Skip to content

Commit

Permalink
Implement tls-verify switch in libpod API
Browse files Browse the repository at this point in the history
containers#16486

Signed-off-by: Daniel J Walsh <[email protected]>
  • Loading branch information
rhatdan committed Apr 4, 2023
1 parent ac1d297 commit 3ca0c9c
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 1 deletion.
10 changes: 9 additions & 1 deletion pkg/api/handlers/compat/images.go
Original file line number Diff line number Diff line change
Expand Up @@ -260,10 +260,12 @@ func CreateImageFromImage(w http.ResponseWriter, r *http.Request) {

query := struct {
FromImage string `schema:"fromImage"`
Tag string `schema:"tag"`
Platform string `schema:"platform"`
TLSVerify bool `schema:"tlsVerify"`
Tag string `schema:"tag"`
}{
// This is where you can override the golang default value for one of fields
TLSVerify: true,
}
if err := decoder.Decode(&query, r.URL.Query()); err != nil {
utils.Error(w, http.StatusBadRequest, fmt.Errorf("failed to parse parameters for %s: %w", r.URL.String(), err))
Expand Down Expand Up @@ -292,6 +294,12 @@ func CreateImageFromImage(w http.ResponseWriter, r *http.Request) {
}
pullOptions.Writer = os.Stderr // allows for debugging on the server

if utils.IsLibpodRequest(r) {
if _, found := r.URL.Query()["tlsVerify"]; found {
pullOptions.InsecureSkipTLSVerify = types.NewOptionalBool(!query.TLSVerify)
}
}

// Handle the platform.
platformSpecs := strings.Split(query.Platform, "/")
pullOptions.OS = platformSpecs[0] // may be empty
Expand Down
5 changes: 5 additions & 0 deletions test/system/150-login.bats
Original file line number Diff line number Diff line change
Expand Up @@ -229,6 +229,11 @@ function _push_search_test() {
--creds ${PODMAN_LOGIN_USER}:${PODMAN_LOGIN_PASS} \
localhost:${PODMAN_LOGIN_REGISTRY_PORT}/$destname

# Yay! Pull it back
run_podman 125 pull --tls-verify=true \
--creds ${PODMAN_LOGIN_USER}:${PODMAN_LOGIN_PASS} \
localhost:${PODMAN_LOGIN_REGISTRY_PORT}/$destname

# Compare to original image
run_podman inspect --format '{{.Id}}' $destname
is "$output" "$iid" "Image ID of pulled image == original IID"
Expand Down

0 comments on commit 3ca0c9c

Please sign in to comment.