Differentiate, again, between (skopeo --tls-verify subcommand)
and (skope subcommand --tls-verify), by
- using a "local" Corba flag for the (skopeo --tls-verify ...) variant
- adding separate --tls-verify flags to subcommands that only accept
them as legacy, available through deprecatedTLSVerifyFlags
(unlike the non-legacy path of dockerImageFlags());
- using TraverseChildren: true; this causes the global and
per-subcommand flags to be treated separately by Corba,
i.e. they no longer happen to share the "Hidden" flag
and Corba actually sets the right flag variable now.
So, we can now warn on (skopeo --tls-verify command) again,
and --help lists the flag correctly (it is hidden at the
global level, and in subcommands like copy that deprecated it,
but visible in subcommands like inspect where it's not deprecated).
NOTE: This removes --tls-verify from (skopeo manifest-digest) and
the three signing commands; it never made sense there. This change
could, in principle, break some users.
Also update man pages to match.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
This is the script that runs 'skopeo COMMAND --help' and
cross-checks that all the option flags are documented
in man pages, and vice-versa (all options listed in man
pages appear in COMMAND's --help message).
Copied from podman, with changes for skopeo-land (removing
the rst checks, and conforming to skopeo conventions).
Signed-off-by: Ed Santiago <santiago@redhat.com>
Add new script, hack/man-page-checker, copied from podman. Run it
in 'make validate-local' target.
This is NOT the checker requested in #1332 (verify that flags
listed in 'skopeo foo --help' are documented in man pages and
vice-versa). This is a much simpler script that merely looks
for very basic typos or discrepancies between skopeo.1.md
and skopeo-foo.1.md.
The next part (cross-checking flags) is in progress but will
require a huge number of changes to the man pages. I'm submitting
this now because it's easy to review.
Signed-off-by: Ed Santiago <santiago@redhat.com>
`podman push` gained this a while ago, and we want it here for the
same reason.
Motivated by closing a race condition in ostree-rs-ext:
17a991050c/lib/src/container/export.rs (L85)
Co-authored-by: Miloslav Trmač <mitr@redhat.com>
This replicates the --all copy flag to sync to perform the same
behavior. Namely, the default is CopySystemImage unless --all is passed
which changes the behavior to CopyAllImages. While it is probably
desirable for --all to be the default as there is no option to override
ones architecture with the sync command, --all can potentially break
existing sync incantations depending on registry support. Hence
CopySystemImage remains the default.
Signed-off-by: Andrew DeMaria <ademaria@cloudflare.com>
because that's what users are looking for, and instead of using
a containers-storage: source, which might not even work all that
well with all the automatic defaults Podman sets up.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Enables to retry skopeo inspect. Add `--retry-times` to set the number of times to retry. Use exponential backoff and 1s as default initial retry delay.
Signed-off-by: Qi Wang <qiwan@redhat.com>
- Improve the language
- Be consistent with the previous example about a trailing slash
- Don't unnecessarily quote :, it is not a shell metacharacter.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Fields that magically change their behavior depending on type of the value
are too much hassle for no benefit.
For now, this just copies&pastes the full loop in imagesToCopyFromRegistry
to create another loop handling the new ImagesByTagRegex field. Simplifications
to reduce duplication will follow.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Enhancement request: https://github.com/containers/skopeo/issues/805
Also sorted commands and options on skopeo man page and skopeo --help
Originally submitted by Michel Belleau <michel.belleau@malaiwah.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Fix cli to use REGISTRY_AUTH_FILE if set and to display the
default location to use for authfiles in the `skopeo copy --help`
Modify tests to verify the different settings.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
With additional prefixed flags for authfiles, it is possible to override the shared authfile flag to use different authfiles for src and dest registries. This is an important feature if the two registries have the same domain (but different paths) and require separate credentials.
Closes#773.
Signed-off-by: Daniel Strobusch <1847260+dastrobu@users.noreply.github.com>
