diff --git a/cmd/mindthegap/create/imagebundle/image_bundle.go b/cmd/mindthegap/create/imagebundle/image_bundle.go index 09dd9389..32663f68 100644 --- a/cmd/mindthegap/create/imagebundle/image_bundle.go +++ b/cmd/mindthegap/create/imagebundle/image_bundle.go @@ -115,15 +115,17 @@ func NewCommand(out output.Output) *cobra.Command { registryConfig := cfg[registryName] var remoteOpts []remote.Option - if registryConfig.TLSVerify != nil && !*registryConfig.TLSVerify { - transport := httputils.NewConfigurableTLSRoundTripper( - httputils.TLSHostsConfig{ - registryName: httputils.TLSHostConfig{Insecure: true}, - }, - ) - remoteOpts = append(remoteOpts, remote.WithTransport(transport)) + var tlsHostsConfig httputils.TLSHostsConfig + if registryConfig.TLSVerify != nil && !*registryConfig.TLSVerify { + tlsHostsConfig = httputils.TLSHostsConfig{ + registryName: httputils.TLSHostConfig{Insecure: true}, + } } + transport := httputils.NewConfigurableTLSRoundTripper( + tlsHostsConfig, + ) + remoteOpts = append(remoteOpts, remote.WithTransport(transport)) keychain := authn.NewMultiKeychain( authn.NewKeychainFromHelper( diff --git a/cmd/mindthegap/push/helmbundle/helm_bundle.go b/cmd/mindthegap/push/helmbundle/helm_bundle.go index e0b907ba..22c3c2c5 100644 --- a/cmd/mindthegap/push/helmbundle/helm_bundle.go +++ b/cmd/mindthegap/push/helmbundle/helm_bundle.go @@ -81,20 +81,21 @@ func NewCommand(out output.Output) *cobra.Command { logs.Warn.SetOutput(out.InfoWriter()) var remoteOpts []remote.Option + insecure := flags.SkipTLSVerify(destRegistrySkipTLSVerify, destRegistryURI) + tlsHostsConfig := httputils.TLSHostsConfig{ + reg.Address(): httputils.TLSHostConfig{Insecure: true}, + } if insecure || destRegistryCACertificateFile != "" { - transport := httputils.NewConfigurableTLSRoundTripper( - httputils.TLSHostsConfig{ - destRegistryURI.Host(): httputils.TLSHostConfig{ - Insecure: insecure, - CAFile: destRegistryCACertificateFile, - }, - reg.Address(): httputils.TLSHostConfig{Insecure: true}, - }, - ) - - remoteOpts = append(remoteOpts, remote.WithTransport(transport)) + tlsHostsConfig[destRegistryURI.Host()] = httputils.TLSHostConfig{ + Insecure: insecure, + CAFile: destRegistryCACertificateFile, + } } + transport := httputils.NewConfigurableTLSRoundTripper( + tlsHostsConfig, + ) + remoteOpts = append(remoteOpts, remote.WithTransport(transport)) keychain := authn.DefaultKeychain if destRegistryUsername != "" && destRegistryPassword != "" { diff --git a/cmd/mindthegap/push/imagebundle/image_bundle.go b/cmd/mindthegap/push/imagebundle/image_bundle.go index 6a70c033..13c4b918 100644 --- a/cmd/mindthegap/push/imagebundle/image_bundle.go +++ b/cmd/mindthegap/push/imagebundle/image_bundle.go @@ -82,20 +82,21 @@ func NewCommand(out output.Output) *cobra.Command { logs.Warn.SetOutput(out.InfoWriter()) var remoteOpts []remote.Option + insecure := flags.SkipTLSVerify(destRegistrySkipTLSVerify, destRegistryURI) + tlsHostsConfig := httputils.TLSHostsConfig{ + reg.Address(): httputils.TLSHostConfig{Insecure: true}, + } if insecure || destRegistryCACertificateFile != "" { - transport := httputils.NewConfigurableTLSRoundTripper( - httputils.TLSHostsConfig{ - destRegistryURI.Host(): httputils.TLSHostConfig{ - Insecure: insecure, - CAFile: destRegistryCACertificateFile, - }, - reg.Address(): httputils.TLSHostConfig{Insecure: true}, - }, - ) - - remoteOpts = append(remoteOpts, remote.WithTransport(transport)) + tlsHostsConfig[destRegistryURI.Host()] = httputils.TLSHostConfig{ + Insecure: insecure, + CAFile: destRegistryCACertificateFile, + } } + transport := httputils.NewConfigurableTLSRoundTripper( + tlsHostsConfig, + ) + remoteOpts = append(remoteOpts, remote.WithTransport(transport)) keychain := authn.DefaultKeychain if destRegistryUsername != "" && destRegistryPassword != "" {