Skip to content

Commit 1c3527b

Browse files
committed
Implement --tls-details for (buildah source ...)
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
1 parent 9cf45fb commit 1c3527b

3 files changed

Lines changed: 62 additions & 13 deletions

File tree

cmd/buildah/source.go

Lines changed: 44 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -5,8 +5,19 @@ import (
55

66
"github.com/containers/buildah/internal/source"
77
"github.com/spf13/cobra"
8+
"go.podman.io/image/v5/pkg/cli/basetls/tlsdetails"
89
)
910

11+
type sourcePullOptions struct {
12+
source.PullOptions
13+
tlsDetails string
14+
}
15+
16+
type sourcePushOptions struct {
17+
source.PushOptions
18+
tlsDetails string
19+
}
20+
1021
var (
1122
// buildah source
1223
sourceDescription = ` Create, push, pull and manage source images and associated source artifacts. A source image contains all source artifacts an ordinary OCI image has been built with. Those artifacts can be any kind of source artifact, such as source RPMs, an entire source tree or text files.
@@ -57,7 +68,7 @@ var (
5768
}
5869

5970
// buildah source pull
60-
sourcePullOptions = source.PullOptions{}
71+
sourcePullOpts = sourcePullOptions{}
6172
sourcePullDescription = ` Pull a source image from a registry to a specified path. The pull operation will fail if the image does not comply with a source-image OCI artifact.
6273
6374
Note that the buildah-source command and all its subcommands are experimental and may be subject to future changes.
@@ -68,13 +79,13 @@ var (
6879
Short: "Pull a source image from a registry to a specified path",
6980
Long: sourcePullDescription,
7081
Example: "buildah source pull quay.io/sourceimage/example:latest /tmp/sourceimage:latest",
71-
RunE: func(_ *cobra.Command, args []string) error {
72-
return source.Pull(context.Background(), args[0], args[1], sourcePullOptions)
82+
RunE: func(c *cobra.Command, args []string) error {
83+
return sourcePullCmd(c, args, sourcePullOpts)
7384
},
7485
}
7586

7687
// buildah source push
77-
sourcePushOptions = source.PushOptions{}
88+
sourcePushOpts = sourcePushOptions{}
7889
sourcePushDescription = ` Push a source image from a specified path to a registry.
7990
8091
Note that the buildah-source command and all its subcommands are experimental and may be subject to future changes.
@@ -85,12 +96,30 @@ var (
8596
Short: "Push a source image from a specified path to a registry",
8697
Long: sourcePushDescription,
8798
Example: "buildah source push /tmp/sourceimage:latest quay.io/sourceimage/example:latest",
88-
RunE: func(_ *cobra.Command, args []string) error {
89-
return source.Push(context.Background(), args[0], args[1], sourcePushOptions)
99+
RunE: func(c *cobra.Command, args []string) error {
100+
return sourcePushCmd(c, args, sourcePushOpts)
90101
},
91102
}
92103
)
93104

105+
func sourcePullCmd(_ *cobra.Command, args []string, opts sourcePullOptions) error {
106+
baseTLSConfig, err := tlsdetails.BaseTLSFromOptionalFile(opts.tlsDetails)
107+
if err != nil {
108+
return err
109+
}
110+
opts.PullOptions.BaseTLSConfig = baseTLSConfig.TLSConfig()
111+
return source.Pull(context.Background(), args[0], args[1], opts.PullOptions)
112+
}
113+
114+
func sourcePushCmd(_ *cobra.Command, args []string, opts sourcePushOptions) error {
115+
baseTLSConfig, err := tlsdetails.BaseTLSFromOptionalFile(opts.tlsDetails)
116+
if err != nil {
117+
return err
118+
}
119+
opts.PushOptions.BaseTLSConfig = baseTLSConfig.TLSConfig()
120+
return source.Push(context.Background(), args[0], args[1], opts.PushOptions)
121+
}
122+
94123
func init() {
95124
// buildah source
96125
sourceCommand.SetUsageTemplate(UsageTemplate())
@@ -113,16 +142,18 @@ func init() {
113142
sourcePullCommand.SetUsageTemplate(UsageTemplate())
114143
sourceCommand.AddCommand(sourcePullCommand)
115144
sourcePullFlags := sourcePullCommand.Flags()
116-
sourcePullFlags.StringVar(&sourcePullOptions.Credentials, "creds", "", "use `[username[:password]]` for accessing the registry")
117-
sourcePullFlags.BoolVar(&sourcePullOptions.TLSVerify, "tls-verify", true, "require HTTPS and verify certificates when accessing the registry")
118-
sourcePullFlags.BoolVarP(&sourcePullOptions.Quiet, "quiet", "q", false, "don't output pull progress information")
145+
sourcePullFlags.StringVar(&sourcePullOpts.PullOptions.Credentials, "creds", "", "use `[username[:password]]` for accessing the registry")
146+
sourcePullFlags.StringVar(&sourcePullOpts.tlsDetails, "tls-details", "", "path to a containers-tls-details.yaml file")
147+
sourcePullFlags.BoolVar(&sourcePullOpts.PullOptions.TLSVerify, "tls-verify", true, "require HTTPS and verify certificates when accessing the registry")
148+
sourcePullFlags.BoolVarP(&sourcePullOpts.PullOptions.Quiet, "quiet", "q", false, "don't output pull progress information")
119149

