moby/cli/command/trust.go
Sebastiaan van Stijn bb3c0b2466
fix flag descriptions for content-trust
Commit ed13c3abfb added flags
for Docker Content Trust. Depending on the `verify` boolean,
the message is "Skip image verification", or "Skip image signing".
"Signing" is intended for `docker push` / `docker plugin push`.

During the migration to Cobra, this boolean got flipped for
`docker push` (9640e3a451),
causing `docker push` to show the incorrect flag description.

This patch changes the flags to use the correct description
for `docker push`, and `docker plugin push`.

To prevent this confusion in future, the boolean argument
is removed, and a `AddTrustSigningFlags()` function is added.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-01-23 14:52:36 +01:00

43 lines
1.2 KiB
Go

package command
import (
"os"
"strconv"
"github.com/spf13/pflag"
)
var (
// TODO: make this not global
untrusted bool
)
// AddTrustVerificationFlags adds content trust flags to the provided flagset
func AddTrustVerificationFlags(fs *pflag.FlagSet) {
trusted := getDefaultTrustState()
fs.BoolVar(&untrusted, "disable-content-trust", !trusted, "Skip image verification")
}
// AddTrustSigningFlags adds "signing" flags to the provided flagset
func AddTrustSigningFlags(fs *pflag.FlagSet) {
trusted := getDefaultTrustState()
fs.BoolVar(&untrusted, "disable-content-trust", !trusted, "Skip image signing")
}
// getDefaultTrustState returns true if content trust is enabled through the $DOCKER_CONTENT_TRUST environment variable.
func getDefaultTrustState() bool {
var trusted bool
if e := os.Getenv("DOCKER_CONTENT_TRUST"); e != "" {
if t, err := strconv.ParseBool(e); t || err != nil {
// treat any other value as true
trusted = true
}
}
return trusted
}
// IsTrusted returns true if content trust is enabled, either through the $DOCKER_CONTENT_TRUST environment variable,
// or through `--disabled-content-trust=false` on a command.
func IsTrusted() bool {
return !untrusted
}