Give image repository a cert-secret-ref flag

ImageRepository objects can now refer to a secret containing
certificates to use for TLS. This adds the flag

    flux create image repository --cert-secret-ref

for naming a secret to use. You can create such a secret with

    flux create secret tls

Signed-off-by: Michael Bridgen <michael@weave.works>
pull/790/head
Michael Bridgen 4 years ago
parent b3b224b0ca
commit 5df8e05d1a

@ -38,9 +38,10 @@ An ImageRepository object specifies an image repository to scan.`,
} }
type imageRepoFlags struct { type imageRepoFlags struct {
image string image string
secretRef string secretRef string
timeout time.Duration certSecretRef string
timeout time.Duration
} }
var imageRepoArgs = imageRepoFlags{} var imageRepoArgs = imageRepoFlags{}
@ -49,6 +50,7 @@ func init() {
flags := createImageRepositoryCmd.Flags() flags := createImageRepositoryCmd.Flags()
flags.StringVar(&imageRepoArgs.image, "image", "", "the image repository to scan; e.g., library/alpine") flags.StringVar(&imageRepoArgs.image, "image", "", "the image repository to scan; e.g., library/alpine")
flags.StringVar(&imageRepoArgs.secretRef, "secret-ref", "", "the name of a docker-registry secret to use for credentials") flags.StringVar(&imageRepoArgs.secretRef, "secret-ref", "", "the name of a docker-registry secret to use for credentials")
flags.StringVar(&imageRepoArgs.certSecretRef, "cert-ref", "", "the name of a secret to use for TLS certificates")
// NB there is already a --timeout in the global flags, for // NB there is already a --timeout in the global flags, for
// controlling timeout on operations while e.g., creating objects. // controlling timeout on operations while e.g., creating objects.
flags.DurationVar(&imageRepoArgs.timeout, "scan-timeout", 0, "a timeout for scanning; this defaults to the interval if not set") flags.DurationVar(&imageRepoArgs.timeout, "scan-timeout", 0, "a timeout for scanning; this defaults to the interval if not set")
@ -94,6 +96,11 @@ func createImageRepositoryRun(cmd *cobra.Command, args []string) error {
Name: imageRepoArgs.secretRef, Name: imageRepoArgs.secretRef,
} }
} }
if imageRepoArgs.certSecretRef != "" {
repo.Spec.CertSecretRef = &meta.LocalObjectReference{
Name: imageRepoArgs.certSecretRef,
}
}
if createArgs.export { if createArgs.export {
return printExport(exportImageRepository(&repo)) return printExport(exportImageRepository(&repo))

Loading…
Cancel
Save