From 2d10471b8da734c57867858e6e8340081ffd921c Mon Sep 17 00:00:00 2001 From: Valentin Rothberg Date: Wed, 29 Apr 2020 15:20:05 +0200 Subject: pull/search options: tls verify -> skip Change the logic in the options from tls-verify to skipping verification. It require a constant brain yoga to translate from doing verification (CLI logic) to skipping it (c/image logic). As the code is using c/image, let's make it consistent. Signed-off-by: Valentin Rothberg --- cmd/podman/images/pull.go | 11 +++++------ cmd/podman/images/search.go | 5 ++--- pkg/bindings/images/images.go | 14 ++++++++------ pkg/domain/entities/images.go | 8 ++++---- pkg/domain/infra/abi/images.go | 4 ++-- 5 files changed, 21 insertions(+), 21 deletions(-) diff --git a/cmd/podman/images/pull.go b/cmd/podman/images/pull.go index f996d0681..fead5f7ed 100644 --- a/cmd/podman/images/pull.go +++ b/cmd/podman/images/pull.go @@ -93,23 +93,22 @@ func pullFlags(flags *pflag.FlagSet) { // imagePull is implement the command for pulling images. func imagePull(cmd *cobra.Command, args []string) error { - pullOptsAPI := pullOptions.ImagePullOptions // TLS verification in c/image is controlled via a `types.OptionalBool` // which allows for distinguishing among set-true, set-false, unspecified // which is important to implement a sane way of dealing with defaults of // boolean CLI flags. if cmd.Flags().Changed("tls-verify") { - pullOptsAPI.TLSVerify = types.NewOptionalBool(pullOptions.TLSVerifyCLI) + pullOptions.SkipTLSVerify = types.NewOptionalBool(!pullOptions.TLSVerifyCLI) } - if pullOptsAPI.Authfile != "" { - if _, err := os.Stat(pullOptsAPI.Authfile); err != nil { - return errors.Wrapf(err, "error getting authfile %s", pullOptsAPI.Authfile) + if pullOptions.Authfile != "" { + if _, err := os.Stat(pullOptions.Authfile); err != nil { + return errors.Wrapf(err, "error getting authfile %s", pullOptions.Authfile) } } // Let's do all the remaining Yoga in the API to prevent us from // scattering logic across (too) many parts of the code. - pullReport, err := registry.ImageEngine().Pull(registry.GetContext(), args[0], pullOptsAPI) + pullReport, err := registry.ImageEngine().Pull(registry.GetContext(), args[0], pullOptions.ImagePullOptions) if err != nil { return err } diff --git a/cmd/podman/images/search.go b/cmd/podman/images/search.go index fdad94d45..df4d83554 100644 --- a/cmd/podman/images/search.go +++ b/cmd/podman/images/search.go @@ -103,16 +103,15 @@ func imageSearch(cmd *cobra.Command, args []string) error { return errors.Errorf("search requires exactly one argument") } - sarchOptsAPI := searchOptions.ImageSearchOptions // TLS verification in c/image is controlled via a `types.OptionalBool` // which allows for distinguishing among set-true, set-false, unspecified // which is important to implement a sane way of dealing with defaults of // boolean CLI flags. if cmd.Flags().Changed("tls-verify") { - sarchOptsAPI.TLSVerify = types.NewOptionalBool(pullOptions.TLSVerifyCLI) + searchOptions.SkipTLSVerify = types.NewOptionalBool(!pullOptions.TLSVerifyCLI) } - searchReport, err := registry.ImageEngine().Search(registry.GetContext(), searchTerm, sarchOptsAPI) + searchReport, err := registry.ImageEngine().Search(registry.GetContext(), searchTerm, searchOptions.ImageSearchOptions) if err != nil { return err } diff --git a/pkg/bindings/images/images.go b/pkg/bindings/images/images.go index 63fe2556b..4d8ae6a6e 100644 --- a/pkg/bindings/images/images.go +++ b/pkg/bindings/images/images.go @@ -273,9 +273,10 @@ func Pull(ctx context.Context, rawImage string, options entities.ImagePullOption params.Set("credentials", options.Credentials) params.Set("overrideArch", options.OverrideArch) params.Set("overrideOS", options.OverrideOS) - if options.TLSVerify != types.OptionalBoolUndefined { - val := bool(options.TLSVerify == types.OptionalBoolTrue) - params.Set("tlsVerify", strconv.FormatBool(val)) + if options.SkipTLSVerify != types.OptionalBoolUndefined { + // Note: we have to verify if skipped is false. + verifyTLS := bool(options.SkipTLSVerify == types.OptionalBoolFalse) + params.Set("tlsVerify", strconv.FormatBool(verifyTLS)) } params.Set("allTags", strconv.FormatBool(options.AllTags)) @@ -334,9 +335,10 @@ func Search(ctx context.Context, term string, opts entities.ImageSearchOptions) params.Set("filters", f) } - if opts.TLSVerify != types.OptionalBoolUndefined { - val := bool(opts.TLSVerify == types.OptionalBoolTrue) - params.Set("tlsVerify", strconv.FormatBool(val)) + if opts.SkipTLSVerify != types.OptionalBoolUndefined { + // Note: we