Skip to content

Clean up #150

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Nov 9, 2022
Merged

Clean up #150

merged 3 commits into from
Nov 9, 2022

Conversation

@jacobweinstock
Copy link
Member

@jacobweinstock jacobweinstock commented Nov 8, 2022

Description

Looking to push through needed/desired code changes from PR #139 and #140. Remove insecure downloading of container registry certificate. Add the ability to specify insecure registries for use in the docker container engine config.

Why is this needed

Fixes: #

How Has This Been Tested?

How are existing users impacted? What migration steps/scripts do we need?

Checklist:

I have:

  • updated the documentation and/or roadmap (if required)
  • added unit or e2e tests
  • provided instructions on how to upgrade

@jacobweinstock
Remove downloading docker registry certificate:
fe6a59d 
This is not a secure way to download a certificate.
We need to figure out a better way to handle secrets
across the netboot process. For now the certificate
of the container registry must be signed by a known
CA root.

Signed-off-by: Jacob Weinstock <jakobweinstock@gmail.com>
@jacobweinstock
Add insecure registries to docker daemon.json:
2b0ad0c 
This allows insecure container registries to be used.

Signed-off-by: Jacob Weinstock <jakobweinstock@gmail.com>
@jacobweinstock
Copy link
Member Author

jacobweinstock commented Nov 9, 2022

Hey @thebsdbox , would you mind checking this out when you have a moment. Please and thank you!

chrisdoherty4
chrisdoherty4 reviewed Nov 9, 2022
View reviewed changes
@jacobweinstock
Return on error when writing daemon.json to disk:
4de314b 
Forward progress without the daemon.json is not
desired behavior.

Signed-off-by: Jacob Weinstock <jakobweinstock@gmail.com>
@jacobweinstock jacobweinstock added the ready-to-merge Signal to Mergify to merge the PR. label Nov 9, 2022
@jacobweinstock
Copy link
Member Author

jacobweinstock commented Nov 9, 2022

@mergify queue

@mergify
Copy link
Contributor

mergify bot commented Nov 9, 2022
edited
Loading

queue

✅ The pull request has been merged automatically

The pull request has been merged automatically at 6d43b8b

@mergify mergify bot merged commit 6d43b8b into tinkerbell:main Nov 9, 2022
@jacobweinstock jacobweinstock deleted the update branch November 9, 2022 16:40
This was referenced Nov 9, 2022
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@thebsdbox thebsdbox Awaiting requested review from thebsdbox

@ScottGarman ScottGarman Awaiting requested review from ScottGarman

@chrisdoherty4 chrisdoherty4 Awaiting requested review from chrisdoherty4

1 more reviewer

@mmlb mmlb mmlb approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

ready-to-merge Signal to Mergify to merge the PR.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jacobweinstock @mmlb @chrisdoherty4