fix manifest modify endpoint to respect tlsverify param

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2022-04-27 12:41:15 +02:00 · 2022-04-27 12:41:15 +02:00 · e9599fb1ae
parent 609b52f726
commit e9599fb1ae
2 changed files with 15 additions and 0 deletions
--- a/pkg/api/handlers/libpod/manifests.go
+++ b/pkg/api/handlers/libpod/manifests.go
@ -7,6 +7,7 @@ import (
 	"io/ioutil"
 	"net/http"
 	"net/url"
+	"strconv"
 	"strings"

 	"github.com/containers/image/v5/docker/reference"
@ -372,6 +373,15 @@ func ManifestModify(w http.ResponseWriter, r *http.Request) {
 		return
 	}

+	if tlsVerify, ok := r.URL.Query()["tlsVerify"]; ok {
+		tls, err := strconv.ParseBool(tlsVerify[len(tlsVerify)-1])
+		if err != nil {
+			utils.Error(w, http.StatusBadRequest, fmt.Errorf("tlsVerify param is not a bool: %w", err))
+			return
+		}
+		body.SkipTLSVerify = types.NewOptionalBool(!tls)
+	}
+
 	authconf, authfile, err := auth.GetCredentials(r)
 	if err != nil {
 		utils.Error(w, http.StatusBadRequest, err)
--- a/pkg/api/server/register_manifest.go
+++ b/pkg/api/server/register_manifest.go
@ -116,6 +116,11 @@ func (s *APIServer) registerManifestHandlers(r *mux.Router) error {
 	//    type: string
 	//    required: true
 	//    description: the name or ID of the manifest
+	//  - in: query
+	//    name: tlsVerify
+	//    type: boolean
+	//    default: false
+	//    description: skip TLS verification for registries
 	//  - in: body
 	//    name: options
 	//    description: options for mutating a manifest