chore: standardizes on term "skip-tls-verify" when disabling cert val…

…idation Signed-off-by: Jennifer Power <[email protected]>
ortelius · Nov 7, 2022 · 3d7b1fd · 3d7b1fd
1 parent a475951
commit 3d7b1fd
Show file tree

Hide file tree

Showing 10 changed files with 27 additions and 27 deletions.
diff --git a/README.md b/README.md
@@ -61,7 +61,7 @@ Example:
 registries:
   - prefix: "localhost:5001/test"
     location: localhost:5001
-    skipTLS: false
+    skipTLSVerify: false
     plainHTTP: true
 ```
 

diff --git a/cmd/client/commands/build_collection.go b/cmd/client/commands/build_collection.go
@@ -107,7 +107,7 @@ func (o *BuildCollectionOptions) Run(ctx context.Context) error {
 	}
 
 	var clientOpts = []orasclient.ClientOption{
-		orasclient.SkipTLSVerify(o.Insecure),
+		orasclient.SkipTLSVerify(o.SkipTLSVerify),
 		orasclient.WithAuthConfigs(o.Configs),
 		orasclient.WithPlainHTTP(o.PlainHTTP),
 		orasclient.WithRegistryConfig(o.RegistryConfig),

diff --git a/cmd/client/commands/options/remote.go b/cmd/client/commands/options/remote.go
@@ -11,15 +11,15 @@ import (
 
 // Remote describes remote configuration options that can be set.
 type Remote struct {
-	Insecure       bool
+	SkipTLSVerify  bool
 	PlainHTTP      bool
 	RegistryConfig registryclient.RegistryConfig
 }
 
 // BindFlags binds options from a flag set to Remote options.
 func (o *Remote) BindFlags(fs *pflag.FlagSet) {
-	fs.BoolVarP(&o.Insecure, "insecure", "", o.Insecure, "allow connections to registries SSL registry without certs")
-	fs.BoolVarP(&o.PlainHTTP, "plain-http", "", o.PlainHTTP, "use plain http and not https when contacting registries")
+	fs.BoolVar(&o.SkipTLSVerify, "skip-tls-verify", o.SkipTLSVerify, "disable TLS certificate verification when contacting registries")
+	fs.BoolVar(&o.PlainHTTP, "plain-http", o.PlainHTTP, "use plain http and not https when contacting registries")
 }
 
 // LoadRegistryConfig loads the registry config from disk.

diff --git a/cmd/client/commands/pull.go b/cmd/client/commands/pull.go
@@ -130,7 +130,7 @@ func (o *PullOptions) Run(ctx context.Context) error {
 	}
 
 	var clientOpts = []orasclient.ClientOption{
-		orasclient.SkipTLSVerify(o.Insecure),
+		orasclient.SkipTLSVerify(o.SkipTLSVerify),
 		orasclient.WithAuthConfigs(o.Configs),
 		orasclient.WithPlainHTTP(o.PlainHTTP),
 		orasclient.WithCache(cache),

diff --git a/cmd/client/commands/push.go b/cmd/client/commands/push.go
@@ -81,7 +81,7 @@ func (o *PushOptions) Run(ctx context.Context) error {
 	}
 
 	client, err := orasclient.NewClient(
-		orasclient.SkipTLSVerify(o.Insecure),
+		orasclient.SkipTLSVerify(o.SkipTLSVerify),
 		orasclient.WithAuthConfigs(o.Configs),
 		orasclient.WithPlainHTTP(o.PlainHTTP),
 		orasclient.WithRegistryConfig(o.RegistryConfig),

diff --git a/cmd/client/commands/sigstore.go b/cmd/client/commands/sigstore.go
@@ -39,7 +39,7 @@ func signCollection(_ context.Context, reference string, authConfigs []string, r
 	regopts := cosignopts.RegistryOptions{
 		Keychain: authn.DefaultKeychain,
 	}
-	if remoteOpts.PlainHTTP || remoteOpts.Insecure {
+	if remoteOpts.PlainHTTP || remoteOpts.SkipTLSVerify {
 		regopts.AllowInsecure = true
 	}
 
@@ -70,7 +70,7 @@ func verifyCollection(ctx context.Context, reference string, authConfigs []strin
 		Keychain: authn.DefaultKeychain,
 	}
 
-	if remoteOpts.PlainHTTP || remoteOpts.Insecure {
+	if remoteOpts.PlainHTTP || remoteOpts.SkipTLSVerify {
 		regopts.AllowInsecure = true
 	}
 

diff --git a/registryclient/orasclient/options.go b/registryclient/orasclient/options.go
@@ -26,7 +26,7 @@ type ClientConfig struct {
 	configs        []string
 	credFn         func(context.Context, string) (auth.Credential, error)
 	plainHTTP      bool
-	insecure       bool
+	skipTLSVerify  bool
 	cache          content.Store
 	copyOpts       oras.CopyOptions
 	attributes     model.Matcher
@@ -64,7 +64,7 @@ func NewClient(options ...ClientOption) (registryclient.Client, error) {
 
