Add insecure flag to push and pull (#634)

* Add insecure flag to pull from insecure registries * Add insecure flag to push to insecure registries * Change Pull and Push functions to Variadic style * Add insecure flag to the documentation
google · Dec 18, 2019 · 34fb8ff · 34fb8ff
1 parent 89259df
commit 34fb8ff
Show file tree

Hide file tree

Showing 14 changed files with 78 additions and 20 deletions.
diff --git a/cmd/crane/cmd/append.go b/cmd/crane/cmd/append.go
@@ -18,6 +18,7 @@ import (
 	"log"
 
 	"github.com/google/go-containerregistry/pkg/crane"
+	"github.com/google/go-containerregistry/pkg/name"
 	"github.com/spf13/cobra"
 )
 
@@ -26,12 +27,18 @@ func init() { Root.AddCommand(NewCmdAppend()) }
 // NewCmdAppend creates a new cobra.Command for the append subcommand.
 func NewCmdAppend() *cobra.Command {
 	var baseRef, newTag, newLayer, outFile string
+	var insecure bool
+
 	appendCmd := &cobra.Command{
 		Use:   "append",
 		Short: "Append contents of a tarball to a remote image",
 		Args:  cobra.NoArgs,
 		Run: func(_ *cobra.Command, args []string) {
-			base, err := crane.Pull(baseRef)
+			options := []name.Option{}
+			if insecure {
+				options = append(options, name.Insecure)
+			}
+			base, err := crane.Pull(baseRef, options...)
 			if err != nil {
 				log.Fatalf("pulling %s: %v", baseRef, err)
 			}
@@ -46,7 +53,7 @@ func NewCmdAppend() *cobra.Command {
 					log.Fatalf("writing output %q: %v", outFile, err)
 				}
 			} else {
-				if err := crane.Push(img, newTag); err != nil {
+				if err := crane.Push(img, newTag, options...); err != nil {
 					log.Fatalf("pushing image %s: %v", newTag, err)
 				}
 			}
@@ -56,6 +63,7 @@ func NewCmdAppend() *cobra.Command {
 	appendCmd.Flags().StringVarP(&newTag, "new_tag", "t", "", "Tag to apply to resulting image")
 	appendCmd.Flags().StringVarP(&newLayer, "new_layer", "f", "", "Path to tarball to append to image")
 	appendCmd.Flags().StringVarP(&outFile, "output", "o", "", "Path to new tarball of resulting image")
+	appendCmd.Flags().BoolVarP(&insecure, "insecure", "i", false, "Allow image references to be fetched without TLS")
 
 	appendCmd.MarkFlagRequired("base")
 	appendCmd.MarkFlagRequired("new_tag")

diff --git a/cmd/crane/cmd/export.go b/cmd/crane/cmd/export.go
@@ -19,14 +19,17 @@ import (
 	"os"
 
 	"github.com/google/go-containerregistry/pkg/crane"
+	"github.com/google/go-containerregistry/pkg/name"
 	"github.com/spf13/cobra"
 )
 
 func init() { Root.AddCommand(NewCmdExport()) }
 
 // NewCmdExport creates a new cobra.Command for the export subcommand.
 func NewCmdExport() *cobra.Command {
-	return &cobra.Command{
+	var insecure bool
+
+	exportCmd := &cobra.Command{
 		Use:   "export IMAGE TARBALL",
 		Short: "Export contents of a remote image as a tarball",
 		Example: `  # Write tarball to stdout
@@ -36,6 +39,10 @@ func NewCmdExport() *cobra.Command {
   crane export ubuntu ubuntu.tar`,
 		Args: cobra.ExactArgs(2),
 		Run: func(_ *cobra.Command, args []string) {
+			options := []name.Option{}
+			if insecure {
+				options = append(options, name.Insecure)
+			}
 			src, dst := args[0], args[1]
 
 			f, err := openFile(dst)
@@ -44,7 +51,7 @@ func NewCmdExport() *cobra.Command {
 			}
 			defer f.Close()
 
-			img, err := crane.Pull(src)
+			img, err := crane.Pull(src, options...)
 			if err != nil {
 				log.Fatal(err)
 			}
@@ -54,6 +61,8 @@ func NewCmdExport() *cobra.Command {
 			}
 		},
 	}
+	exportCmd.Flags().BoolVarP(&insecure, "insecure", "i", false, "Allow image references to be fetched without TLS")
+	return exportCmd
 }
 
 func openFile(s string) (*os.File, error) {

diff --git a/cmd/crane/cmd/pull.go b/cmd/crane/cmd/pull.go
@@ -18,6 +18,7 @@ import (
 	"log"
 
