files changed, 14 insertions, 56 deletions
diff --git a/pkg/varlinkapi/images.go b/pkg/varlinkapi/images.go index 20f82a1c6..fa1a0a109 100644 --- a/pkg/varlinkapi/images.go +++ b/pkg/varlinkapi/images.go @@ -188,7 +188,6 @@ func (i *LibpodAPI) BuildImage(call iopodman.VarlinkCall, config iopodman.BuildI RemoveIntermediateCtrs: config.RemoteIntermediateCtrs, ReportWriter: &output, RuntimeArgs: config.RuntimeArgs, - SignaturePolicyPath: config.SignaturePolicyPath, Squash: config.Squash, SystemContext: &systemContext, } @@ -311,10 +310,9 @@ func (i *LibpodAPI) HistoryImage(call iopodman.VarlinkCall, name string) error { } // PushImage pushes an local image to registry -func (i *LibpodAPI) PushImage(call iopodman.VarlinkCall, name, tag string, tlsVerify *bool, signaturePolicy, creds, certDir string, compress bool, format string, removeSignatures bool, signBy string) error { +func (i *LibpodAPI) PushImage(call iopodman.VarlinkCall, name, tag string, compress bool, format string, removeSignatures bool, signBy string) error { var ( - registryCreds *types.DockerAuthConfig - manifestType string + manifestType string ) newImage, err := i.Runtime.ImageRuntime().NewFromLocal(name) if err != nil { @@ -324,20 +322,7 @@ func (i *LibpodAPI) PushImage(call iopodman.VarlinkCall, name, tag string, tlsVe if tag != "" { destname = tag } - if creds != "" { - creds, err := util.ParseRegistryCreds(creds) - if err != nil { - return err - } - registryCreds = creds - } - dockerRegistryOptions := image.DockerRegistryOptions{ - DockerRegistryCreds: registryCreds, - DockerCertPath: certDir, - } - if tlsVerify != nil { - dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!*tlsVerify) - } + dockerRegistryOptions := image.DockerRegistryOptions{} if format != "" { switch format { case "oci": //nolint @@ -362,7 +347,7 @@ func (i *LibpodAPI) PushImage(call iopodman.VarlinkCall, name, tag string, tlsVe output := bytes.NewBuffer([]byte{}) c := make(chan error) go func() { - err := newImage.PushImageToHeuristicDestination(getContext(), destname, manifestType, "", signaturePolicy, output, compress, so, &dockerRegistryOptions, nil) + err := newImage.PushImageToHeuristicDestination(getContext(), destname, manifestType, "", "", output, compress, so, &dockerRegistryOptions, nil) c <- err close(c) }() @@ -439,18 +424,14 @@ func (i *LibpodAPI) RemoveImage(call iopodman.VarlinkCall, name string, force bo // SearchImages searches all registries configured in /etc/containers/registries.conf for an image // Requires an image name and a search limit as int -func (i *LibpodAPI) SearchImages(call iopodman.VarlinkCall, query string, limit *int64, tlsVerify *bool, filter iopodman.ImageSearchFilter) error { +func (i *LibpodAPI) SearchImages(call iopodman.VarlinkCall, query string, limit *int64, filter iopodman.ImageSearchFilter) error { // Transform all arguments to proper types first argLimit := 0 - argTLSVerify := types.OptionalBoolUndefined argIsOfficial := types.OptionalBoolUndefined argIsAutomated := types.OptionalBoolUndefined if limit != nil { argLimit = int(*limit) } - if tlsVerify != nil { - argTLSVerify = types.NewOptionalBool(!*tlsVerify) - } if filter.Is_official != nil { argIsOfficial = types.NewOptionalBool(*filter.Is_official) } @@ -466,9 +447,8 @@ func (i *LibpodAPI) SearchImages(call iopodman.VarlinkCall, query string, limit } searchOptions := image.SearchOptions{ - Limit: argLimit, - Filter: sFilter, - InsecureSkipTLSVerify: argTLSVerify, + Limit: argLimit, + Filter: sFilter, } results, err := image.SearchImages(query, searchOptions) if err != nil { @@ -600,27 +580,11 @@ func (i *LibpodAPI) ExportImage(call iopodman.VarlinkCall, name, destination str } // PullImage pulls an image from a registry to the image store. -func (i *LibpodAPI) PullImage(call iopodman.VarlinkCall, name string, certDir, creds, signaturePolicy string, tlsVerify *bool) error { +func (i *LibpodAPI) PullImage(call iopodman.VarlinkCall, name string) error { var ( - registryCreds *types.DockerAuthConfig - imageID string + imageID string ) - if creds != "" { - creds, err := util.ParseRegistryCreds(creds) - if err != nil { - return err - } - registryCreds = creds - } - - dockerRegistryOptions := image.DockerRegistryOptions{ - DockerRegistryCreds: registryCreds, - DockerCertPath: certDir, - } - if tlsVerify != nil { - dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!*tlsVerify) - } - + dockerRegistryOptions := image.DockerRegistryOptions{} so := image.SigningOptions{} if call.WantsMore() { @@ -634,14 +598,14 @@ func (i *LibpodAPI) PullImage(call iopodman.VarlinkCall, name string, certDir, c if err != nil { c <- errors.Wrapf(err, "error parsing %q", name) } - newImage, err := i.Runtime.ImageRuntime().LoadFromArchiveReference(getContext(), srcRef, signaturePolicy, output) + newImage, err := i.Runtime.ImageRuntime().LoadFromArchiveReference(getContext(), srcRef, "", output) if err != nil { c <- errors.Wrapf(err, "error pulling image from %q", name) } else { imageID = newImage[0].ID() } } else { - newImage, err := i.Runtime.ImageRuntime().New(getContext(), name, signaturePolicy, "", output, &dockerRegistryOptions, so, false, nil) + newImage, err := i.Runtime.ImageRuntime().New(getContext(), name, "", "", output, &dockerRegistryOptions, so, false, nil) if err != nil { c <- errors.Wrapf(err, "unable to pull %s", name) } else { @@ -709,18 +673,12 @@ func (i *LibpodAPI) ImageExists(call iopodman.VarlinkCall, name string) error { // ContainerRunlabel ... func (i *LibpodAPI) ContainerRunlabel(call iopodman.VarlinkCall, input iopodman.Runlabel) error { ctx := getContext() - dockerRegistryOptions := image.DockerRegistryOptions{ - DockerCertPath: input.CertDir, - } - if input.TlsVerify != nil { - dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!*input.TlsVerify) - } - + dockerRegistryOptions := image.DockerRegistryOptions{} stdErr := os.Stderr stdOut := os.Stdout stdIn := os.Stdin - runLabel, imageName, err := shared.GetRunlabel(input.Label, input.Image, ctx, i.Runtime, input.Pull, input.Creds, dockerRegistryOptions, input.Authfile, input.SignaturePolicyPath, nil) + runLabel, imageName, err := shared.GetRunlabel(input.Label, input.Image, ctx, i.Runtime, input.Pull, "", dockerRegistryOptions, input.Authfile, "", nil) if err != nil { return call.ReplyErrorOccurred(err.Error()) } |