go/ko-build
1
0
Fork 0
mirror of https://github.com/ko-build/ko.git synced 2024-12-12 08:54:09 +02:00
Code Issues Releases Activity

Allow skipping TLS verification while publishing (#65)

Browse Source 
Why this is necessary: when using a local docker registry, users may not
want to support https, or there may be other troubles not allowing
verifiable TLS support.

This commit adds this functionality by adding an `--insecure-registry`
flag.
This commit is contained in:
tanner-bruce 2019-07-24 13:58:10 -04:00 committed by jonjohnsonjr
parent 3a0e70e520
commit 48afd62710
4 changed files with 26 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/commands/options/local.go
View File

@ -22,9 +22,12 @@ import (
type LocalOptions struct { type LocalOptions struct {
// Local publishes images to a local docker daemon. // Local publishes images to a local docker daemon.
Local bool Local bool
InsecureRegistry bool
} }
func AddLocalArg(cmd *cobra.Command, lo *LocalOptions) { func AddLocalArg(cmd *cobra.Command, lo *LocalOptions) {
cmd.Flags().BoolVarP(&lo.Local, "local", "L", lo.Local, cmd.Flags().BoolVarP(&lo.Local, "local", "L", lo.Local,
"Whether to publish images to a local docker daemon vs. a registry.") "Whether to publish images to a local docker daemon vs. a registry.")
cmd.Flags().BoolVar(&lo.InsecureRegistry, "insecure-registry", lo.InsecureRegistry,
"Whether to skip TLS verification on the registry")
} }

3
pkg/commands/resolver.go
View File

@ -99,7 +99,8 @@ func makePublisher(no *options.NameOptions, lo *options.LocalOptions, ta *option
return publish.NewDefault(repoName, return publish.NewDefault(repoName,
publish.WithAuthFromKeychain(authn.DefaultKeychain), publish.WithAuthFromKeychain(authn.DefaultKeychain),
publish.WithNamer(namer), publish.WithNamer(namer),
publish.WithTags(ta.Tags)) publish.WithTags(ta.Tags),
publish.Insecure(lo.InsecureRegistry))
}() }()
if err != nil { if err != nil {
return nil, err return nil, err

20
pkg/publish/default.go
View File

@ -33,6 +33,7 @@ type defalt struct {
auth authn.Authenticator auth authn.Authenticator
namer Namer namer Namer
tags []string tags []string
insecure bool
} }
// Option is a functional option for NewDefault. // Option is a functional option for NewDefault.
@ -44,6 +45,7 @@ type defaultOpener struct {
auth authn.Authenticator auth authn.Authenticator
namer Namer namer Namer
tags []string tags []string
insecure bool
} }
// Namer is a function from a supported import path to the portion of the resulting // Namer is a function from a supported import path to the portion of the resulting
@ -62,11 +64,12 @@ var defaultTags = []string{"latest"}
func (do *defaultOpener) Open() (Interface, error) { func (do *defaultOpener) Open() (Interface, error) {
return &defalt{ return &defalt{
base: do.base, base: do.base,
t: do.t, t: do.t,
auth: do.auth, auth: do.auth,
namer: do.namer, namer: do.namer,
tags: do.tags, tags: do.tags,
insecure: do.insecure,
}, nil }, nil
} }
@ -95,7 +98,12 @@ func (d *defalt) Publish(img v1.Image, s string) (name.Reference, error) {
s = strings.ToLower(s) s = strings.ToLower(s)
for _, tagName := range d.tags { for _, tagName := range d.tags {
tag, err := name.NewTag(fmt.Sprintf("%s/%s:%s", d.base, d.namer(s), tagName))
var os []name.Option
if d.insecure {
os = []name.Option{name.Insecure}
}
tag, err := name.NewTag(fmt.Sprintf("%s/%s:%s", d.base, d.namer(s), tagName), os...)
if err != nil { if err != nil {
return nil, err return nil, err
} }

7
pkg/publish/options.go
View File

@ -80,3 +80,10 @@ func WithTags(tags []string) Option {
return nil return nil
} }
} }
func Insecure(b bool) Option {
return func(i *defaultOpener) error {
i.insecure = b
return nil
}
}