04e96d05fc
When a user enters a CLI with a StringFlags or StringSliceFlags and does not add a value the CLI mistakently takes the next option and uses it as a value. This usually ends up with an error like not enough options or others. Some times it could also succeed, with weird results. This patch looks for any values that begin with a "-" and return an error. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
126 lines
3.2 KiB
Go
126 lines
3.2 KiB
Go
package main
|
|
|
|
import (
|
|
"fmt"
|
|
"io"
|
|
"os"
|
|
|
|
"github.com/containers/image/types"
|
|
"github.com/containers/storage/pkg/archive"
|
|
"github.com/kubernetes-incubator/cri-o/libpod"
|
|
"github.com/kubernetes-incubator/cri-o/libpod/common"
|
|
"github.com/pkg/errors"
|
|
"github.com/urfave/cli"
|
|
"golang.org/x/crypto/ssh/terminal"
|
|
)
|
|
|
|
var (
|
|
pushFlags = []cli.Flag{
|
|
cli.StringFlag{
|
|
Name: "signature-policy",
|
|
Usage: "`pathname` of signature policy file (not usually used)",
|
|
Hidden: true,
|
|
},
|
|
cli.StringFlag{
|
|
Name: "creds",
|
|
Usage: "`credentials` (USERNAME:PASSWORD) to use for authenticating to a registry",
|
|
},
|
|
cli.StringFlag{
|
|
Name: "cert-dir",
|
|
Usage: "`pathname` of a directory containing TLS certificates and keys",
|
|
},
|
|
cli.BoolTFlag{
|
|
Name: "tls-verify",
|
|
Usage: "require HTTPS and verify certificates when contacting registries (default: true)",
|
|
},
|
|
cli.BoolFlag{
|
|
Name: "remove-signatures",
|
|
Usage: "discard any pre-existing signatures in the image",
|
|
},
|
|
cli.StringFlag{
|
|
Name: "sign-by",
|
|
Usage: "add a signature at the destination using the specified key",
|
|
},
|
|
cli.BoolFlag{
|
|
Name: "quiet, q",
|
|
Usage: "don't output progress information when pushing images",
|
|
},
|
|
}
|
|
pushDescription = fmt.Sprintf(`
|
|
Pushes an image to a specified location.
|
|
The Image "DESTINATION" uses a "transport":"details" format.
|
|
See kpod-push(1) section "DESTINATION" for the expected format`)
|
|
|
|
pushCommand = cli.Command{
|
|
Name: "push",
|
|
Usage: "push an image to a specified destination",
|
|
Description: pushDescription,
|
|
Flags: pushFlags,
|
|
Action: pushCmd,
|
|
ArgsUsage: "IMAGE DESTINATION",
|
|
}
|
|
)
|
|
|
|
func pushCmd(c *cli.Context) error {
|
|
var registryCreds *types.DockerAuthConfig
|
|
|
|
args := c.Args()
|
|
if len(args) < 2 {
|
|
return errors.New("kpod push requires exactly 2 arguments")
|
|
}
|
|
if err := validateFlags(c, pushFlags); err != nil {
|
|
return err
|
|
}
|
|
srcName := c.Args().Get(0)
|
|
destName := c.Args().Get(1)
|
|
|
|
registryCredsString := c.String("creds")
|
|
certPath := c.String("cert-dir")
|
|
skipVerify := !c.BoolT("tls-verify")
|
|
removeSignatures := c.Bool("remove-signatures")
|
|
signBy := c.String("sign-by")
|
|
|
|
if registryCredsString != "" {
|
|
creds, err := common.ParseRegistryCreds(registryCredsString)
|
|
if err != nil {
|
|
if err == common.ErrNoPassword {
|
|
fmt.Print("Password: ")
|
|
password, err := terminal.ReadPassword(0)
|
|
if err != nil {
|
|
return errors.Wrapf(err, "could not read password from terminal")
|
|
}
|
|
creds.Password = string(password)
|
|
} else {
|
|
return err
|
|
}
|
|
}
|
|
registryCreds = creds
|
|
}
|
|
|
|
runtime, err := getRuntime(c)
|
|
if err != nil {
|
|
return errors.Wrapf(err, "could not create runtime")
|
|
}
|
|
defer runtime.Shutdown(false)
|
|
|
|
var writer io.Writer
|
|
if !c.Bool("quiet") {
|
|
writer = os.Stdout
|
|
}
|
|
|
|
options := libpod.CopyOptions{
|
|
Compression: archive.Uncompressed,
|
|
SignaturePolicyPath: c.String("signature-policy"),
|
|
DockerRegistryOptions: common.DockerRegistryOptions{
|
|
DockerRegistryCreds: registryCreds,
|
|
DockerCertPath: certPath,
|
|
DockerInsecureSkipTLSVerify: skipVerify,
|
|
},
|
|
SigningOptions: common.SigningOptions{
|
|
RemoveSignatures: removeSignatures,
|
|
SignBy: signBy,
|
|
},
|
|
}
|
|
|
|
return runtime.PushImage(srcName, destName, options, writer)
|
|
}
|