manifest/inspect: add support for tls-verify and authfile

Add flags for `manifest inspect` i.e `--tls-verify` and `--authfile` Signed-off-by: Aditya R <[email protected]>
containers · Jul 31, 2023 · d27a823 · d27a823
1 parent 071f851
commit d27a823
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 2 deletions.
diff --git a/cmd/buildah/manifest.go b/cmd/buildah/manifest.go
@@ -42,7 +42,10 @@ type manifestAnnotateOpts = struct {
 	os, arch, variant, osVersion      string
 	features, osFeatures, annotations []string
 }
-type manifestInspectOpts = struct{}
+type manifestInspectOpts = struct {
+	authfile  string
+	tlsVerify bool
+}
 
 func init() {
 	var (
@@ -199,6 +202,9 @@ func init() {
 		Example: `buildah manifest inspect mylist:v1.11`,
 		Args:    cobra.MinimumNArgs(1),
 	}
+	flags = manifestInspectCommand.Flags()
+	flags.StringVar(&manifestInspectOpts.authfile, "authfile", auth.GetDefaultAuthFile(), "path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override")
+	flags.BoolVar(&manifestInspectOpts.tlsVerify, "tls-verify", true, "require HTTPS and verify certificates when accessing the registry. TLS verification cannot be used when talking to an insecure registry.")
 	manifestInspectCommand.SetUsageTemplate(UsageTemplate())
 	manifestCommand.AddCommand(manifestInspectCommand)
 
@@ -696,6 +702,11 @@ func manifestAnnotateCmd(c *cobra.Command, args []string, opts manifestAnnotateO
 }
 
 func manifestInspectCmd(c *cobra.Command, args []string, opts manifestInspectOpts) error {
+	if c.Flag("authfile").Changed {
+		if err := auth.CheckAuthFile(opts.authfile); err != nil {
+			return err
+		}
+	}
 	imageSpec := ""
 	switch len(args) {
 	case 0:
@@ -831,7 +842,7 @@ func manifestPushCmd(c *cobra.Command, args []string, opts pushOptions) error {
 		return errors.New("At least a source list ID must be specified")
 	case 1:
 		listImageSpec = args[0]
-		destSpec = "docker://"+listImageSpec
+		destSpec = "docker://" + listImageSpec
 	case 2:
 		listImageSpec = args[0]
 		destSpec = args[1]

diff --git a/docs/buildah-manifest-inspect.1.md b/docs/buildah-manifest-inspect.1.md
@@ -16,6 +16,17 @@ Displays the manifest list or image index stored using the specified image name.
 
 A formatted JSON representation of the manifest list or image index.
 
+## OPTIONS
+
+**--authfile** *path*
+
+Path of the authentication file. Default is ${XDG\_RUNTIME\_DIR}/containers/auth.json, which is set using `buildah login`.
+If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`.
+
+**--tls-verify** *bool-value*
+
+Require HTTPS and verification of certificates when talking to container registries (defaults to true).  TLS verification cannot be used when talking to an insecure registry.
+
 ## EXAMPLE
 
 ```