120150
// buildah source push
121151
sourcePushCommand.SetUsageTemplate(UsageTemplate())
122152
sourceCommand.AddCommand(sourcePushCommand)
123153
sourcePushFlags := sourcePushCommand.Flags()
124-
sourcePushFlags.StringVar(&sourcePushOptions.Credentials, "creds", "", "use `[username[:password]]` for accessing the registry")
125-
sourcePushFlags.StringVar(&sourcePushOptions.DigestFile, "digestfile", "", "after copying the artifact, write the digest of the resulting image to the file")
126-
sourcePushFlags.BoolVar(&sourcePushOptions.TLSVerify, "tls-verify", true, "require HTTPS and verify certificates when accessing the registry")
127-
sourcePushFlags.BoolVarP(&sourcePushOptions.Quiet, "quiet", "q", false, "don't output push progress information")
154+
sourcePushFlags.StringVar(&sourcePushOpts.PushOptions.Credentials, "creds", "", "use `[username[:password]]` for accessing the registry")
155+
sourcePushFlags.StringVar(&sourcePushOpts.PushOptions.DigestFile, "digestfile", "", "after copying the artifact, write the digest of the resulting image to the file")
156+
sourcePushFlags.StringVar(&sourcePushOpts.tlsDetails, "tls-details", "", "path to a containers-tls-details.yaml file")
157+
sourcePushFlags.BoolVar(&sourcePushOpts.PushOptions.TLSVerify, "tls-verify", true, "require HTTPS and verify certificates when accessing the registry")
158+
sourcePushFlags.BoolVarP(&sourcePushOpts.PushOptions.Quiet, "quiet", "q", false, "don't output push progress information")
128159
}

docs/buildah-source-pull.1.md

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,15 @@ value can be entered. The password is entered without echo.
2525

2626
Suppress the progress output when pulling a source image.
2727

28+
**--tls-details** *path*
29+
30+
Path to a `containers-tls-details.yaml(5)` file, affecting TLS behavior throughout the program.
31+
32+
If not set, defaults to a reasonable default that may change over time (depending on system’s global policy,
33+
version of the program, version of the Go language, and the like).
34+
35+
Users should generally not use this option unless they have a process to ensure that the configuration will be kept up to date.
36+
2837
**--tls-verify** *bool-value*
2938

3039
Require HTTPS and verification of certificates when talking to container

docs/buildah-source-push.1.md

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,15 @@ After copying the image, write the digest of the resulting image to the file.
2828

2929
Suppress the progress output when pushing a source image.
3030

31+
**--tls-details** *path*
32+
33+
Path to a `containers-tls-details.yaml(5)` file, affecting TLS behavior throughout the program.
34+
35+
If not set, defaults to a reasonable default that may change over time (depending on system’s global policy,
36+
version of the program, version of the Go language, and the like).
37+
38+
Users should generally not use this option unless they have a process to ensure that the configuration will be kept up to date.
39+
3140
**--tls-verify** *bool-value*
3241

3342
Require HTTPS and verification of certificates when talking to container

0 commit comments

Comments
 (0)