14864f820e
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
33 lines
1.4 KiB
Go
33 lines
1.4 KiB
Go
package common
|
|
|
|
import "github.com/containers/image/types"
|
|
|
|
// DockerRegistryOptions encapsulates settings that affect how we connect or
|
|
// authenticate to a remote registry.
|
|
type DockerRegistryOptions struct {
|
|
// DockerRegistryCreds is the user name and password to supply in case
|
|
// we need to pull an image from a registry, and it requires us to
|
|
// authenticate.
|
|
DockerRegistryCreds *types.DockerAuthConfig
|
|
// DockerCertPath is the location of a directory containing CA
|
|
// certificates which will be used to verify the registry's certificate
|
|
// (all files with names ending in ".crt"), and possibly client
|
|
// certificates and private keys (pairs of files with the same name,
|
|
// except for ".cert" and ".key" suffixes).
|
|
DockerCertPath string
|
|
// DockerInsecureSkipTLSVerify turns off verification of TLS
|
|
// certificates and allows connecting to registries without encryption.
|
|
DockerInsecureSkipTLSVerify bool
|
|
}
|
|
|
|
// GetSystemContext constructs a new system context from the given signaturePolicy path and the
|
|
// values in the DockerRegistryOptions
|
|
func (o DockerRegistryOptions) GetSystemContext(signaturePolicyPath string) *types.SystemContext {
|
|
sc := &types.SystemContext{
|
|
SignaturePolicyPath: signaturePolicyPath,
|
|
DockerAuthConfig: o.DockerRegistryCreds,
|
|
DockerCertPath: o.DockerCertPath,
|
|
DockerInsecureSkipTLSVerify: o.DockerInsecureSkipTLSVerify,
|
|
}
|
|
return sc
|
|
}
|