 	client.authCache = auth.NewCache()
 	client.plainHTTP = config.plainHTTP
-	client.insecure = config.insecure
+	client.skipTLSVerify = config.skipTLSVerify
 	client.copyOpts = config.copyOpts
 	client.destroy = destroy
 	client.cache = config.cache
@@ -120,9 +120,9 @@ func WithRegistryConfig(registryConf registryclient.RegistryConfig) ClientOption
 }
 
 // SkipTLSVerify disables TLS certificate checking.
-func SkipTLSVerify(insecure bool) ClientOption {
+func SkipTLSVerify(skipTLSVerify bool) ClientOption {
 	return func(config *ClientConfig) error {
-		config.insecure = insecure
+		config.skipTLSVerify = skipTLSVerify
 		return nil
 	}
 }

diff --git a/registryclient/orasclient/oras.go b/registryclient/orasclient/oras.go
@@ -34,7 +34,7 @@ import (
 
 type orasClient struct {
 	plainHTTP    bool
-	insecure     bool
+	skipTLSVerify     bool
 	authCache    auth.Cache
 	credFn       func(context.Context, string) (auth.Credential, error)
 	registryConf registryclient.RegistryConfig
@@ -332,11 +332,11 @@ func (c *orasClient) setupRepo(ctx context.Context, reference string) (registry.
 	switch {
 	case registryConfig == nil:
 		repo.PlainHTTP = c.plainHTTP
-		repo.Client = c.authClient(c.insecure)
+		repo.Client = c.authClient(c.skipTLSVerify)
 		return repo, nil
 	default:
 		repo.PlainHTTP = registryConfig.PlainHTTP
-		repo.Client = c.authClient(registryConfig.SkipTLS)
+		repo.Client = c.authClient(registryConfig.SkipTLSVerify)
 		return repo, nil
 	}
 }

diff --git a/registryclient/registries.go b/registryclient/registries.go
@@ -18,7 +18,7 @@ type Endpoint struct {
 	// The endpoint's remote location.
 	Location string `mapstructure:"location" json:"location"`
 	// If true, certs verification will be skipped.
-	SkipTLS bool `mapstructure:"skipTLS" json:"skipTLS"`
+	SkipTLSVerify bool `mapstructure:"skipTLSVerify" json:"skipTLSVerify"`
 	// If true, the client will use HTTP to
 	// connect to the registry.
 	PlainHTTP bool `mapstructure:"plainHTTP" json:"plainHTTP"`

diff --git a/registryclient/registries_test.go b/registryclient/registries_test.go
@@ -22,13 +22,13 @@ func TestFindRegistry(t *testing.T) {
 					{
 						Prefix: "*.example.com",
 						Endpoint: Endpoint{
-							SkipTLS: true,
+							SkipTLSVerify: true,
 						},
 					},
 					{
 						Prefix: "*.not.com",
 						Endpoint: Endpoint{
-							SkipTLS: false,
+							SkipTLSVerify: false,
 						},
 					},
 				},
@@ -37,7 +37,7 @@ func TestFindRegistry(t *testing.T) {
 			expReg: Registry{
 				Prefix: "*.example.com",
 				Endpoint: Endpoint{
-					SkipTLS: true,
+					SkipTLSVerify: true,
 				},
 			},
 		},
@@ -48,13 +48,13 @@ func TestFindRegistry(t *testing.T) {
 					{
 						Prefix: "*.example.com",
 						Endpoint: Endpoint{
-							SkipTLS: true,
+							SkipTLSVerify: true,
 						},
 					},
 					{
 						Prefix: "*",
 						Endpoint: Endpoint{
-							SkipTLS: false,
+							SkipTLSVerify: false,
 						},
 					},
 				},
@@ -63,7 +63,7 @@ func TestFindRegistry(t *testing.T) {
 			expReg: Registry{
 				Prefix: "*.example.com",
 				Endpoint: Endpoint{
-					SkipTLS: true,
+					SkipTLSVerify: true,
 				},
 			},
 		},
@@ -74,13 +74,13 @@ func TestFindRegistry(t *testing.T) {
 					{
 						Prefix: "reg.example.*",
 						Endpoint: Endpoint{
-							SkipTLS: true,
+							SkipTLSVerify: true,
 						},
 					},
 					{
 						Prefix: "*",
 						Endpoint: Endpoint{
-							SkipTLS: false,
+							SkipTLSVerify: false,
 						},
 					},
 				},
@@ -89,7 +89,7 @@ func TestFindRegistry(t *testing.T) {
 			expReg: Registry{
 				Prefix: "reg.example.*",
 				Endpoint: Endpoint{
-					SkipTLS: true,
+					SkipTLSVerify: true,
 				},
 			},
 		},
@@ -100,7 +100,7 @@ func TestFindRegistry(t *testing.T) {
 					{
 						Prefix: "*.not.com",
 						Endpoint: Endpoint{
-							SkipTLS: true,
+							SkipTLSVerify: true,
 						},
 					},
 				},