Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for client certificates #223

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add support for client certificates #223

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions main.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,10 @@ var (
username string
password string

tlsCACert string
tlsCert string
tlsKey string

debug bool
)

Expand Down Expand Up @@ -73,6 +77,10 @@ func main() {
p.FlagSet.StringVar(&password, "password", "", "password for the registry")
p.FlagSet.StringVar(&password, "p", "", "password for the registry")

p.FlagSet.StringVar(&tlsCACert, "tlscacert", "", "Trust certs signed only by this CA")
p.FlagSet.StringVar(&tlsCert, "tlscert", "", "Path to TLS certificate file")
p.FlagSet.StringVar(&tlsKey, "tlskey", "", "Path to TLS key file")

p.FlagSet.BoolVar(&debug, "d", false, "enable debug logging")

// Set the before function.
Expand Down Expand Up @@ -122,6 +130,9 @@ func createRegistryClient(ctx context.Context, domain string) (*registry.Registr
logrus.Infof("domain: %s", domain)
logrus.Infof("server address: %s", auth.ServerAddress)
return registry.New(ctx, auth, registry.Opt{
CAFile: tlsCACert,
CertFile: tlsCert,
KeyFile: tlsKey,
Domain: domain,
Insecure: insecure,
Debug: debug,
Expand Down
15 changes: 15 additions & 0 deletions registry/registry.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,12 +14,14 @@ import (
"github.com/docker/distribution/manifest/manifestlist"
"github.com/docker/distribution/manifest/schema2"
"github.com/docker/docker/api/types"
"github.com/docker/go-connections/tlsconfig"
)

// Registry defines the client for retrieving information from the registry API.
type Registry struct {
URL string
Domain string
Insecure bool
Username string
Password string
Client *http.Client
Expand All @@ -43,6 +45,9 @@ func Log(format string, args ...interface{}) {
// Opt holds the options for a new registry.
type Opt struct {
Domain string
CAFile string
CertFile string
KeyFile string
Insecure bool
Debug bool
SkipPing bool
Expand All @@ -61,6 +66,16 @@ func New(ctx context.Context, auth types.AuthConfig, opt Opt) (*Registry, error)
InsecureSkipVerify: true,
},
}
} else {
tlsClientConfig, _ := tlsconfig.Client(
tlsconfig.Options{
CAFile: opt.CAFile,
CertFile: opt.CertFile,
KeyFile: opt.KeyFile,
})
transport = &http.Transport{
TLSClientConfig: tlsClientConfig,
}
}

return newFromTransport(ctx, auth, transport, opt)
Expand Down