Merge pull request #3108 from rhatdan/flags

Fixup Flags

2 files changed, 19 insertions, 92 deletions

diff --git a/pkg/adapter/runtime_remote.go b/pkg/adapter/runtime_remote.go
index e86287462..e0c0898bd 100644
--- a/pkg/adapter/runtime_remote.go
+++ b/pkg/adapter/runtime_remote.go
@@ -182,10 +182,7 @@ func (r *LocalRuntime) NewImageFromLocal(name string) (*ContainerImage, error) {
 // LoadFromArchiveReference creates an image from a local archive
 func (r *LocalRuntime) LoadFromArchiveReference(ctx context.Context, srcRef types.ImageReference, signaturePolicyPath string, writer io.Writer) ([]*ContainerImage, error) {
 	var iid string
-	// TODO We need to find a way to leak certDir, creds, and the tlsverify into this function, normally this would
-	// come from cli options but we don't want want those in here either.
-	tlsverify := true
-	reply, err := iopodman.PullImage().Send(r.Conn, varlink.More, srcRef.DockerReference().String(), "", "", signaturePolicyPath, &tlsverify)
+	reply, err := iopodman.PullImage().Send(r.Conn, varlink.More, srcRef.DockerReference().String())
 	if err != nil {
 		return nil, err
 	}
@@ -217,21 +214,7 @@ func (r *LocalRuntime) New(ctx context.Context, name, signaturePolicyPath, authf
 	if label != nil {
 		return nil, errors.New("the remote client function does not support checking a remote image for a label")
 	}
-	var (
-		tlsVerify    bool
-		tlsVerifyPtr *bool
-	)
-	if dockeroptions.DockerInsecureSkipTLSVerify == types.OptionalBoolFalse {
-		tlsVerify = true
-		tlsVerifyPtr = &tlsVerify
-
-	}
-	if dockeroptions.DockerInsecureSkipTLSVerify == types.OptionalBoolTrue {
-		tlsVerify = false
-		tlsVerifyPtr = &tlsVerify
-	}
-
-	reply, err := iopodman.PullImage().Send(r.Conn, varlink.More, name, dockeroptions.DockerCertPath, "", signaturePolicyPath, tlsVerifyPtr)
+	reply, err := iopodman.PullImage().Send(r.Conn, varlink.More, name)
 	if err != nil {
 		return nil, err
 	}
@@ -429,9 +412,8 @@ func (r *LocalRuntime) Build(ctx context.Context, c *cliconfig.BuildValues, opti
 		Quiet:                  options.Quiet,
 		RemoteIntermediateCtrs: options.RemoveIntermediateCtrs,
 		// ReportWriter:
-		RuntimeArgs:         options.RuntimeArgs,
-		SignaturePolicyPath: options.SignaturePolicyPath,
-		Squash:              options.Squash,
+		RuntimeArgs: options.RuntimeArgs,
+		Squash:      options.Squash,
 	}
 	// tar the file
 	outputFile, err := ioutil.TempFile("", "varlink_tar_send")
@@ -570,20 +552,7 @@ func (r *LocalRuntime) RemoveVolumes(ctx context.Context, c *cliconfig.VolumeRmV
 
 func (r *LocalRuntime) Push(ctx context.Context, srcName, destination, manifestMIMEType, authfile, signaturePolicyPath string, writer io.Writer, forceCompress bool, signingOptions image.SigningOptions, dockerRegistryOptions *image.DockerRegistryOptions, additionalDockerArchiveTags []reference.NamedTagged) error {
 