have to verify if skipped is false. + verifyTLS := bool(opts.SkipTLSVerify == types.OptionalBoolFalse) + params.Set("tlsVerify", strconv.FormatBool(verifyTLS)) } response, err := conn.DoRequest(nil, http.MethodGet, "/images/search", params) diff --git a/pkg/domain/entities/images.go b/pkg/domain/entities/images.go index 442b2cf3c..69af365c0 100644 --- a/pkg/domain/entities/images.go +++ b/pkg/domain/entities/images.go @@ -141,8 +141,8 @@ type ImagePullOptions struct { Quiet bool // SignaturePolicy to use when pulling. Ignored for remote calls. SignaturePolicy string - // TLSVerify to enable/disable HTTPS and certificate verification. - TLSVerify types.OptionalBool + // SkipTLSVerify to skip HTTPS and certificate verification. + SkipTLSVerify types.OptionalBool } // ImagePullReport is the response from pulling one or more images. @@ -198,8 +198,8 @@ type ImageSearchOptions struct { Limit int // NoTrunc will not truncate the output. NoTrunc bool - // TLSVerify to enable/disable HTTPS and certificate verification. - TLSVerify types.OptionalBool + // SkipTLSVerify to skip HTTPS and certificate verification. + SkipTLSVerify types.OptionalBool } // ImageSearchReport is the response from searching images. diff --git a/pkg/domain/infra/abi/images.go b/pkg/domain/infra/abi/images.go index d1245a45c..9d6be1b15 100644 --- a/pkg/domain/infra/abi/images.go +++ b/pkg/domain/infra/abi/images.go @@ -118,7 +118,7 @@ func (ir *ImageEngine) Pull(ctx context.Context, rawImage string, options entiti DockerCertPath: options.CertDir, OSChoice: options.OverrideOS, ArchitectureChoice: options.OverrideArch, - DockerInsecureSkipTLSVerify: options.TLSVerify, + DockerInsecureSkipTLSVerify: options.SkipTLSVerify, } if !options.AllTags { @@ -370,7 +370,7 @@ func (ir *ImageEngine) Search(ctx context.Context, term string, opts entities.Im Filter: *filter, Limit: opts.Limit, NoTrunc: opts.NoTrunc, - InsecureSkipTLSVerify: opts.TLSVerify, + InsecureSkipTLSVerify: opts.SkipTLSVerify, } searchResults, err := image.SearchImages(term, searchOpts) -- cgit v1.2.3-54-g00ecf From 5ee3af2d03b595bdff004ec179fc8a38e97cc5fe Mon Sep 17 00:00:00 2001 From: Valentin Rothberg Date: Wed, 29 Apr 2020 16:21:43 +0200 Subject: enable search tests Signed-off-by: Valentin Rothberg --- cmd/podman/images/search.go | 24 ++++++++++++++++-------- test/e2e/search_test.go | 1 - 2 files changed, 16 insertions(+), 9 deletions(-) diff --git a/cmd/podman/images/search.go b/cmd/podman/images/search.go index df4d83554..a8abfb339 100644 --- a/cmd/podman/images/search.go +++ b/cmd/podman/images/search.go @@ -1,6 +1,7 @@ package images import ( + "os" "reflect" "strings" @@ -47,14 +48,15 @@ var ( // Command: podman image search imageSearchCmd = &cobra.Command{ - Use: searchCmd.Use, - Short: searchCmd.Short, - Long: searchCmd.Long, - RunE: searchCmd.RunE, - Args: searchCmd.Args, + Use: searchCmd.Use, + Short: searchCmd.Short, + Long: searchCmd.Long, + RunE: searchCmd.RunE, + Args: searchCmd.Args, + Annotations: searchCmd.Annotations, Example: `podman image search --filter=is-official --limit 3 alpine - podman image search registry.fedoraproject.org/ # only works with v2 registries - podman image search --format "table {{.Index}} {{.Name}}" registry.fedoraproject.org/fedora`, + podman image search registry.fedoraproject.org/ # only works with v2 registries + podman image search --format "table {{.Index}} {{.Name}}" registry.fedoraproject.org/fedora`, } ) @@ -108,7 +110,13 @@ func imageSearch(cmd *cobra.Command, args []string) error { // which is important to implement a sane way of dealing with defaults of // boolean CLI flags. if cmd.Flags().Changed("tls-verify") { - searchOptions.SkipTLSVerify = types.NewOptionalBool(!pullOptions.TLSVerifyCLI) + searchOptions.SkipTLSVerify = types.NewOptionalBool(!searchOptions.TLSVerifyCLI) + } + + if searchOptions.Authfile != "" { + if _, err := os.Stat(searchOptions.Authfile); err != nil { + return errors.Wrapf(err, "error getting authfile %s", searchOptions.Authfile) + } } searchReport, err := registry.ImageEngine().Search(registry.GetContext(), searchTerm, searchOptions.ImageSearchOptions) diff --git a/test/e2e/search_test.go b/test/e2e/search_test.go index 3c64fa05f..9ba0241fe 100644 --- a/test/e2e/search_test.go +++ b/test/e2e/search_test.go @@ -68,7 +68,6 @@ registries = ['{{.Host}}:{{.Port}}']` registryFileTwoTmpl := template.Must(template.New("registryFileTwo").Parse(regFileContents2)) BeforeEach(func() { - Skip(v2fail) tempdir, err = CreateTempDirInTempDir() if err != nil { os.Exit(1) -- cgit v1.2.3-54-g00ecf