mirror of
https://github.com/SebastianWendel/nixpkgs.git
synced 2024-09-21 04:49:01 +02:00
Merge pull request #125211 from edwtjo/docker-fetch-wotls
build-support/docker: pass tlsVerify to support http registries
This commit is contained in:
commit
7f6a395070
|
@ -90,6 +90,8 @@ rec {
|
||||||
, finalImageName ? imageName
|
, finalImageName ? imageName
|
||||||
# This used to set a tag to the pulled image
|
# This used to set a tag to the pulled image
|
||||||
, finalImageTag ? "latest"
|
, finalImageTag ? "latest"
|
||||||
|
# This is used to disable TLS certificate verification, allowing access to http registries on (hopefully) trusted networks
|
||||||
|
, tlsVerify ? true
|
||||||
|
|
||||||
, name ? fixName "docker-image-${finalImageName}-${finalImageTag}.tar"
|
, name ? fixName "docker-image-${finalImageName}-${finalImageTag}.tar"
|
||||||
}:
|
}:
|
||||||
|
@ -109,7 +111,13 @@ rec {
|
||||||
sourceURL = "docker://${imageName}@${imageDigest}";
|
sourceURL = "docker://${imageName}@${imageDigest}";
|
||||||
destNameTag = "${finalImageName}:${finalImageTag}";
|
destNameTag = "${finalImageName}:${finalImageTag}";
|
||||||
} ''
|
} ''
|
||||||
skopeo --insecure-policy --tmpdir=$TMPDIR --override-os ${os} --override-arch ${arch} copy "$sourceURL" "docker-archive://$out:$destNameTag"
|
skopeo \
|
||||||
|
--src-tls-verify=${lib.boolToString tlsVerify} \
|
||||||
|
--insecure-policy \
|
||||||
|
--tmpdir=$TMPDIR \
|
||||||
|
--override-os ${os} \
|
||||||
|
--override-arch ${arch} \
|
||||||
|
copy "$sourceURL" "docker-archive://$out:$destNameTag"
|
||||||
'';
|
'';
|
||||||
|
|
||||||
# We need to sum layer.tar, not a directory, hence tarsum instead of nix-hash.
|
# We need to sum layer.tar, not a directory, hence tarsum instead of nix-hash.
|
||||||
|
|
Loading…
Reference in a new issue