fix flag descriptions for content-trust
Commited13c3abfb
added flags for Docker Content Trust. Depending on the `verify` boolean, the message is "Skip image verification", or "Skip image signing". "Signing" is intended for `docker push` / `docker plugin push`. During the migration to Cobra, this boolean got flipped for `docker push` (9640e3a451
), causing `docker push` to show the incorrect flag description. This patch changes the flags to use the correct description for `docker push`, and `docker plugin push`. To prevent this confusion in future, the boolean argument is removed, and a `AddTrustSigningFlags()` function is added. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
parent
b319221c21
commit
bb3c0b2466
10 changed files with 26 additions and 21 deletions
|
@ -52,7 +52,7 @@ func NewCreateCommand(dockerCli *command.DockerCli) *cobra.Command {
|
|||
// with hostname
|
||||
flags.Bool("help", false, "Print usage")
|
||||
|
||||
command.AddTrustedFlags(flags, true)
|
||||
command.AddTrustVerificationFlags(flags)
|
||||
copts = addFlags(flags)
|
||||
return cmd
|
||||
}
|
||||
|
|
|
@ -61,7 +61,7 @@ func NewRunCommand(dockerCli *command.DockerCli) *cobra.Command {
|
|||
// with hostname
|
||||
flags.Bool("help", false, "Print usage")
|
||||
|
||||
command.AddTrustedFlags(flags, true)
|
||||
command.AddTrustVerificationFlags(flags)
|
||||
copts = addFlags(flags)
|
||||
return cmd
|
||||
}
|
||||
|
|
|
@ -108,7 +108,7 @@ func NewBuildCommand(dockerCli *command.DockerCli) *cobra.Command {
|
|||
flags.StringSliceVar(&options.securityOpt, "security-opt", []string{}, "Security options")
|
||||
flags.StringVar(&options.networkMode, "network", "default", "Set the networking mode for the RUN instructions during build")
|
||||
|
||||
command.AddTrustedFlags(flags, true)
|
||||
command.AddTrustVerificationFlags(flags)
|
||||
|
||||
flags.BoolVar(&options.squash, "squash", false, "Squash newly built layers into a single new layer")
|
||||
flags.SetAnnotation("squash", "experimental", nil)
|
||||
|
|
|
@ -36,7 +36,7 @@ func NewPullCommand(dockerCli *command.DockerCli) *cobra.Command {
|
|||
flags := cmd.Flags()
|
||||
|
||||
flags.BoolVarP(&opts.all, "all-tags", "a", false, "Download all tagged images in the repository")
|
||||
command.AddTrustedFlags(flags, true)
|
||||
command.AddTrustVerificationFlags(flags)
|
||||
|
||||
return cmd
|
||||
}
|
||||
|
|
|
@ -24,7 +24,7 @@ func NewPushCommand(dockerCli *command.DockerCli) *cobra.Command {
|
|||
|
||||
flags := cmd.Flags()
|
||||
|
||||
command.AddTrustedFlags(flags, true)
|
||||
command.AddTrustSigningFlags(flags)
|
||||
|
||||
return cmd
|
||||
}
|
||||
|
|
|
@ -47,7 +47,7 @@ func newInstallCommand(dockerCli *command.DockerCli) *cobra.Command {
|
|||
flags.BoolVar(&options.disable, "disable", false, "Do not enable the plugin on install")
|
||||
flags.StringVar(&options.alias, "alias", "", "Local name for plugin")
|
||||
|
||||
command.AddTrustedFlags(flags, true)
|
||||
command.AddTrustVerificationFlags(flags)
|
||||
|
||||
return cmd
|
||||
}
|
||||
|
|
|
@ -26,7 +26,7 @@ func newPushCommand(dockerCli *command.DockerCli) *cobra.Command {
|
|||
|
||||
flags := cmd.Flags()
|
||||
|
||||
command.AddTrustedFlags(flags, true)
|
||||
command.AddTrustSigningFlags(flags)
|
||||
|
||||
return cmd
|
||||
}
|
||||
|
|
|
@ -12,13 +12,20 @@ var (
|
|||
untrusted bool
|
||||
)
|
||||
|
||||
// AddTrustedFlags adds content trust flags to the current command flagset
|
||||
func AddTrustedFlags(fs *pflag.FlagSet, verify bool) {
|
||||
trusted, message := setupTrustedFlag(verify)
|
||||
fs.BoolVar(&untrusted, "disable-content-trust", !trusted, message)
|
||||
// AddTrustVerificationFlags adds content trust flags to the provided flagset
|
||||
func AddTrustVerificationFlags(fs *pflag.FlagSet) {
|
||||
trusted := getDefaultTrustState()
|
||||
fs.BoolVar(&untrusted, "disable-content-trust", !trusted, "Skip image verification")
|
||||
}
|
||||
|
||||
func setupTrustedFlag(verify bool) (bool, string) {
|
||||
// AddTrustSigningFlags adds "signing" flags to the provided flagset
|
||||
func AddTrustSigningFlags(fs *pflag.FlagSet) {
|
||||
trusted := getDefaultTrustState()
|
||||
fs.BoolVar(&untrusted, "disable-content-trust", !trusted, "Skip image signing")
|
||||
}
|
||||
|
||||
// getDefaultTrustState returns true if content trust is enabled through the $DOCKER_CONTENT_TRUST environment variable.
|
||||
func getDefaultTrustState() bool {
|
||||
var trusted bool
|
||||
if e := os.Getenv("DOCKER_CONTENT_TRUST"); e != "" {
|
||||
if t, err := strconv.ParseBool(e); t || err != nil {
|
||||
|
@ -26,14 +33,11 @@ func setupTrustedFlag(verify bool) (bool, string) {
|
|||
trusted = true
|
||||
}
|
||||
}
|
||||
message := "Skip image signing"
|
||||
if verify {
|
||||
message = "Skip image verification"
|
||||
}
|
||||
return trusted, message
|
||||
return trusted
|
||||
}
|
||||
|
||||
// IsTrusted returns true if content trust is enabled
|
||||
// IsTrusted returns true if content trust is enabled, either through the $DOCKER_CONTENT_TRUST environment variable,
|
||||
// or through `--disabled-content-trust=false` on a command.
|
||||
func IsTrusted() bool {
|
||||
return !untrusted
|
||||
}
|
||||
|
|
|
@ -14,12 +14,13 @@ keywords: "plugin, push"
|
|||
-->
|
||||
|
||||
```markdown
|
||||
Usage: docker plugin push PLUGIN[:TAG]
|
||||
Usage: docker plugin push PLUGIN[:TAG]
|
||||
|
||||
Push a plugin to a registry
|
||||
|
||||
Options:
|
||||
--help Print usage
|
||||
--disable-content-trust Skip image signing (default true)
|
||||
--help Print usage
|
||||
```
|
||||
|
||||
Use `docker plugin create` to create the plugin. Once the plugin is ready for distribution,
|
||||
|
|
|
@ -21,7 +21,7 @@ Usage: docker push [OPTIONS] NAME[:TAG]
|
|||
Push an image or a repository to a registry
|
||||
|
||||
Options:
|
||||
--disable-content-trust Skip image verification (default true)
|
||||
--disable-content-trust Skip image signing (default true)
|
||||
--help Print usage
|
||||
```
|
||||
|
||||
|
|
Loading…
Reference in a new issue