1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00

fix flag descriptions for content-trust

Commit ed13c3abfb added flags
for Docker Content Trust. Depending on the `verify` boolean,
the message is "Skip image verification", or "Skip image signing".
"Signing" is intended for `docker push` / `docker plugin push`.

During the migration to Cobra, this boolean got flipped for
`docker push` (9640e3a451),
causing `docker push` to show the incorrect flag description.

This patch changes the flags to use the correct description
for `docker push`, and `docker plugin push`.

To prevent this confusion in future, the boolean argument
is removed, and a `AddTrustSigningFlags()` function is added.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2017-01-17 15:46:07 +01:00
parent b319221c21
commit bb3c0b2466
No known key found for this signature in database
GPG key ID: 76698F39D527CE8C
10 changed files with 26 additions and 21 deletions

View file

@ -52,7 +52,7 @@ func NewCreateCommand(dockerCli *command.DockerCli) *cobra.Command {
// with hostname
flags.Bool("help", false, "Print usage")
command.AddTrustedFlags(flags, true)
command.AddTrustVerificationFlags(flags)
copts = addFlags(flags)
return cmd
}

View file

@ -61,7 +61,7 @@ func NewRunCommand(dockerCli *command.DockerCli) *cobra.Command {
// with hostname
flags.Bool("help", false, "Print usage")
command.AddTrustedFlags(flags, true)
command.AddTrustVerificationFlags(flags)
copts = addFlags(flags)
return cmd
}

View file

@ -108,7 +108,7 @@ func NewBuildCommand(dockerCli *command.DockerCli) *cobra.Command {
flags.StringSliceVar(&options.securityOpt, "security-opt", []string{}, "Security options")
flags.StringVar(&options.networkMode, "network", "default", "Set the networking mode for the RUN instructions during build")
command.AddTrustedFlags(flags, true)
command.AddTrustVerificationFlags(flags)
flags.BoolVar(&options.squash, "squash", false, "Squash newly built layers into a single new layer")
flags.SetAnnotation("squash", "experimental", nil)

View file

@ -36,7 +36,7 @@ func NewPullCommand(dockerCli *command.DockerCli) *cobra.Command {
flags := cmd.Flags()
flags.BoolVarP(&opts.all, "all-tags", "a", false, "Download all tagged images in the repository")
command.AddTrustedFlags(flags, true)
command.AddTrustVerificationFlags(flags)
return cmd
}

View file

@ -24,7 +24,7 @@ func NewPushCommand(dockerCli *command.DockerCli) *cobra.Command {
flags := cmd.Flags()
command.AddTrustedFlags(flags, true)
command.AddTrustSigningFlags(flags)
return cmd
}

View file

@ -47,7 +47,7 @@ func newInstallCommand(dockerCli *command.DockerCli) *cobra.Command {
flags.BoolVar(&options.disable, "disable", false, "Do not enable the plugin on install")
flags.StringVar(&options.alias, "alias", "", "Local name for plugin")
command.AddTrustedFlags(flags, true)
command.AddTrustVerificationFlags(flags)
return cmd
}

View file

@ -26,7 +26,7 @@ func newPushCommand(dockerCli *command.DockerCli) *cobra.Command {
flags := cmd.Flags()
command.AddTrustedFlags(flags, true)
command.AddTrustSigningFlags(flags)
return cmd
}

View file

@ -12,13 +12,20 @@ var (
untrusted bool
)
// AddTrustedFlags adds content trust flags to the current command flagset
func AddTrustedFlags(fs *pflag.FlagSet, verify bool) {
trusted, message := setupTrustedFlag(verify)
fs.BoolVar(&untrusted, "disable-content-trust", !trusted, message)
// AddTrustVerificationFlags adds content trust flags to the provided flagset
func AddTrustVerificationFlags(fs *pflag.FlagSet) {
trusted := getDefaultTrustState()
fs.BoolVar(&untrusted, "disable-content-trust", !trusted, "Skip image verification")
}
func setupTrustedFlag(verify bool) (bool, string) {
// AddTrustSigningFlags adds "signing" flags to the provided flagset
func AddTrustSigningFlags(fs *pflag.FlagSet) {
trusted := getDefaultTrustState()
fs.BoolVar(&untrusted, "disable-content-trust", !trusted, "Skip image signing")
}
// getDefaultTrustState returns true if content trust is enabled through the $DOCKER_CONTENT_TRUST environment variable.
func getDefaultTrustState() bool {
var trusted bool
if e := os.Getenv("DOCKER_CONTENT_TRUST"); e != "" {
if t, err := strconv.ParseBool(e); t || err != nil {
@ -26,14 +33,11 @@ func setupTrustedFlag(verify bool) (bool, string) {
trusted = true
}
}
message := "Skip image signing"
if verify {
message = "Skip image verification"
}
return trusted, message
return trusted
}
// IsTrusted returns true if content trust is enabled
// IsTrusted returns true if content trust is enabled, either through the $DOCKER_CONTENT_TRUST environment variable,
// or through `--disabled-content-trust=false` on a command.
func IsTrusted() bool {
return !untrusted
}

View file

@ -19,6 +19,7 @@ Usage: docker plugin push PLUGIN[:TAG]
Push a plugin to a registry
Options:
--disable-content-trust Skip image signing (default true)
--help Print usage
```

View file

@ -21,7 +21,7 @@ Usage: docker push [OPTIONS] NAME[:TAG]
Push an image or a repository to a registry
Options:
--disable-content-trust Skip image verification (default true)
--disable-content-trust Skip image signing (default true)
--help Print usage
```