Commits on Apr 10, 2023

1. Do not pull referenced images during build …

   At build time, Porter needs the repository digest of each referenced bundle from porter.yaml. We update the referenced images in the final porter.yaml generated to .cnab/app/porter.yaml with the digest, so that the bundle is "pinned" to a specific image that can't be messed up by a force push over an existing tag for example.
   
   I have updated how we do this so that instead of pulling the entire referenced image, we just call HEAD on the image to get its repository digest.
   
   Signed-off-by: Carolyn Van Slyck <me@carolynvanslyck.com>

   

   carolynvs committed Apr 10, 2023
   Configuration menu

   • View commit details
   • Copy full SHA for 36ed299
   • Browse repository at this point

   Copy the full SHA

   36ed299 View commit details

   Browse the repository at this point in the history

2. Add --insecure-registry to porter build command …

   When porter builds a bundle, we lookup the repository digest of any referenced images. Previously we did that with Pull, which always allowed connections to insecure registries. Now that we are executing a HEAD request instead to get the digest, instead of pulling the image with PullImage, we can be more explicit like we are with the publish commnad.
   
   I have added --insecure-registry to porter build, so that the bundle author can decide when building if they want to allow connections to an insecure registry (http or self-signed certificates).
   
   Signed-off-by: Carolyn Van Slyck <me@carolynvanslyck.com>

   

   carolynvs committed Apr 10, 2023
   Configuration menu

   • View commit details
   • Copy full SHA for 74e196e
   • Browse repository at this point

   Copy the full SHA

   74e196e View commit details

   Browse the repository at this point in the history