Extend the flags of the manifest add command#7576
Merged
openshift-merge-robot merged 4 commits intocontainers:masterfrom Sep 10, 2020
Merged
Extend the flags of the manifest add command#7576openshift-merge-robot merged 4 commits intocontainers:masterfrom
manifest add command#7576openshift-merge-robot merged 4 commits intocontainers:masterfrom
Conversation
Extend the flags of `podman manifest add` to include also: * cert-dir * auth-file * creds * tls-verify These options are useful when adding to a manifest an image that is not part of the local image store. The image resides on a remote registry that falls into one of these cases: it's not using tls termination, it requires authentication or it's secured with an unknown tls certificate. Consider the following scenario: a multi architecture manifest is created as part of a multi-step CI pipeline running in a containerized way. All the images referenced by the manifest live inside of a registry secured with a self-signed tls certificate. Without this patch the manifest creation step would have to pull all the multi-architecture images locally via `podman pull`. With this patch the usage of `podman pull` would not be needed because the images' digests can be requested straight to the registry. That means the execution of manifest creation step would be faster and result in less disk space and network bandwidth being used. Finally, this is a propagation of a similar fix done inside of buildah via containers/buildah#2593 Signed-off-by: Flavio Castelli <fcastelli@suse.com>
Prior to this commit the value of the `--cert-dir` flag specified for `podman manifest push` was not handled by the internal code. That resulted in `podman manifest push` not reading the certificates stored inside of the directory specified by the user. Signed-off-by: Flavio Castelli <fcastelli@suse.com>
Ensure all the flags are covered by the man page. Signed-off-by: Flavio Castelli <fcastelli@suse.com>
Ensure the new flags added to `manifest add` are known to bash completion. Signed-off-by: Flavio Castelli <fcastelli@suse.com>
Contributor
Author
|
/assign @TomSweeneyRedHat |
Member
|
LGTM |
Member
|
/approve |
Collaborator
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: flavio, rhatdan The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
Member
|
/lgtm |
github-actions
bot
added
the
locked - please file new issue/PR
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR is a propagation of containers/buildah#2593 as required by this comment.
On top of extending the
manifest addflags, the PR also fixes a minor issue with themanifest pushcommand: the value provided by users via thecert-dirflag wasn't actually be used by the code.