summaryrefslogtreecommitdiff
path: root/pkg
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2019-02-13 14:08:53 -0700
committerDaniel J Walsh <dwalsh@redhat.com>2019-02-14 14:31:20 -0500
commit5f7d4ee73fdf53f912d7e31c24daf5f4c8a93327 (patch)
tree6296fb8d690872d374450fa5b75d583a62e67b45 /pkg
parentdd82acd8ba02be51ec5fea65584e1f7b2036d7c8 (diff)
downloadpodman-5f7d4ee73fdf53f912d7e31c24daf5f4c8a93327.tar.gz
podman-5f7d4ee73fdf53f912d7e31c24daf5f4c8a93327.tar.bz2
podman-5f7d4ee73fdf53f912d7e31c24daf5f4c8a93327.zip
Add tlsVerify bool to SearchImage for varlink
Cockpit wants to be able to search images on systems without tlsverify turned on. tlsverify should be an optional parameter, if not set then we default to the system defaults defined in /etc/containers/registries.conf. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'pkg')
-rw-r--r--pkg/varlinkapi/images.go21
1 files changed, 12 insertions, 9 deletions
diff --git a/pkg/varlinkapi/images.go b/pkg/varlinkapi/images.go
index 534419f6f..b3090d2dd 100644
--- a/pkg/varlinkapi/images.go
+++ b/pkg/varlinkapi/images.go
@@ -313,7 +313,7 @@ func (i *LibpodAPI) HistoryImage(call iopodman.VarlinkCall, name string) error {
}
// PushImage pushes an local image to registry
-func (i *LibpodAPI) PushImage(call iopodman.VarlinkCall, name, tag string, tlsVerify bool, signaturePolicy, creds, certDir string, compress bool, format string, removeSignatures bool, signBy string) error {
+func (i *LibpodAPI) PushImage(call iopodman.VarlinkCall, name, tag string, tlsVerify *bool, signaturePolicy, creds, certDir string, compress bool, format string, removeSignatures bool, signBy string) error {
var (
registryCreds *types.DockerAuthConfig
manifestType string
@@ -337,8 +337,8 @@ func (i *LibpodAPI) PushImage(call iopodman.VarlinkCall, name, tag string, tlsVe
DockerRegistryCreds: registryCreds,
DockerCertPath: certDir,
}
- if !tlsVerify {
- dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.OptionalBoolTrue
+ if tlsVerify != nil {
+ dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!*tlsVerify)
}
if format != "" {
switch format {
@@ -441,8 +441,11 @@ func (i *LibpodAPI) RemoveImage(call iopodman.VarlinkCall, name string, force bo
// SearchImages searches all registries configured in /etc/containers/registries.conf for an image
// Requires an image name and a search limit as int
-func (i *LibpodAPI) SearchImages(call iopodman.VarlinkCall, query string, limit *int64) error {
+func (i *LibpodAPI) SearchImages(call iopodman.VarlinkCall, query string, limit *int64, tlsVerify *bool) error {
sc := image.GetSystemContext("", "", false)
+ if tlsVerify != nil {
+ sc.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!*tlsVerify)
+ }
registries, err := sysreg.GetRegistries()
if err != nil {
return call.ReplyErrorOccurred(fmt.Sprintf("unable to get system registries: %q", err))
@@ -583,7 +586,7 @@ func (i *LibpodAPI) ExportImage(call iopodman.VarlinkCall, name, destination str
}
// PullImage pulls an image from a registry to the image store.
-func (i *LibpodAPI) PullImage(call iopodman.VarlinkCall, name string, certDir, creds, signaturePolicy string, tlsVerify bool) error {
+func (i *LibpodAPI) PullImage(call iopodman.VarlinkCall, name string, certDir, creds, signaturePolicy string, tlsVerify *bool) error {
var (
registryCreds *types.DockerAuthConfig
imageID string
@@ -600,8 +603,8 @@ func (i *LibpodAPI) PullImage(call iopodman.VarlinkCall, name string, certDir, c
DockerRegistryCreds: registryCreds,
DockerCertPath: certDir,
}
- if tlsVerify {
- dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!tlsVerify)
+ if tlsVerify != nil {
+ dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!*tlsVerify)
}
so := image.SigningOptions{}
@@ -644,8 +647,8 @@ func (i *LibpodAPI) ContainerRunlabel(call iopodman.VarlinkCall, input iopodman.
dockerRegistryOptions := image.DockerRegistryOptions{
DockerCertPath: input.CertDir,
}
- if !input.TlsVerify {
- dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.OptionalBoolTrue
+ if input.TlsVerify != nil {
+ dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!*input.TlsVerify)
}
stdErr := os.Stderr