diff options
author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2018-12-06 15:28:28 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-12-06 15:28:28 -0800 |
commit | a387c723a90a787a1d35c4a9b3b54347d5c08436 (patch) | |
tree | 7b4ce94ae629d4800c2fc694aafa530003101375 /pkg | |
parent | 71497706e124eaae0f4654278749c1e34a6c209f (diff) | |
parent | 489164fcfa3d897ab9f341249a7873bfd3c7d99e (diff) | |
download | podman-a387c723a90a787a1d35c4a9b3b54347d5c08436.tar.gz podman-a387c723a90a787a1d35c4a9b3b54347d5c08436.tar.bz2 podman-a387c723a90a787a1d35c4a9b3b54347d5c08436.zip |
Merge pull request #1930 from mtrmac/sysregistriesv2
Update c/image for sysregistriesv2 changes and automatic docker:// insecure configuration
Diffstat (limited to 'pkg')
-rw-r--r-- | pkg/registries/registries.go | 39 | ||||
-rw-r--r-- | pkg/varlinkapi/containers_create.go | 2 | ||||
-rw-r--r-- | pkg/varlinkapi/images.go | 19 |
3 files changed, 29 insertions, 31 deletions
diff --git a/pkg/registries/registries.go b/pkg/registries/registries.go index c26f15cb6..cbb8b730c 100644 --- a/pkg/registries/registries.go +++ b/pkg/registries/registries.go @@ -13,21 +13,28 @@ import ( // userRegistriesFile is the path to the per user registry configuration file. var userRegistriesFile = filepath.Join(os.Getenv("HOME"), ".config/containers/registries.conf") -// GetRegistries obtains the list of registries defined in the global registries file. -func GetRegistries() ([]string, error) { - registryConfigPath := "" +// SystemRegistriesConfPath returns an appropriate value for types.SystemContext.SystemRegistriesConfPath +// (possibly "", which is not an error), taking into account rootless mode and environment variable overrides. +// +// FIXME: This should be centralized in a global SystemContext initializer inherited throughout the code, +// not haphazardly called throughout the way it is being called now. +func SystemRegistriesConfPath() string { + if envOverride := os.Getenv("REGISTRIES_CONFIG_PATH"); len(envOverride) > 0 { + return envOverride + } if rootless.IsRootless() { if _, err := os.Stat(userRegistriesFile); err == nil { - registryConfigPath = userRegistriesFile + return userRegistriesFile } } - envOverride := os.Getenv("REGISTRIES_CONFIG_PATH") - if len(envOverride) > 0 { - registryConfigPath = envOverride - } - searchRegistries, err := sysregistries.GetRegistries(&types.SystemContext{SystemRegistriesConfPath: registryConfigPath}) + return "" +} + +// GetRegistries obtains the list of registries defined in the global registries file. +func GetRegistries() ([]string, error) { + searchRegistries, err := sysregistries.GetRegistries(&types.SystemContext{SystemRegistriesConfPath: SystemRegistriesConfPath()}) if err != nil { return nil, errors.Wrapf(err, "unable to parse the registries.conf file") } @@ -36,19 +43,7 @@ func GetRegistries() ([]string, error) { // GetInsecureRegistries obtains the list of insecure registries from the global registration file. func GetInsecureRegistries() ([]string, error) { - registryConfigPath := "" - - if rootless.IsRootless() { - if _, err := os.Stat(userRegistriesFile); err == nil { - registryConfigPath = userRegistriesFile - } - } - - envOverride := os.Getenv("REGISTRIES_CONFIG_PATH") - if len(envOverride) > 0 { - registryConfigPath = envOverride - } - registries, err := sysregistries.GetInsecureRegistries(&types.SystemContext{SystemRegistriesConfPath: registryConfigPath}) + registries, err := sysregistries.GetInsecureRegistries(&types.SystemContext{SystemRegistriesConfPath: SystemRegistriesConfPath()}) if err != nil { return nil, errors.Wrapf(err, "unable to parse the registries.conf file") } diff --git a/pkg/varlinkapi/containers_create.go b/pkg/varlinkapi/containers_create.go index f9a2db9c8..bb6273fd1 100644 --- a/pkg/varlinkapi/containers_create.go +++ b/pkg/varlinkapi/containers_create.go @@ -25,7 +25,7 @@ func (i *LibpodAPI) CreateContainer(call iopodman.VarlinkCall, config iopodman.C rtc := i.Runtime.GetConfig() ctx := getContext() - newImage, err := i.Runtime.ImageRuntime().New(ctx, config.Image, rtc.SignaturePolicyPath, "", os.Stderr, nil, image.SigningOptions{}, false, false) + newImage, err := i.Runtime.ImageRuntime().New(ctx, config.Image, rtc.SignaturePolicyPath, "", os.Stderr, nil, image.SigningOptions{}, false) if err != nil { return call.ReplyErrorOccurred(err.Error()) } diff --git a/pkg/varlinkapi/images.go b/pkg/varlinkapi/images.go index 6d3f19422..cb3b1c73b 100644 --- a/pkg/varlinkapi/images.go +++ b/pkg/varlinkapi/images.go @@ -4,7 +4,6 @@ import ( "bytes" "encoding/json" "fmt" - "github.com/containers/libpod/cmd/podman/shared" "io" "os" "path/filepath" @@ -16,6 +15,7 @@ import ( "github.com/containers/image/docker" "github.com/containers/image/manifest" "github.com/containers/image/types" + "github.com/containers/libpod/cmd/podman/shared" "github.com/containers/libpod/cmd/podman/varlink" "github.com/containers/libpod/libpod" "github.com/containers/libpod/libpod/image" @@ -322,13 +322,14 @@ func (i *LibpodAPI) PushImage(call iopodman.VarlinkCall, name, tag string, tlsVe destname = tag } - dockerRegistryOptions := image.DockerRegistryOptions{ - DockerInsecureSkipTLSVerify: !tlsVerify, + dockerRegistryOptions := image.DockerRegistryOptions{} + if !tlsVerify { + dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.OptionalBoolTrue } so := image.SigningOptions{} - if err := newImage.PushImageToHeuristicDestination(getContext(), destname, "", "", "", nil, false, so, &dockerRegistryOptions, false, nil); err != nil { + if err := newImage.PushImageToHeuristicDestination(getContext(), destname, "", "", "", nil, false, so, &dockerRegistryOptions, nil); err != nil { return call.ReplyErrorOccurred(err.Error()) } return call.ReplyPushImage(newImage.ID()) @@ -488,7 +489,7 @@ func (i *LibpodAPI) ExportImage(call iopodman.VarlinkCall, name, destination str return err } - if err := newImage.PushImageToHeuristicDestination(getContext(), destination, "", "", "", nil, compress, image.SigningOptions{}, &image.DockerRegistryOptions{}, false, additionalTags); err != nil { + if err := newImage.PushImageToHeuristicDestination(getContext(), destination, "", "", "", nil, compress, image.SigningOptions{}, &image.DockerRegistryOptions{}, additionalTags); err != nil { return call.ReplyErrorOccurred(err.Error()) } return call.ReplyExportImage(newImage.ID()) @@ -497,7 +498,7 @@ func (i *LibpodAPI) ExportImage(call iopodman.VarlinkCall, name, destination str // PullImage pulls an image from a registry to the image store. // TODO This implementation is incomplete func (i *LibpodAPI) PullImage(call iopodman.VarlinkCall, name string) error { - newImage, err := i.Runtime.ImageRuntime().New(getContext(), name, "", "", nil, &image.DockerRegistryOptions{}, image.SigningOptions{}, true, false) + newImage, err := i.Runtime.ImageRuntime().New(getContext(), name, "", "", nil, &image.DockerRegistryOptions{}, image.SigningOptions{}, true) if err != nil { return call.ReplyErrorOccurred(fmt.Sprintf("unable to pull %s: %s", name, err.Error())) } @@ -520,8 +521,10 @@ func (i *LibpodAPI) ImageExists(call iopodman.VarlinkCall, name string) error { func (i *LibpodAPI) ContainerRunlabel(call iopodman.VarlinkCall, input iopodman.Runlabel) error { ctx := getContext() dockerRegistryOptions := image.DockerRegistryOptions{ - DockerCertPath: input.CertDir, - DockerInsecureSkipTLSVerify: !input.TlsVerify, + DockerCertPath: input.CertDir, + } + if !input.TlsVerify { + dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.OptionalBoolTrue } stdErr := os.Stderr |