-	var (
-		tls       *bool
-		tlsVerify bool
-	)
-	if dockerRegistryOptions.DockerInsecureSkipTLSVerify == types.OptionalBoolTrue {
-		tlsVerify = false
-		tls = &tlsVerify
-	}
-	if dockerRegistryOptions.DockerInsecureSkipTLSVerify == types.OptionalBoolFalse {
-		tlsVerify = true
-		tls = &tlsVerify
-	}
-
-	reply, err := iopodman.PushImage().Send(r.Conn, varlink.More, srcName, destination, tls, signaturePolicyPath, "", dockerRegistryOptions.DockerCertPath, forceCompress, manifestMIMEType, signingOptions.RemoveSignatures, signingOptions.SignBy)
+	reply, err := iopodman.PushImage().Send(r.Conn, varlink.More, srcName, destination, forceCompress, manifestMIMEType, signingOptions.RemoveSignatures, signingOptions.SignBy)
 	if err != nil {
 		return err
 	}
diff --git a/pkg/varlinkapi/images.go b/pkg/varlinkapi/images.go
index 20f82a1c6..fa1a0a109 100644
--- a/pkg/varlinkapi/images.go
+++ b/pkg/varlinkapi/images.go
@@ -188,7 +188,6 @@ func (i *LibpodAPI) BuildImage(call iopodman.VarlinkCall, config iopodman.BuildI
 		RemoveIntermediateCtrs:  config.RemoteIntermediateCtrs,
 		ReportWriter:            &output,
 		RuntimeArgs:             config.RuntimeArgs,
-		SignaturePolicyPath:     config.SignaturePolicyPath,
 		Squash:                  config.Squash,
 		SystemContext:           &systemContext,
 	}
@@ -311,10 +310,9 @@ func (i *LibpodAPI) HistoryImage(call iopodman.VarlinkCall, name string) error {
 }
 
 // PushImage pushes an local image to registry
-func (i *LibpodAPI) PushImage(call iopodman.VarlinkCall, name, tag string, tlsVerify *bool, signaturePolicy, creds, certDir string, compress bool, format string, removeSignatures bool, signBy string) error {
+func (i *LibpodAPI) PushImage(call iopodman.VarlinkCall, name, tag string, compress bool, format string, removeSignatures bool, signBy string) error {
 	var (
-		registryCreds *types.DockerAuthConfig
-		manifestType  string
+		manifestType string
 	)
 	newImage, err := i.Runtime.ImageRuntime().NewFromLocal(name)
 	if err != nil {
@@ -324,20 +322,7 @@ func (i *LibpodAPI) PushImage(call iopodman.VarlinkCall, name, tag string, tlsVe
 	if tag != "" {
 		destname = tag
 	}
-	if creds != "" {
-		creds, err := util.ParseRegistryCreds(creds)
-		if err != nil {
-			return err
-		}
-		registryCreds = creds
-	}
-	dockerRegistryOptions := image.DockerRegistryOptions{
-		DockerRegistryCreds: registryCreds,
-		DockerCertPath:      certDir,
-	}
-	if tlsVerify != nil {
-		dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!*tlsVerify)
-	}
+	dockerRegistryOptions := image.DockerRegistryOptions{}
 	if format != "" {
 		switch format {
 		case "oci": //nolint
@@ -362,7 +347,7 @@ func (i *LibpodAPI) PushImage(call iopodman.VarlinkCall, name, tag string, tlsVe
 	output := bytes.NewBuffer([]byte{})
 	c := make(chan error)
 	go func() {
-		err := newImage.PushImageToHeuristicDestination(getContext(), destname, manifestType, "", signaturePolicy, output, compress, so, &dockerRegistryOptions, nil)
+		err := newImage.PushImageToHeuristicDestination(getContext(), destname, manifestType, "", "", output, compress, so, &dockerRegistryOptions, nil)
 		c <- err
 		close(c)
 	}()
@@ -439,18 +424,14 @@ func (i *LibpodAPI) RemoveImage(call iopodman.VarlinkCall, name string, force bo
 
 // SearchImages searches all registries configured in /etc/containers/registries.conf for an image
 // Requires an image name and a search limit as int
-func (i *LibpodAPI) SearchImages(call iopodman.VarlinkCall, query string, limit *int64, tlsVerify *bool, filter iopodman.ImageSearchFilter) error {
+func (i *LibpodAPI) SearchImages(call iopodman.VarlinkCall, query string, limit *int64, filter iopodman.ImageSearchFilter) error {
 	// Transform all arguments to proper types first
 	argLimit := 0
-	argTLSVerify := types.OptionalBoolUndefined
 	argIsOfficial := types.OptionalBoolUndefined
 	argIsAutomated := types.OptionalBoolUndefined
 	if limit != nil {
 		argLimit = int(*limit)
 	}
-	if tlsVerify != nil {
-		argTLSVerify = types.NewOptionalBool(!*tlsVerify)
-	}
 	if filter.Is_official != nil {
 		argIsOfficial = types.NewOptionalBool(*filter.Is_official)
 	}
@@ -466,9 +447,8 @@ func (i *LibpodAPI) SearchImages(call iopodman.VarlinkCall, query string, limit
 	}
 