 	"github.com/google/go-containerregistry/pkg/crane"
+	"github.com/google/go-containerregistry/pkg/name"
 	"github.com/google/go-containerregistry/pkg/v1/cache"
 	"github.com/spf13/cobra"
 )
@@ -27,13 +28,19 @@ func init() { Root.AddCommand(NewCmdPull()) }
 // NewCmdPull creates a new cobra.Command for the pull subcommand.
 func NewCmdPull() *cobra.Command {
 	var cachePath string
+	var insecure bool
+
 	pull := &cobra.Command{
 		Use:   "pull IMAGE TARBALL",
 		Short: "Pull a remote image by reference and store its contents in a tarball",
 		Args:  cobra.ExactArgs(2),
 		Run: func(_ *cobra.Command, args []string) {
+			options := []name.Option{}
+			if insecure {
+				options = append(options, name.Insecure)
+			}
 			src, path := args[0], args[1]
-			img, err := crane.Pull(src)
+			img, err := crane.Pull(src, options...)
 			if err != nil {
 				log.Fatal(err)
 			}
@@ -46,5 +53,6 @@ func NewCmdPull() *cobra.Command {
 		},
 	}
 	pull.Flags().StringVarP(&cachePath, "cache_path", "c", "", "Path to cache image layers")
+	pull.Flags().BoolVarP(&insecure, "insecure", "i", false, "Allow image references to be fetched without TLS")
 	return pull
 }
diff --git a/cmd/crane/cmd/push.go b/cmd/crane/cmd/push.go
@@ -18,27 +18,38 @@ import (
 	"log"
 
 	"github.com/google/go-containerregistry/pkg/crane"
+	"github.com/google/go-containerregistry/pkg/name"
 	"github.com/spf13/cobra"
 )
 
 func init() { Root.AddCommand(NewCmdPush()) }
 
 // NewCmdPush creates a new cobra.Command for the push subcommand.
 func NewCmdPush() *cobra.Command {
-	return &cobra.Command{
+	var insecure bool
+
+	pushCmd := &cobra.Command{
 		Use:   "push TARBALL IMAGE",
 		Short: "Push image contents as a tarball to a remote registry",
 		Args:  cobra.ExactArgs(2),
 		Run: func(_ *cobra.Command, args []string) {
+			options := []name.Option{}
+			if insecure {
+				options = append(options, name.Insecure)
+			}
 			path, tag := args[0], args[1]
 			img, err := crane.Load(path)
 			if err != nil {
 				log.Fatalf("loading %s as tarball: %v", path, err)
 			}
 
-			if err := crane.Push(img, tag); err != nil {
+			if err := crane.Push(img, tag, options...); err != nil {
 				log.Fatalf("pushing %s: %v", tag, err)
 			}
 		},
 	}
+
+	pushCmd.Flags().BoolVarP(&insecure, "insecure", "i", false, "Allow image references to be pushed without TLS")
+
+	return pushCmd
 }
diff --git a/cmd/crane/cmd/rebase.go b/cmd/crane/cmd/rebase.go
@@ -19,6 +19,7 @@ import (
 	"log"
 
 	"github.com/google/go-containerregistry/pkg/crane"
+	"github.com/google/go-containerregistry/pkg/name"
 	"github.com/google/go-containerregistry/pkg/v1/mutate"
 	"github.com/spf13/cobra"
 )
@@ -28,22 +29,28 @@ func init() { Root.AddCommand(NewCmdRebase()) }
 // NewCmdRebase creates a new cobra.Command for the rebase subcommand.
 func NewCmdRebase() *cobra.Command {
 	var orig, oldBase, newBase, rebased string
+	var insecure bool
+
 	rebaseCmd := &cobra.Command{
 		Use:   "rebase",
 		Short: "Rebase an image onto a new base image",
 		Args:  cobra.NoArgs,
 		Run: func(*cobra.Command, []string) {
-			origImg, err := crane.Pull(orig)
+			options := []name.Option{}
+			if insecure {
+				options = append(options, name.Insecure)
+			}
+			origImg, err := crane.Pull(orig, options...)
 			if err != nil {
 				log.Fatalf("pulling %s: %v", orig, err)
 			}
 
-			oldBaseImg, err := crane.Pull(oldBase)
+			oldBaseImg, err := crane.Pull(oldBase, options...)
 			if err != nil {
 				log.Fatalf("pulling %s: %v", oldBase, err)
 			}
 
-			newBaseImg, err := crane.Pull(newBase)
+			newBaseImg, err := crane.Pull(newBase, options...)
 			if err != nil {
 				log.Fatalf("pulling %s: %v", newBase, err)
 			}
@@ -53,7 +60,7 @@ func NewCmdRebase() *cobra.Command {
 				log.Fatalf("rebasing: %v", err)
 			}
 
-			if err := crane.Push(img, rebased); err != nil {
+			if err := crane.Push(img, rebased, options...); err != nil {
 				log.Fatalf("pushing %s: %v", rebased, err)
 			}
 
