Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

configure the insecure flag to allow access to registries with self-signed certificate #883

Merged
merged 1 commit into from
Feb 6, 2023
Merged

configure the insecure flag to allow access to registries with self-signed certificate #883

merged 1 commit into from
Feb 6, 2023

Conversation

komish
Copy link
Contributor

@komish komish commented Feb 3, 2023

There's a bit of a behavioral difference in the crane library execution compared to its CLI that causes us to have a bug in how we handle our insecure flag. See google/go-containerregistry#1553 for full context.

In effect, we allowed access to registries available via HTTP, but not HTTPS registries with untrusted certificates.

In testing, I also found a bug where we didn't fully initialize the the CraneEngine by passing it the insecure flag when received by the caller.

This PR resolves both issues.

Signed-off-by: Jose R. Gonzalez jrg@redhat.com

@komish
configure the insecure flag to allow access to registries with self-s…
a03ec5d 
…igned certificate

Signed-off-by: Jose R. Gonzalez <jrg@redhat.com>
@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 3, 2023
@coveralls
Copy link

Coverage Status

Coverage: 81.627% (-0.2%) from 81.809% when pulling a03ec5d on komish:self-signed-certs into 2be289b on redhat-openshift-ecosystem:main.

@dcibot
Copy link

dcibot commented Feb 3, 2023

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Feb 3, 2023
@acornett21
Copy link
Contributor

/lgtm

skattoju
skattoju approved these changes Feb 6, 2023
View reviewed changes
Copy link
Contributor

@skattoju skattoju left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

bcrochet
bcrochet approved these changes Feb 6, 2023
View reviewed changes
Copy link
Contributor

@bcrochet bcrochet left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@openshift-ci
Copy link

openshift-ci bot commented Feb 6, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: acornett21, bcrochet, komish, skattoju

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [acornett21,bcrochet,komish,skattoju]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@bcrochet bcrochet merged commit 3d00049 into redhat-openshift-ecosystem:main Feb 6, 2023
@komish komish deleted the self-signed-certs branch February 6, 2023 14:42
@coveralls
Copy link

Coverage Status

coverage: 73.785% (-0.5%) from 74.327%
when pulling a03ec5d on komish:self-signed-certs
into 2be289b on redhat-openshift-ecosystem:main.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bcrochet bcrochet bcrochet approved these changes

@skattoju skattoju skattoju approved these changes

@acornett21 acornett21 acornett21 approved these changes

@tonytcampbell tonytcampbell Awaiting requested review from tonytcampbell

Assignees

@bcrochet bcrochet

@skattoju skattoju

@acornett21 acornett21

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@komish @coveralls @dcibot @acornett21 @bcrochet @skattoju