This repository was archived by the owner on Mar 27, 2024. It is now read-only.
Add two options to handle self-signed certificates registries#327
Merged
nkubala merged 1 commit intoGoogleContainerTools:masterfrom Mar 27, 2020
antechrestos:feature/allow_self_signed_certificates
Merged
Add two options to handle self-signed certificates registries#327nkubala merged 1 commit intoGoogleContainerTools:masterfrom antechrestos:feature/allow_self_signed_certificates
nkubala merged 1 commit intoGoogleContainerTools:masterfrom
antechrestos:feature/allow_self_signed_certificates
Conversation
nkubala
suggested changes
Feb 26, 2020
Contributor
nkubala
left a comment
nkubala
left a comment
There was a problem hiding this comment.
hey @antechrestos, thanks for the contribution! added some feedback here, once it's addressed I'll have another look and then merge
Comment on lines
+45
to
+47
| for registry := range registriesToCertificates { | ||
| tlsConfiguration.registriesCertificates[registry] = registriesToCertificates[registry] | ||
| } |
Contributor
There was a problem hiding this comment.
can we not just set tlsConfig.certifiedRegistries = certifiedRegistries?
Contributor
Author
There was a problem hiding this comment.
It was to force a copy and ensure a immutable pattern. I am open minded on this point
Contributor
Author
|
@nkubala Thank you for your feedback. |
Contributor
Author
|
@nkubala are you ok with the changes? Let me know if you're ok with letting opened the last discussion |
* 'skip-tls-verify-registry <registry name>' will skip tls verification for given registry name * 'registry-certificate <registry name>=<path to the certificate>' will give certificate for the given registry. This might be usefull for self-signed certificates Fixes #326
nkubala
approved these changes
Mar 27, 2020
Contributor
|
@antechrestos thanks for the contribution! |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Two options:
skip-tls-verify-registry <registry name>will skip tls verification for given registry nameregistry-certificate <registry name>=<path to the certificate>will give certificate for the given registryFixes #326