Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add insecure option to support self-signed and HTTP registries #828

Merged
merged 1 commit into from
Nov 10, 2022
Merged

Add insecure option to support self-signed and HTTP registries #828

merged 1 commit into from
Nov 10, 2022

Conversation

bcrochet
Copy link
Contributor

Without this option, crane would always try to verify the TLS certificates of the registry. This would not allow for self-signed certificates, or registries that only use HTTP. In order to support the workflow to start a registry, push to that local registry, and then pull preflight (think CI system), this option is necessary.

This is considered the "official" method for building a local image and testing against it.

Fixes #593

Signed-off-by: Brad P. Crochet brad@redhat.com

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Nov 10, 2022
@bcrochet bcrochet force-pushed the fixes/593 branch 2 times, most recently from 3130828 to 93dcdff Compare November 10, 2022 15:46
@coveralls
Copy link

coveralls commented Nov 10, 2022
edited
Loading

Coverage Status

Coverage increased (+0.004%) to 84.548% when pulling 6a87b36 on bcrochet:fixes/593 into f24ae18 on redhat-openshift-ecosystem:main.

acornett21
acornett21 reviewed Nov 10, 2022
View reviewed changes
docs/RECIPES.md Outdated
```

Note: --submit and --insecure are mutually exclusive. A container cannot be fully
certified and submit unless it is on a secure registry.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
certified and submit unless it is on a secure registry.
certified and submitted unless it is on a secure registry.

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Nov 10, 2022
komish
komish approved these changes Nov 10, 2022
View reviewed changes
Copy link
Contributor

@komish komish left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Comments left but nothing blocking.

/lgtm

@openshift-ci openshift-ci bot removed the lgtm Indicates that a PR is ready to be merged. label Nov 10, 2022
@dcibot
Copy link

dcibot commented Nov 10, 2022

komish
komish approved these changes Nov 10, 2022
View reviewed changes
Copy link
Contributor

@komish komish left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Nov 10, 2022
@openshift-ci openshift-ci bot removed the lgtm Indicates that a PR is ready to be merged. label Nov 10, 2022
@bcrochet
Add insecure option to support self-signed and HTTP registries
6a87b36 
Without this option, crane would always try to verify the TLS
certificates of the registry. This would not allow for self-signed
certificates, or registries that only use HTTP. In order to support
the workflow to start a registry, push to that local registry, and
then pull preflight (think CI system), this option is necessary.

This is considered the "official" method for building a local image
and testing against it.

Fixes redhat-openshift-ecosystem#593

Signed-off-by: Brad P. Crochet <brad@redhat.com>
komish
komish approved these changes Nov 10, 2022
View reviewed changes
Copy link
Contributor

@komish komish left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Nov 10, 2022
@openshift-ci
Copy link

openshift-ci bot commented Nov 10, 2022

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: acornett21, bcrochet, komish

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [acornett21,bcrochet,komish]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@acornett21 acornett21 merged commit 6b403bb into redhat-openshift-ecosystem:main Nov 10, 2022
@dcibot
Copy link

dcibot commented Nov 10, 2022

@bcrochet bcrochet deleted the fixes/593 branch June 6, 2023 17:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@komish komish komish approved these changes

@acornett21 acornett21 acornett21 approved these changes

@skattoju skattoju Awaiting requested review from skattoju

@tonytcampbell tonytcampbell Awaiting requested review from tonytcampbell

Assignees

@komish komish

@acornett21 acornett21

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

check image built locally without pulling it from remote registry
5 participants
@bcrochet @coveralls @dcibot @komish @acornett21