From 313e5e83e92f68349d2026fc3f358f237fe93a4a Mon Sep 17 00:00:00 2001 From: baude Date: Mon, 16 Apr 2018 13:39:00 -0500 Subject: regression: tls verify should be set on registries.conf if insecure In the case where podman needs to pull an image, if that registry that the image resides on is known to be insesure (as defined in /etc/containers/registries.conf), tls-verify should be altered on the fly. Signed-off-by: baude Closes: #626 Approved by: mheon --- pkg/registries/registries.go | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 pkg/registries/registries.go (limited to 'pkg') diff --git a/pkg/registries/registries.go b/pkg/registries/registries.go new file mode 100644 index 000000000..8e43c8b91 --- /dev/null +++ b/pkg/registries/registries.go @@ -0,0 +1,37 @@ +package registries + +import ( + "os" + + "github.com/containers/image/pkg/sysregistries" + "github.com/containers/image/types" + "github.com/pkg/errors" +) + +// GetRegistries obtains the list of registries defined in the global registries file. +func GetRegistries() ([]string, error) { + registryConfigPath := "" + envOverride := os.Getenv("REGISTRIES_CONFIG_PATH") + if len(envOverride) > 0 { + registryConfigPath = envOverride + } + searchRegistries, err := sysregistries.GetRegistries(&types.SystemContext{SystemRegistriesConfPath: registryConfigPath}) + if err != nil { + return nil, errors.Wrapf(err, "unable to parse the registries.conf file") + } + return searchRegistries, nil +} + +// GetInsecureRegistries obtains the list of inseure registries from the global registration file. +func GetInsecureRegistries() ([]string, error) { + registryConfigPath := "" + envOverride := os.Getenv("REGISTRIES_CONFIG_PATH") + if len(envOverride) > 0 { + registryConfigPath = envOverride + } + registries, err := sysregistries.GetInsecureRegistries(&types.SystemContext{SystemRegistriesConfPath: registryConfigPath}) + if err != nil { + return nil, errors.Wrapf(err, "unable to parse the registries.conf file") + } + return registries, nil +} -- cgit v1.2.3-54-g00ecf