From acc9c79fbf1d068dc430d594cc946a29da0a8c1a Mon Sep 17 00:00:00 2001 From: Gianluca Zuccarelli Date: Tue, 7 May 2024 16:51:08 +0100 Subject: [PATCH] bib: disable `--tls-verify` flag Since all containers are coming from local storage and require the user to pull in the container before-hand, we can disable the `--tls-verify` flag. The containers will not be resolved from a remote registry but rather from the local container store. As with the removal of the `--local` flag, we silently deprecate the flag - the flag will not having any effects and will not raise any errors or warnings either. --- bib/cmd/bootc-image-builder/main.go | 2 -- test/test_opts.py | 24 ------------------------ 2 files changed, 26 deletions(-) diff --git a/bib/cmd/bootc-image-builder/main.go b/bib/cmd/bootc-image-builder/main.go index 58400e691..00fe4836f 100644 --- a/bib/cmd/bootc-image-builder/main.go +++ b/bib/cmd/bootc-image-builder/main.go @@ -175,7 +175,6 @@ func manifestFromCobra(cmd *cobra.Command, args []string) ([]byte, *mTLSConfig, imgTypes, _ := cmd.Flags().GetStringArray("type") rpmCacheRoot, _ := cmd.Flags().GetString("rpmmd") targetArch, _ := cmd.Flags().GetString("target-arch") - tlsVerify, _ := cmd.Flags().GetBool("tls-verify") rootFs, _ := cmd.Flags().GetString("rootfs") if targetArch != "" && arch.FromString(targetArch) != arch.Current() { @@ -264,7 +263,6 @@ func manifestFromCobra(cmd *cobra.Command, args []string) ([]byte, *mTLSConfig, Config: config, BuildType: buildType, Imgref: imgref, - TLSVerify: tlsVerify, Filesystems: filesystems, DistroDefPaths: distroDefPaths, SourceInfo: sourceinfo, diff --git a/test/test_opts.py b/test/test_opts.py index c4919493e..5e5dc87b7 100644 --- a/test/test_opts.py +++ b/test/test_opts.py @@ -69,30 +69,6 @@ def test_opts_arch_is_same_arch_is_fine(tmp_path, build_fake_container, target_a assert expected_err in res.stderr -@pytest.mark.parametrize("tls_opt,expected_cmdline", [ - ([], "--tls-verify=true"), - (["--tls-verify"], "--tls-verify=true"), - (["--tls-verify=true"], "--tls-verify=true"), - (["--tls-verify=false"], "--tls-verify=false"), - (["--tls-verify=0"], "--tls-verify=false"), -]) -def test_bib_tls_opts(tmp_path, container_storage, build_fake_container, tls_opt, expected_cmdline): - output_path = tmp_path / "output" - output_path.mkdir(exist_ok=True) - - subprocess.check_call([ - "podman", "run", "--rm", - "--privileged", - "--security-opt", "label=type:unconfined_t", - "-v", f"{container_storage}:/var/lib/containers/storage", - "-v", f"{output_path}:/output", - build_fake_container, - "quay.io/centos-bootc/centos-bootc:stream9" - ] + tls_opt) - podman_log = output_path / "podman.log" - assert expected_cmdline in podman_log.read_text() - - @pytest.mark.parametrize("with_debug", [False, True]) def test_bib_log_level_smoke(tmp_path, container_storage, build_fake_container, with_debug): output_path = tmp_path / "output"