From e9599fb1ae49551c51cd1c8f4cb98ef93231d842 Mon Sep 17 00:00:00 2001
From: Paul Holzinger <pholzing@redhat.com>
Date: Wed, 27 Apr 2022 12:41:15 +0200
Subject: fix manifest modify endpoint to respect tlsverify param

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
---
 pkg/api/handlers/libpod/manifests.go | 10 ++++++++++
 pkg/api/server/register_manifest.go  |  5 +++++
 2 files changed, 15 insertions(+)

(limited to 'pkg')

diff --git a/pkg/api/handlers/libpod/manifests.go b/pkg/api/handlers/libpod/manifests.go
index 15d4b9f89..8dc7c57d5 100644
--- a/pkg/api/handlers/libpod/manifests.go
+++ b/pkg/api/handlers/libpod/manifests.go
@@ -7,6 +7,7 @@ import (
 	"io/ioutil"
 	"net/http"
 	"net/url"
+	"strconv"
 	"strings"
 
 	"github.com/containers/image/v5/docker/reference"
@@ -372,6 +373,15 @@ func ManifestModify(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	if tlsVerify, ok := r.URL.Query()["tlsVerify"]; ok {
+		tls, err := strconv.ParseBool(tlsVerify[len(tlsVerify)-1])
+		if err != nil {
+			utils.Error(w, http.StatusBadRequest, fmt.Errorf("tlsVerify param is not a bool: %w", err))
+			return
+		}
+		body.SkipTLSVerify = types.NewOptionalBool(!tls)
+	}
+
 	authconf, authfile, err := auth.GetCredentials(r)
 	if err != nil {
 		utils.Error(w, http.StatusBadRequest, err)
diff --git a/pkg/api/server/register_manifest.go b/pkg/api/server/register_manifest.go
index 50a49bc1e..75ff38bea 100644
--- a/pkg/api/server/register_manifest.go
+++ b/pkg/api/server/register_manifest.go
@@ -116,6 +116,11 @@ func (s *APIServer) registerManifestHandlers(r *mux.Router) error {
 	//    type: string
 	//    required: true
 	//    description: the name or ID of the manifest
+	//  - in: query
+	//    name: tlsVerify
+	//    type: boolean
+	//    default: false
+	//    description: skip TLS verification for registries
 	//  - in: body
 	//    name: options
 	//    description: options for mutating a manifest
-- 
cgit v1.2.3-54-g00ecf