Browse code
fix flag descriptions for content-trust
Commit ed13c3abfb242905ec012e8255dc6f26dcf122f6 added flags
for Docker Content Trust. Depending on the `verify` boolean,
the message is "Skip image verification", or "Skip image signing".
"Signing" is intended for `docker push` / `docker plugin push`.
During the migration to Cobra, this boolean got flipped for
`docker push` (9640e3a4514f96a890310757a09fd77a3c70e931),
causing `docker push` to show the incorrect flag description.
This patch changes the flags to use the correct description
for `docker push`, and `docker plugin push`.
To prevent this confusion in future, the boolean argument
is removed, and a `AddTrustSigningFlags()` function is added.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Sebastiaan van Stijn authored on 2017/01/17 23:46:07Showing 10 changed files
- cli/command/container/create.go
- cli/command/container/run.go
- cli/command/image/build.go
- cli/command/image/pull.go
- cli/command/image/push.go
- cli/command/plugin/install.go
- cli/command/plugin/push.go
- cli/command/trust.go
- docs/reference/commandline/plugin_push.md
- docs/reference/commandline/push.md
| ... | ... |
@@ -52,7 +52,7 @@ func NewCreateCommand(dockerCli *command.DockerCli) *cobra.Command {
|
| 52 | 52 |
// with hostname |
| 53 | 53 |
flags.Bool("help", false, "Print usage")
|
| 54 | 54 |
|
| 55 |
- command.AddTrustedFlags(flags, true) |
|
| 55 |
+ command.AddTrustVerificationFlags(flags) |
|
| 56 | 56 |
copts = addFlags(flags) |
| 57 | 57 |
return cmd |
| 58 | 58 |
} |
| ... | ... |
@@ -61,7 +61,7 @@ func NewRunCommand(dockerCli *command.DockerCli) *cobra.Command {
|
| 61 | 61 |
// with hostname |
| 62 | 62 |
flags.Bool("help", false, "Print usage")
|
| 63 | 63 |
|
| 64 |
- command.AddTrustedFlags(flags, true) |
|
| 64 |
+ command.AddTrustVerificationFlags(flags) |
|
| 65 | 65 |
copts = addFlags(flags) |
| 66 | 66 |
return cmd |
| 67 | 67 |
} |
| ... | ... |
@@ -108,7 +108,7 @@ func NewBuildCommand(dockerCli *command.DockerCli) *cobra.Command {
|
| 108 | 108 |
flags.StringSliceVar(&options.securityOpt, "security-opt", []string{}, "Security options")
|
| 109 | 109 |
flags.StringVar(&options.networkMode, "network", "default", "Set the networking mode for the RUN instructions during build") |
| 110 | 110 |
|
| 111 |
- command.AddTrustedFlags(flags, true) |
|
| 111 |
+ command.AddTrustVerificationFlags(flags) |
|
| 112 | 112 |
|
| 113 | 113 |
flags.BoolVar(&options.squash, "squash", false, "Squash newly built layers into a single new layer") |
| 114 | 114 |
flags.SetAnnotation("squash", "experimental", nil)
|
| ... | ... |
@@ -36,7 +36,7 @@ func NewPullCommand(dockerCli *command.DockerCli) *cobra.Command {
|
| 36 | 36 |
flags := cmd.Flags() |
| 37 | 37 |
|
| 38 | 38 |
flags.BoolVarP(&opts.all, "all-tags", "a", false, "Download all tagged images in the repository") |
| 39 |
- command.AddTrustedFlags(flags, true) |
|
| 39 |
+ command.AddTrustVerificationFlags(flags) |
|
| 40 | 40 |
|
| 41 | 41 |
return cmd |
| 42 | 42 |
} |
| ... | ... |
@@ -47,7 +47,7 @@ func newInstallCommand(dockerCli *command.DockerCli) *cobra.Command {
|
| 47 | 47 |
flags.BoolVar(&options.disable, "disable", false, "Do not enable the plugin on install") |
| 48 | 48 |
flags.StringVar(&options.alias, "alias", "", "Local name for plugin") |
| 49 | 49 |
|
| 50 |
- command.AddTrustedFlags(flags, true) |
|
| 50 |
+ command.AddTrustVerificationFlags(flags) |
|
| 51 | 51 |
|
| 52 | 52 |
return cmd |
| 53 | 53 |
} |
| ... | ... |
@@ -12,13 +12,20 @@ var ( |
| 12 | 12 |
untrusted bool |
| 13 | 13 |
) |
| 14 | 14 |
|
| 15 |
-// AddTrustedFlags adds content trust flags to the current command flagset |
|
| 16 |
-func AddTrustedFlags(fs *pflag.FlagSet, verify bool) {
|
|
| 17 |
- trusted, message := setupTrustedFlag(verify) |
|
| 18 |
- fs.BoolVar(&untrusted, "disable-content-trust", !trusted, message) |
|
| 15 |
+// AddTrustVerificationFlags adds content trust flags to the provided flagset |
|
| 16 |
+func AddTrustVerificationFlags(fs *pflag.FlagSet) {
|
|
| 17 |
+ trusted := getDefaultTrustState() |
|
| 18 |
+ fs.BoolVar(&untrusted, "disable-content-trust", !trusted, "Skip image verification") |
|
| 19 | 19 |
} |
| 20 | 20 |
|
| 21 |
-func setupTrustedFlag(verify bool) (bool, string) {
|
|
| 21 |
+// AddTrustSigningFlags adds "signing" flags to the provided flagset |
|
| 22 |
+func AddTrustSigningFlags(fs *pflag.FlagSet) {
|
|
| 23 |
+ trusted := getDefaultTrustState() |
|
| 24 |
+ fs.BoolVar(&untrusted, "disable-content-trust", !trusted, "Skip image signing") |
|
| 25 |
+} |
|
| 26 |
+ |
|
| 27 |
+// getDefaultTrustState returns true if content trust is enabled through the $DOCKER_CONTENT_TRUST environment variable. |
|
| 28 |
+func getDefaultTrustState() bool {
|
|
| 22 | 29 |
var trusted bool |
| 23 | 30 |
if e := os.Getenv("DOCKER_CONTENT_TRUST"); e != "" {
|
| 24 | 31 |
if t, err := strconv.ParseBool(e); t || err != nil {
|
| ... | ... |
@@ -26,14 +33,11 @@ func setupTrustedFlag(verify bool) (bool, string) {
|
| 26 | 26 |
trusted = true |
| 27 | 27 |
} |
| 28 | 28 |
} |
| 29 |
- message := "Skip image signing" |
|
| 30 |
- if verify {
|
|
| 31 |
- message = "Skip image verification" |
|
| 32 |
- } |
|
| 33 |
- return trusted, message |
|
| 29 |
+ return trusted |
|
| 34 | 30 |
} |
| 35 | 31 |
|
| 36 |
-// IsTrusted returns true if content trust is enabled |
|
| 32 |
+// IsTrusted returns true if content trust is enabled, either through the $DOCKER_CONTENT_TRUST environment variable, |
|
| 33 |
+// or through `--disabled-content-trust=false` on a command. |
|
| 37 | 34 |
func IsTrusted() bool {
|
| 38 | 35 |
return !untrusted |
| 39 | 36 |
} |
| ... | ... |
@@ -14,12 +14,13 @@ keywords: "plugin, push" |
| 14 | 14 |
--> |
| 15 | 15 |
|
| 16 | 16 |
```markdown |
| 17 |
-Usage: docker plugin push PLUGIN[:TAG] |
|
| 17 |
+Usage: docker plugin push PLUGIN[:TAG] |
|
| 18 | 18 |
|
| 19 | 19 |
Push a plugin to a registry |
| 20 | 20 |
|
| 21 | 21 |
Options: |
| 22 |
- --help Print usage |
|
| 22 |
+ --disable-content-trust Skip image signing (default true) |
|
| 23 |
+ --help Print usage |
|
| 23 | 24 |
``` |
| 24 | 25 |
|
| 25 | 26 |
Use `docker plugin create` to create the plugin. Once the plugin is ready for distribution, |
| ... | ... |
@@ -21,7 +21,7 @@ Usage: docker push [OPTIONS] NAME[:TAG] |
| 21 | 21 |
Push an image or a repository to a registry |
| 22 | 22 |
|
| 23 | 23 |
Options: |
| 24 |
- --disable-content-trust Skip image verification (default true) |
|
| 24 |
+ --disable-content-trust Skip image signing (default true) |
|
| 25 | 25 |
--help Print usage |
| 26 | 26 |
``` |
| 27 | 27 |
|