Remove manual handling of insecure registries in doPullImage
Instead, just set SystemRegistriesConfPath and let the transport do it. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
This commit is contained in:
		
							parent
							
								
									93e14b6198
								
							
						
					
					
						commit
						e885311641
					
				|  | @ -10,7 +10,6 @@ import ( | ||||||
| 	"github.com/containers/image/directory" | 	"github.com/containers/image/directory" | ||||||
| 	"github.com/containers/image/docker" | 	"github.com/containers/image/docker" | ||||||
| 	dockerarchive "github.com/containers/image/docker/archive" | 	dockerarchive "github.com/containers/image/docker/archive" | ||||||
| 	"github.com/containers/image/docker/reference" |  | ||||||
| 	"github.com/containers/image/docker/tarfile" | 	"github.com/containers/image/docker/tarfile" | ||||||
| 	ociarchive "github.com/containers/image/oci/archive" | 	ociarchive "github.com/containers/image/oci/archive" | ||||||
| 	"github.com/containers/image/pkg/sysregistries" | 	"github.com/containers/image/pkg/sysregistries" | ||||||
|  | @ -19,7 +18,6 @@ import ( | ||||||
| 	"github.com/containers/image/transports/alltransports" | 	"github.com/containers/image/transports/alltransports" | ||||||
| 	"github.com/containers/image/types" | 	"github.com/containers/image/types" | ||||||
| 	"github.com/containers/libpod/pkg/registries" | 	"github.com/containers/libpod/pkg/registries" | ||||||
| 	"github.com/containers/libpod/pkg/util" |  | ||||||
| 	multierror "github.com/hashicorp/go-multierror" | 	multierror "github.com/hashicorp/go-multierror" | ||||||
| 	"github.com/pkg/errors" | 	"github.com/pkg/errors" | ||||||
| 	"github.com/sirupsen/logrus" | 	"github.com/sirupsen/logrus" | ||||||
|  | @ -230,27 +228,12 @@ func (ir *Runtime) doPullImage(ctx context.Context, sc *types.SystemContext, goa | ||||||
| 	} | 	} | ||||||
| 	defer policyContext.Destroy() | 	defer policyContext.Destroy() | ||||||
| 
 | 
 | ||||||
| 	insecureRegistries, err := registries.GetInsecureRegistries() | 	systemRegistriesConfPath := registries.SystemRegistriesConfPath() | ||||||
| 	if err != nil { |  | ||||||
| 		return nil, err |  | ||||||
| 	} |  | ||||||
| 	var images []string | 	var images []string | ||||||
| 	var pullErrors *multierror.Error | 	var pullErrors *multierror.Error | ||||||
| 	for _, imageInfo := range goal.refPairs { | 	for _, imageInfo := range goal.refPairs { | ||||||
| 		copyOptions := getCopyOptions(sc, writer, dockerOptions, nil, signingOptions, "", nil) | 		copyOptions := getCopyOptions(sc, writer, dockerOptions, nil, signingOptions, "", nil) | ||||||
| 		if imageInfo.srcRef.Transport().Name() == DockerTransport { | 		copyOptions.SourceCtx.SystemRegistriesConfPath = systemRegistriesConfPath // FIXME: Set this more globally.  Probably no reason not to have it in every types.SystemContext, and to compute the value just once in one place.
 | ||||||
| 			imgRef := imageInfo.srcRef.DockerReference() |  | ||||||
| 			if imgRef == nil { // This should never happen; such references can’t be created.
 |  | ||||||
| 				return nil, fmt.Errorf("internal error: DockerTransport reference %s does not have a DockerReference", |  | ||||||
| 					transports.ImageName(imageInfo.srcRef)) |  | ||||||
| 			} |  | ||||||
| 			registry := reference.Domain(imgRef) |  | ||||||
| 
 |  | ||||||
| 			if util.StringInSlice(registry, insecureRegistries) && dockerOptions.DockerInsecureSkipTLSVerify != types.OptionalBoolFalse { |  | ||||||
| 				copyOptions.SourceCtx.DockerInsecureSkipTLSVerify = types.OptionalBoolTrue |  | ||||||
| 				logrus.Info(fmt.Sprintf("%s is an insecure registry; pulling with tls-verify=false", registry)) |  | ||||||
| 			} |  | ||||||
| 		} |  | ||||||
| 		// Print the following statement only when pulling from a docker or atomic registry
 | 		// Print the following statement only when pulling from a docker or atomic registry
 | ||||||
| 		if writer != nil && (imageInfo.srcRef.Transport().Name() == DockerTransport || imageInfo.srcRef.Transport().Name() == AtomicTransport) { | 		if writer != nil && (imageInfo.srcRef.Transport().Name() == DockerTransport || imageInfo.srcRef.Transport().Name() == AtomicTransport) { | ||||||
| 			io.WriteString(writer, fmt.Sprintf("Trying to pull %s...", imageInfo.image)) | 			io.WriteString(writer, fmt.Sprintf("Trying to pull %s...", imageInfo.image)) | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue