Enable to fetch and upload images using HTTP protocol #23
Conversation
Stargzifying an image on a HTTP registry fails when the registry isn't "localhost"(or 127.0.0.1). Recently, go-containerregistry supported to read/write images using HTTP even for fat images. (google/go-containerregistry#567) So we can introduce "insecure" options to fetch and upload images using HTTP by upgrading the module dependencies and using the functionality. Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
stargz/stargzify/stargzify.go
Outdated
| upgrade = flag.Bool("upgrade", false, "upgrade the image in-place by overwriting the tag") | ||
| flatten = flag.Bool("flatten", false, "flatten the image's layers into a single layer") | ||
| insecAll = flag.Bool("insecure", false, "allow connections to all registries using HTTP") | ||
| insecSrc = flag.Bool("insecure-src", false, "allow connections to the source registry using HTTP") |
There was a problem hiding this comment.
Adding --insecure is okay, but the other two are just too many flags.
Let's overload the "input" and "output" non-flag arguments to mean that if they start with "http://", then they're HTTP. (And require --insecure)
There was a problem hiding this comment.
Thank you for your review. I fixed it to use the "input" and "output" arguments to specify HTTP registries.
Overload the "input" and "output" non-flag arguments to mean that if they start with "http://", then they're HTTP. (And require --insecure) Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
stargz/stargzify/stargzify.go
Outdated
| // fetch the image using HTTP protocol. | ||
| opts = append(opts, name.Insecure) | ||
| if *insecure { | ||
| opts = append(opts, name.Insecure) |
There was a problem hiding this comment.
} else { log.Fatal or otherwise blow up and say that's not allowed.
stargz/stargzify/stargzify.go
Outdated
| // "-insecure" option is specified, | ||
| // upload the image using HTTP protocol. | ||
| opts = append(opts, name.Insecure) | ||
| } |
There was a problem hiding this comment.
Pull all this out into a helper func, since it's shared between src and dst?
stargz/stargzify/stargzify.go
Outdated
| upgrade = flag.Bool("upgrade", false, "upgrade the image in-place by overwriting the tag") | ||
| flatten = flag.Bool("flatten", false, "flatten the image's layers into a single layer") | ||
| insecure = flag.Bool("insecure", false, "allow HTTP connections to the registry which has the prefix \"http://\"") | ||
| httpPrefix = "http://" |
There was a problem hiding this comment.
This should be a const, not a var, and it shouldn't be in this var ( ... ) block with the flags.
But really, no need for it to even be a const. Just write it in-line when it's needed once. (if you add a new helper func, it only shows up once.)
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
|
Thank you for your review, I fixed them. |
|
I pushed this with some modifications: aea3638 |
Fixes: #22
Stargzifying an image on the HTTP registry fails when the registry isn't
"localhost"(or 127.0.0.1).
Recently, go-containerregistry supported to read/write images using HTTP even
for fat images. (google/go-containerregistry#567)
So we can introduce "insecure" options to fetch and upload images using HTTP by
upgrading the module dependencies and using the functionality.