diff --git a/cmd/skopeo/copy.go b/cmd/skopeo/copy.go index 27293e74..7fa0c06e 100644 --- a/cmd/skopeo/copy.go +++ b/cmd/skopeo/copy.go @@ -84,20 +84,10 @@ func copyCmd(global *globalOptions) cli.Command { Usage: "Sign the image using a GPG key with the specified `FINGERPRINT`", Destination: &opts.signByFingerprint, }, - cli.StringFlag{ - Name: "src-cert-dir", - Value: "", - Usage: "use certificates at `PATH` (*.crt, *.cert, *.key) to connect to the source registry or daemon", - }, cli.BoolTFlag{ Name: "src-tls-verify", Usage: "require HTTPS and verify certificates when talking to the container source registry or daemon (defaults to true)", }, - cli.StringFlag{ - Name: "dest-cert-dir", - Value: "", - Usage: "use certificates at `PATH` (*.crt, *.cert, *.key) to connect to the destination registry or daemon", - }, cli.BoolTFlag{ Name: "dest-tls-verify", Usage: "require HTTPS and verify certificates when talking to the container destination registry or daemon (defaults to true)", diff --git a/cmd/skopeo/delete.go b/cmd/skopeo/delete.go index d520f8b5..cd321e70 100644 --- a/cmd/skopeo/delete.go +++ b/cmd/skopeo/delete.go @@ -39,11 +39,6 @@ func deleteCmd(global *globalOptions) cli.Command { Name: "authfile", Usage: "path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json", }, - cli.StringFlag{ - Name: "cert-dir", - Value: "", - Usage: "use certificates at `PATH` (*.crt, *.cert, *.key) to connect to the registry", - }, cli.BoolTFlag{ Name: "tls-verify", Usage: "require HTTPS and verify certificates when talking to container registries (defaults to true)", diff --git a/cmd/skopeo/inspect.go b/cmd/skopeo/inspect.go index 6c433919..78085615 100644 --- a/cmd/skopeo/inspect.go +++ b/cmd/skopeo/inspect.go @@ -58,11 +58,6 @@ func inspectCmd(global *globalOptions) cli.Command { Name: "authfile", Usage: "path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json", }, - cli.StringFlag{ - Name: "cert-dir", - Value: "", - Usage: "use certificates at `PATH` (*.crt, *.cert, *.key) to connect to the registry", - }, cli.BoolTFlag{ Name: "tls-verify", Usage: "require HTTPS and verify certificates when talking to container registries (defaults to true)", diff --git a/cmd/skopeo/utils.go b/cmd/skopeo/utils.go index 32a664ff..d298689e 100644 --- a/cmd/skopeo/utils.go +++ b/cmd/skopeo/utils.go @@ -13,9 +13,10 @@ import ( // imageOptions collects CLI flags which are the same across subcommands, but may be different for each image // (e.g. may differ between the source and destination of a copy) type imageOptions struct { - global *globalOptions // May be shared across several imageOptions instances. - flagPrefix string // FIXME: Drop this eventually. - credsOption optionalString // username[:password] for accessing a registry + global *globalOptions // May be shared across several imageOptions instances. + flagPrefix string // FIXME: Drop this eventually. + credsOption optionalString // username[:password] for accessing a registry + dockerCertPath string // A directory using Docker-like *.{crt,cert,key} files for connecting to a registry or a daemon } // imageFlags prepares a collection of CLI flags writing into imageOptions, and the managed imageOptions structure. @@ -38,6 +39,11 @@ func imageFlags(global *globalOptions, flagPrefix, credsOptionAlias string) ([]c Usage: "Use `USERNAME[:PASSWORD]` for accessing the registry", Value: newOptionalStringValue(&opts.credsOption), }, + cli.StringFlag{ + Name: flagPrefix + "cert-dir", + Usage: "use certificates at `PATH` (*.crt, *.cert, *.key) to connect to the registry or daemon", + Destination: &opts.dockerCertPath, + }, }, &opts } @@ -46,13 +52,13 @@ func contextFromImageOptions(c *cli.Context, opts *imageOptions) (*types.SystemC RegistriesDirPath: opts.global.registriesDirPath, ArchitectureChoice: opts.global.overrideArch, OSChoice: opts.global.overrideOS, - DockerCertPath: c.String(opts.flagPrefix + "cert-dir"), + DockerCertPath: opts.dockerCertPath, OSTreeTmpDirPath: c.String(opts.flagPrefix + "ostree-tmp-dir"), OCISharedBlobDirPath: c.String(opts.flagPrefix + "shared-blob-dir"), DirForceCompress: c.Bool(opts.flagPrefix + "compress"), AuthFilePath: c.String("authfile"), DockerDaemonHost: c.String(opts.flagPrefix + "daemon-host"), - DockerDaemonCertPath: c.String(opts.flagPrefix + "cert-dir"), + DockerDaemonCertPath: opts.dockerCertPath, DockerDaemonInsecureSkipTLSVerify: !c.BoolT(opts.flagPrefix + "tls-verify"), } // DEPRECATED: We support this for backward compatibility, but override it if a per-image flag is provided.