-
Notifications
You must be signed in to change notification settings - Fork 66
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add insecure option to support self-signed and HTTP registries #828
Add insecure option to support self-signed and HTTP registries #828
Conversation
3130828
to
93dcdff
Compare
docs/RECIPES.md
Outdated
``` | ||
|
||
Note: --submit and --insecure are mutually exclusive. A container cannot be fully | ||
certified and submit unless it is on a secure registry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
certified and submit unless it is on a secure registry. | |
certified and submitted unless it is on a secure registry. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Comments left but nothing blocking.
/lgtm
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
Without this option, crane would always try to verify the TLS certificates of the registry. This would not allow for self-signed certificates, or registries that only use HTTP. In order to support the workflow to start a registry, push to that local registry, and then pull preflight (think CI system), this option is necessary. This is considered the "official" method for building a local image and testing against it. Fixes redhat-openshift-ecosystem#593 Signed-off-by: Brad P. Crochet <brad@redhat.com>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/lgtm
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: acornett21, bcrochet, komish The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Without this option, crane would always try to verify the TLS certificates of the registry. This would not allow for self-signed certificates, or registries that only use HTTP. In order to support the workflow to start a registry, push to that local registry, and then pull preflight (think CI system), this option is necessary.
This is considered the "official" method for building a local image and testing against it.
Fixes #593
Signed-off-by: Brad P. Crochet brad@redhat.com