Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support connecting to TLS secured docker host #284

Merged
merged 1 commit into from
Jun 8, 2022
Merged

Support connecting to TLS secured docker host #284

merged 1 commit into from
Jun 8, 2022

Conversation

carolynvs
Copy link
Contributor

@carolynvs carolynvs commented Jun 3, 2022
edited

When we create a docker cli instance using just the docker/cli library, some important configuration doesn't happen, namely reading DOCKER_TLS_VERIFY and DOCKER_CERT_PATH. Unlike DOCKER_HOST, these other variables for connecting to a TLS secured docker host are not configured in the main library functions but instead just in the CLI's main package when the flags (for stuff like --tlsverify) are bound.

This means we need to configure this ourselves when using that library. I've added a function that consolidates all the necessary configuration steps to make a docker cli client that is configured the same as if running the docker CLI directly on your computer.

I've tested this manually against a remote docker host secured with a self-signed certificate and I'm able to build, push and run bundles on a the remote host with this fix.

🚨 Since the CI build is broken, this PR is based on top of #285. I'll rebase after that is merged

@carolynvs carolynvs mentioned this pull request Jun 3, 2022
Merged
4 tasks
@carolynvs carolynvs force-pushed the docker-tls branch 3 times, most recently from ccfdc71 to f4dbe1a Compare June 6, 2022 14:46
@carolynvs carolynvs marked this pull request as ready for review June 6, 2022 15:00
@carolynvs carolynvs requested a review from vdice June 6, 2022 15:00
@carolynvs
Copy link
Contributor Author

cc @VinozzZ This is the patch that I'm relying on for getporter/porter#2134

@carolynvs
Support connecting to TLS secured docker host
2e51536 
When we create a docker cli instance using just the docker/cli library,
some important configuration doesn't happen, namely reading
DOCKER_TLS_VERIFY and DOCKER_CERT_PATH. Unlike DOCKER_HOST, these other
variables for connecting to a TLS secured docker host are not configured
in the main library functions but instead just in the CLI's main package
when the flags (for stuff like --tlsverify) are bound.

This means we need to configure this ourselves when using that library.
I've added a function that consolidates all the necessary configuration
steps to make a docker cli client that is configured the same as if
running the docker CLI directly on your computer.

I've tested this manually against a remote docker host secured with a
self-signed certificate and I'm able to build, push and run bundles on a
remote host with this fix.

Signed-off-by: Carolyn Van Slyck <me@carolynvanslyck.com>
@carolynvs
Copy link
Contributor Author

Okay, rebased now that the build is fixed and this is ready for review.

@carolynvs carolynvs merged commit 11a2de4 into cnabio:main Jun 8, 2022
@carolynvs carolynvs deleted the docker-tls branch June 8, 2022 13:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vdice vdice vdice approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@carolynvs @vdice