@@ -68,6 +75,7 @@ func NewCmdRebase() *cobra.Command {
 	rebaseCmd.Flags().StringVarP(&oldBase, "old_base", "", "", "Old base image to remove")
 	rebaseCmd.Flags().StringVarP(&newBase, "new_base", "", "", "New base image to insert")
 	rebaseCmd.Flags().StringVarP(&rebased, "rebased", "", "", "Tag to apply to rebased image")
+	rebaseCmd.Flags().BoolVarP(&insecure, "insecure", "i", false, "Allow image references to be fetched without TLS")
 
 	rebaseCmd.MarkFlagRequired("original")
 	rebaseCmd.MarkFlagRequired("old_base")

diff --git a/cmd/crane/cmd/validate.go b/cmd/crane/cmd/validate.go
@@ -19,6 +19,7 @@ import (
 	"log"
 
 	"github.com/google/go-containerregistry/pkg/crane"
+	"github.com/google/go-containerregistry/pkg/name"
 	v1 "github.com/google/go-containerregistry/pkg/v1"
 	"github.com/google/go-containerregistry/pkg/v1/tarball"
 	"github.com/google/go-containerregistry/pkg/v1/validate"
@@ -30,19 +31,25 @@ func init() { Root.AddCommand(NewCmdValidate()) }
 // NewCmdValidate creates a new cobra.Command for the validate subcommand.
 func NewCmdValidate() *cobra.Command {
 	var tarballPath, remoteRef string
+	var insecure bool
+
 	validateCmd := &cobra.Command{
 		Use:   "validate",
 		Short: "Validate that an image is well-formed",
 		Args:  cobra.ExactArgs(0),
 		Run: func(_ *cobra.Command, args []string) {
-			for flag, maker := range map[string]func(string) (v1.Image, error){
+			options := []name.Option{}
+			if insecure {
+				options = append(options, name.Insecure)
+			}
+			for flag, maker := range map[string]func(string, ...name.Option) (v1.Image, error){
 				tarballPath: makeTarball,
 				remoteRef:   crane.Pull,
 			} {
 				if flag == "" {
 					continue
 				}
-				img, err := maker(flag)
+				img, err := maker(flag, options...)
 				if err != nil {
 					log.Fatalf("failed to read image %s: %v", flag, err)
 				}
@@ -57,10 +64,11 @@ func NewCmdValidate() *cobra.Command {
 	}
 	validateCmd.Flags().StringVar(&tarballPath, "tarball", "", "Path to tarball to validate")
 	validateCmd.Flags().StringVar(&remoteRef, "remote", "", "Name of remote image to validate")
+	validateCmd.Flags().BoolVarP(&insecure, "insecure", "i", false, "Allow image references to be fetched without TLS")
 
 	return validateCmd
 }
 
-func makeTarball(path string) (v1.Image, error) {
+func makeTarball(path string, opts ...name.Option) (v1.Image, error) {
 	return tarball.ImageFromPath(path, nil)
 }
diff --git a/cmd/crane/doc/crane_append.md b/cmd/crane/doc/crane_append.md
diff --git a/cmd/crane/doc/crane_export.md b/cmd/crane/doc/crane_export.md
diff --git a/cmd/crane/doc/crane_pull.md b/cmd/crane/doc/crane_pull.md
diff --git a/cmd/crane/doc/crane_push.md b/cmd/crane/doc/crane_push.md
diff --git a/cmd/crane/doc/crane_rebase.md b/cmd/crane/doc/crane_rebase.md
diff --git a/cmd/crane/doc/crane_validate.md b/cmd/crane/doc/crane_validate.md
diff --git a/pkg/crane/pull.go b/pkg/crane/pull.go
@@ -30,8 +30,8 @@ import (
 const iWasADigestTag = "i-was-a-digest"
 
 // Pull returns a v1.Image of the remote image src.
-func Pull(src string) (v1.Image, error) {
-	ref, err := name.ParseReference(src)
+func Pull(src string, opts ...name.Option) (v1.Image, error) {
+	ref, err := name.ParseReference(src, opts...)
 	if err != nil {
 		return nil, fmt.Errorf("parsing tag %q: %v", src, err)
 	}

diff --git a/pkg/crane/push.go b/pkg/crane/push.go
@@ -31,8 +31,8 @@ func Load(path string) (v1.Image, error) {
 }
 
 // Push pushes the v1.Image img to a registry as dst.
-func Push(img v1.Image, dst string) error {
-	tag, err := name.NewTag(dst)
+func Push(img v1.Image, dst string, options ...name.Option) error {
+	tag, err := name.NewTag(dst, options...)
 	if err != nil {
 		return fmt.Errorf("parsing tag %q: %v", dst, err)
 	}