 	searchOptions := image.SearchOptions{
-		Limit:                 argLimit,
-		Filter:                sFilter,
-		InsecureSkipTLSVerify: argTLSVerify,
+		Limit:  argLimit,
+		Filter: sFilter,
 	}
 	results, err := image.SearchImages(query, searchOptions)
 	if err != nil {
@@ -600,27 +580,11 @@ func (i *LibpodAPI) ExportImage(call iopodman.VarlinkCall, name, destination str
 }
 
 // PullImage pulls an image from a registry to the image store.
-func (i *LibpodAPI) PullImage(call iopodman.VarlinkCall, name string, certDir, creds, signaturePolicy string, tlsVerify *bool) error {
+func (i *LibpodAPI) PullImage(call iopodman.VarlinkCall, name string) error {
 	var (
-		registryCreds *types.DockerAuthConfig
-		imageID       string
+		imageID string
 	)
-	if creds != "" {
-		creds, err := util.ParseRegistryCreds(creds)
-		if err != nil {
-			return err
-		}
-		registryCreds = creds
-	}
-
-	dockerRegistryOptions := image.DockerRegistryOptions{
-		DockerRegistryCreds: registryCreds,
-		DockerCertPath:      certDir,
-	}
-	if tlsVerify != nil {
-		dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!*tlsVerify)
-	}
-
+	dockerRegistryOptions := image.DockerRegistryOptions{}
 	so := image.SigningOptions{}
 
 	if call.WantsMore() {
@@ -634,14 +598,14 @@ func (i *LibpodAPI) PullImage(call iopodman.VarlinkCall, name string, certDir, c
 			if err != nil {
 				c <- errors.Wrapf(err, "error parsing %q", name)
 			}
-			newImage, err := i.Runtime.ImageRuntime().LoadFromArchiveReference(getContext(), srcRef, signaturePolicy, output)
+			newImage, err := i.Runtime.ImageRuntime().LoadFromArchiveReference(getContext(), srcRef, "", output)
 			if err != nil {
 				c <- errors.Wrapf(err, "error pulling image from %q", name)
 			} else {
 				imageID = newImage[0].ID()
 			}
 		} else {
-			newImage, err := i.Runtime.ImageRuntime().New(getContext(), name, signaturePolicy, "", output, &dockerRegistryOptions, so, false, nil)
+			newImage, err := i.Runtime.ImageRuntime().New(getContext(), name, "", "", output, &dockerRegistryOptions, so, false, nil)
 			if err != nil {
 				c <- errors.Wrapf(err, "unable to pull %s", name)
 			} else {
@@ -709,18 +673,12 @@ func (i *LibpodAPI) ImageExists(call iopodman.VarlinkCall, name string) error {
 // ContainerRunlabel ...
 func (i *LibpodAPI) ContainerRunlabel(call iopodman.VarlinkCall, input iopodman.Runlabel) error {
 	ctx := getContext()
-	dockerRegistryOptions := image.DockerRegistryOptions{
-		DockerCertPath: input.CertDir,
-	}
-	if input.TlsVerify != nil {
-		dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!*input.TlsVerify)
-	}
-
+	dockerRegistryOptions := image.DockerRegistryOptions{}
 	stdErr := os.Stderr
 	stdOut := os.Stdout
 	stdIn := os.Stdin
 
-	runLabel, imageName, err := shared.GetRunlabel(input.Label, input.Image, ctx, i.Runtime, input.Pull, input.Creds, dockerRegistryOptions, input.Authfile, input.SignaturePolicyPath, nil)
+	runLabel, imageName, err := shared.GetRunlabel(input.Label, input.Image, ctx, i.Runtime, input.Pull, "", dockerRegistryOptions, input.Authfile, "", nil)
 	if err != nil {
 		return call.ReplyErrorOccurred(err.Error())
 	}