From 0e58ec74747ac7fbb0dccd364765b83b212657c9 Mon Sep 17 00:00:00 2001
From: baude <bbaude@redhat.com>
Date: Wed, 9 May 2018 12:04:28 -0500
Subject: podman push should honor registries.conf

Like podman pull, when you push an image, podman should check
if the registry is listed as insecure and if so, it should
--tls-verify=false unless the user overrides this.

Signed-off-by: baude <bbaude@redhat.com>

Closes: #738
Approved by: mheon
---
 cmd/podman/push.go | 7 ++++++-
 cmd/podman/save.go | 2 +-
 2 files changed, 7 insertions(+), 2 deletions(-)

(limited to 'cmd')

diff --git a/cmd/podman/push.go b/cmd/podman/push.go
index dc1894ebb..272c49e32 100644
--- a/cmd/podman/push.go
+++ b/cmd/podman/push.go
@@ -80,6 +80,7 @@ func pushCmd(c *cli.Context) error {
 	var (
 		registryCreds *types.DockerAuthConfig
 		destName      string
+		forceSecure   bool
 	)
 
 	args := c.Args()
@@ -143,6 +144,10 @@ func pushCmd(c *cli.Context) error {
 		}
 	}
 
+	if c.IsSet("tls-verify") {
+		forceSecure = c.Bool("tls-verify")
+	}
+
 	dockerRegistryOptions := image.DockerRegistryOptions{
 		DockerRegistryCreds:         registryCreds,
 		DockerCertPath:              certPath,
@@ -160,5 +165,5 @@ func pushCmd(c *cli.Context) error {
 	}
 
 	//return runtime.PushImage(srcName, destName, options)
-	return newImage.PushImage(getContext(), destName, manifestType, c.String("authfile"), c.String("signature-policy"), writer, c.Bool("compress"), so, &dockerRegistryOptions)
+	return newImage.PushImage(getContext(), destName, manifestType, c.String("authfile"), c.String("signature-policy"), writer, c.Bool("compress"), so, &dockerRegistryOptions, forceSecure)
 }
diff --git a/cmd/podman/save.go b/cmd/podman/save.go
index ce82b588a..c3e87f145 100644
--- a/cmd/podman/save.go
+++ b/cmd/podman/save.go
@@ -121,7 +121,7 @@ func saveCmd(c *cli.Context) error {
 		if err != nil {
 			return err
 		}
-		if err := newImage.PushImage(getContext(), dest, manifestType, "", "", writer, c.Bool("compress"), libpodImage.SigningOptions{}, &libpodImage.DockerRegistryOptions{}); err != nil {
+		if err := newImage.PushImage(getContext(), dest, manifestType, "", "", writer, c.Bool("compress"), libpodImage.SigningOptions{}, &libpodImage.DockerRegistryOptions{}, false); err != nil {
 			if err2 := os.Remove(output); err2 != nil {
 				logrus.Errorf("error deleting %q: %v", output, err)
 			}
-- 
cgit v1.2.3-54-g00ecf