Minimally update for the DockerInsecureSkipTLSVerify type change

Following SystemContext.DockerInsecureSkipTLSVerify, make the DockerRegistryOne also an OptionalBool, and update callers. Explicitly document that --tls-verify=true and --tls-verify unset have different behavior in those commands where the behavior changed (or where it hasn't changed but the documentation needed updating). Also make the --tls-verify man page sections a tiny bit more consistent throughout. This is a minimal fix, without changing the existing "--tls-verify=true" paths nor existing manual insecure registry lookups. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2025-06-17 06:57:43 +08:00 · 2018-12-03 22:15:06 +01:00
parent b70f8b3884
commit b134951d14
16 changed files with 49 additions and 34 deletions
--- a/libpod/image/pull.go
+++ b/libpod/image/pull.go
@ -247,7 +247,7 @@ func (ir *Runtime) doPullImage(ctx context.Context, sc *types.SystemContext, goa
 			registry := reference.Domain(imgRef)

 			if util.StringInSlice(registry, insecureRegistries) && !forceSecure {
-				copyOptions.SourceCtx.DockerInsecureSkipTLSVerify = true
+				copyOptions.SourceCtx.DockerInsecureSkipTLSVerify = types.OptionalBoolTrue
 				logrus.Info(fmt.Sprintf("%s is an insecure registry; pulling with tls-verify=false", registry))
 			}
 		}