mirror of
https://github.com/containers/podman.git
synced 2025-05-30 07:04:03 +08:00
b9313d355e
Add --override-arch and --override-os as hidden flags, in line with the global flag names that skopeo uses, so that we can test behavior around manifest lists without having to conditionalize more of it by arch. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
68 lines
2.8 KiB
Go
68 lines
2.8 KiB
Go
package image
|
|
|
|
import (
|
|
"fmt"
|
|
|
|
"github.com/containers/image/v5/docker/reference"
|
|
"github.com/containers/image/v5/types"
|
|
|
|
podmanVersion "github.com/containers/libpod/version"
|
|
)
|
|
|
|
// DockerRegistryOptions encapsulates settings that affect how we connect or
|
|
// authenticate to a remote registry.
|
|
type DockerRegistryOptions struct {
|
|
// DockerRegistryCreds is the user name and password to supply in case
|
|
// we need to pull an image from a registry, and it requires us to
|
|
// authenticate.
|
|
DockerRegistryCreds *types.DockerAuthConfig
|
|
// DockerCertPath is the location of a directory containing CA
|
|
// certificates which will be used to verify the registry's certificate
|
|
// (all files with names ending in ".crt"), and possibly client
|
|
// certificates and private keys (pairs of files with the same name,
|
|
// except for ".cert" and ".key" suffixes).
|
|
DockerCertPath string
|
|
// DockerInsecureSkipTLSVerify turns off verification of TLS
|
|
// certificates and allows connecting to registries without encryption
|
|
// - or forces it on even if registries.conf has the registry configured as insecure.
|
|
DockerInsecureSkipTLSVerify types.OptionalBool
|
|
// If not "", overrides the use of platform.GOOS when choosing an image or verifying OS match.
|
|
OSChoice string
|
|
// If not "", overrides the use of platform.GOARCH when choosing an image or verifying architecture match.
|
|
ArchitectureChoice string
|
|
}
|
|
|
|
// GetSystemContext constructs a new system context from a parent context. the values in the DockerRegistryOptions, and other parameters.
|
|
func (o DockerRegistryOptions) GetSystemContext(parent *types.SystemContext, additionalDockerArchiveTags []reference.NamedTagged) *types.SystemContext {
|
|
sc := &types.SystemContext{
|
|
DockerAuthConfig: o.DockerRegistryCreds,
|
|
DockerCertPath: o.DockerCertPath,
|
|
DockerInsecureSkipTLSVerify: o.DockerInsecureSkipTLSVerify,
|
|
DockerArchiveAdditionalTags: additionalDockerArchiveTags,
|
|
OSChoice: o.OSChoice,
|
|
ArchitectureChoice: o.ArchitectureChoice,
|
|
}
|
|
if parent != nil {
|
|
sc.SignaturePolicyPath = parent.SignaturePolicyPath
|
|
sc.AuthFilePath = parent.AuthFilePath
|
|
sc.DirForceCompress = parent.DirForceCompress
|
|
sc.DockerRegistryUserAgent = parent.DockerRegistryUserAgent
|
|
sc.OSChoice = parent.OSChoice
|
|
sc.ArchitectureChoice = parent.ArchitectureChoice
|
|
}
|
|
return sc
|
|
}
|
|
|
|
// GetSystemContext Constructs a new containers/image/types.SystemContext{} struct from the given signaturePolicy path
|
|
func GetSystemContext(signaturePolicyPath, authFilePath string, forceCompress bool) *types.SystemContext {
|
|
sc := &types.SystemContext{}
|
|
if signaturePolicyPath != "" {
|
|
sc.SignaturePolicyPath = signaturePolicyPath
|
|
}
|
|
sc.AuthFilePath = authFilePath
|
|
sc.DirForceCompress = forceCompress
|
|
sc.DockerRegistryUserAgent = fmt.Sprintf("libpod/%s", podmanVersion.Version)
|
|
|
|
return sc
|
|
}
|