From 07287b57839654c9bcc4ee9b64d44eca31edebcf Mon Sep 17 00:00:00 2001 From: juanluisvaladas Date: Fri, 3 May 2019 13:30:19 -0400 Subject: [PATCH] Add --no-creds flag to skopeo inspect Follow PR #433 Close #421 Currently skopeo inspect allows to: Use the default credentials in $HOME/.docker.config Explicitly define credentials via de --creds flag This implements a --no-creds flag which will query docker registries anonymously. Signed-off-by: Qi Wang --- cmd/skopeo/utils.go | 12 ++++++++++++ completions/bash/skopeo | 4 ++++ docs/skopeo-copy.1.md | 4 ++++ docs/skopeo-delete.1.md | 4 +++- docs/skopeo-inspect.1.md | 2 ++ vendor/github.com/kr/pretty/go.mod | 3 +++ vendor/github.com/kr/text/go.mod | 3 +++ vendor/golang.org/x/text/go.mod | 3 +++ 8 files changed, 34 insertions(+), 1 deletion(-) create mode 100644 vendor/github.com/kr/pretty/go.mod create mode 100644 vendor/github.com/kr/text/go.mod create mode 100644 vendor/golang.org/x/text/go.mod diff --git a/cmd/skopeo/utils.go b/cmd/skopeo/utils.go index e6504a2339..df4c48c60c 100644 --- a/cmd/skopeo/utils.go +++ b/cmd/skopeo/utils.go @@ -63,6 +63,7 @@ type imageOptions struct { tlsVerify optionalBool // Require HTTPS and verify certificates (for docker: and docker-daemon:) sharedBlobDir string // A directory to use for OCI blobs, shared across repositories dockerDaemonHost string // docker-daemon: host to connect to + noCreds bool // Access the registry anonymously } // imageFlags prepares a collection of CLI flags writing into imageOptions, and the managed imageOptions structure. @@ -105,6 +106,11 @@ func imageFlags(global *globalOptions, shared *sharedImageOptions, flagPrefix, c Usage: "use docker daemon host at `HOST` (docker-daemon: only)", Destination: &opts.dockerDaemonHost, }, + cli.BoolFlag{ + Name: flagPrefix + "no-creds", + Usage: "Access the registry anonymously", + Destination: &opts.noCreds, + }, }, &opts } @@ -132,6 +138,9 @@ func (opts *imageOptions) newSystemContext() (*types.SystemContext, error) { if opts.tlsVerify.present { ctx.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!opts.tlsVerify.value) } + if opts.credsOption.present && opts.noCreds { + return nil, errors.New("creds and no-creds cannot be specified at the same time") + } if opts.credsOption.present { var err error ctx.DockerAuthConfig, err = getDockerAuth(opts.credsOption.value) @@ -139,6 +148,9 @@ func (opts *imageOptions) newSystemContext() (*types.SystemContext, error) { return nil, err } } + if opts.noCreds { + ctx.DockerAuthConfig = &types.DockerAuthConfig{} + } return ctx, nil } diff --git a/completions/bash/skopeo b/completions/bash/skopeo index d8687cc05f..6ab32e186c 100644 --- a/completions/bash/skopeo +++ b/completions/bash/skopeo @@ -55,6 +55,8 @@ _skopeo_copy() { local boolean_options=" --dest-compress --remove-signatures + --src-no-creds + --dest-no-creds " local transports=" @@ -73,6 +75,7 @@ _skopeo_inspect() { local boolean_options=" --raw --tls-verify + --no-creds " local transports=" @@ -115,6 +118,7 @@ _skopeo_delete() { " local boolean_options=" --tls-verify + --no-creds " local transports=" diff --git a/docs/skopeo-copy.1.md b/docs/skopeo-copy.1.md index dc3552e3af..33eade9a89 100644 --- a/docs/skopeo-copy.1.md +++ b/docs/skopeo-copy.1.md @@ -38,10 +38,14 @@ If the authorization state is not found there, $HOME/.docker/config.json is chec **--src-cert-dir** _path_ Use certificates at _path_ (*.crt, *.cert, *.key) to connect to the source registry or daemon +**--src-no-creds** _bool-value_ Access the registry anonymously. + **--src-tls-verify** _bool-value_ Require HTTPS and verify certificates when talking to container source registry or daemon (defaults to true) **--dest-cert-dir** _path_ Use certificates at _path_ (*.crt, *.cert, *.key) to connect to the destination registry or daemon +**--dest-no-creds** _bool-value_ Access the registry anonymously. + **--dest-ostree-tmp-dir** _path_ Directory to use for OSTree temporary files. **--dest-tls-verify** _bool-value_ Require HTTPS and verify certificates when talking to container destination registry or daemon (defaults to true) diff --git a/docs/skopeo-delete.1.md b/docs/skopeo-delete.1.md index bbd348ceea..2d838825b0 100644 --- a/docs/skopeo-delete.1.md +++ b/docs/skopeo-delete.1.md @@ -1,7 +1,7 @@ % skopeo-delete(1) ## NAME -skopeo\-delete - Mark _image-name_ for deletion. +skopeo\-delete - Mark _image-name_ for deletion. ## SYNOPSIS **skopeo delete** _image-name_ @@ -30,6 +30,8 @@ $ docker exec -it registry /usr/bin/registry garbage-collect /etc/docker-distrib **--tls-verify** _bool-value_ Require HTTPS and verify certificates when talking to container registries (defaults to true) +**--no-creds** _bool-value_ Access the registry anonymously. + Additionally, the registry must allow deletions by setting `REGISTRY_STORAGE_DELETE_ENABLED=true` for the registry daemon. ## EXAMPLES diff --git a/docs/skopeo-inspect.1.md b/docs/skopeo-inspect.1.md index 4c7d94c554..a18e9aaa82 100644 --- a/docs/skopeo-inspect.1.md +++ b/docs/skopeo-inspect.1.md @@ -23,6 +23,8 @@ Return low-level information about _image-name_ in a registry **--tls-verify** _bool-value_ Require HTTPS and verify certificates when talking to container registries (defaults to true) + **--no-creds** _bool-value_ Access the registry anonymously. + ## EXAMPLES To review information for the image fedora from the docker.io registry: diff --git a/vendor/github.com/kr/pretty/go.mod b/vendor/github.com/kr/pretty/go.mod new file mode 100644 index 0000000000..1e29533143 --- /dev/null +++ b/vendor/github.com/kr/pretty/go.mod @@ -0,0 +1,3 @@ +module "github.com/kr/pretty" + +require "github.com/kr/text" v0.1.0 diff --git a/vendor/github.com/kr/text/go.mod b/vendor/github.com/kr/text/go.mod new file mode 100644 index 0000000000..fa0528b9a9 --- /dev/null +++ b/vendor/github.com/kr/text/go.mod @@ -0,0 +1,3 @@ +module "github.com/kr/text" + +require "github.com/kr/pty" v1.1.1 diff --git a/vendor/golang.org/x/text/go.mod b/vendor/golang.org/x/text/go.mod new file mode 100644 index 0000000000..5eb1e8b163 --- /dev/null +++ b/vendor/golang.org/x/text/go.mod @@ -0,0 +1,3 @@ +module golang.org/x/text + +require golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e