From 782b65a36d4f57b61fbcbce9f07265d437e4d3f4 Mon Sep 17 00:00:00 2001 From: Mr-Mu <14306508+mumuhhh@users.noreply.github.com> Date: Mon, 8 Dec 2025 16:06:51 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E6=94=AF=E6=8C=81http=E5=8D=8F?= =?UTF-8?q?=E8=AE=AE=E7=9A=84=E8=BF=9C=E7=A8=8B=E4=BB=93=E5=BA=93=20(#2889?= =?UTF-8?q?)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: mumuhhh <14306508+mumuhhh@users.noreply.github.com> --- docs/zh/modules/image.md | 2 ++ pkg/modules/image.go | 26 ++++++++++++++++++++++---- 2 files changed, 24 insertions(+), 4 deletions(-) diff --git a/docs/zh/modules/image.md b/docs/zh/modules/image.md index 8667a4f2..0ade5d5d 100644 --- a/docs/zh/modules/image.md +++ b/docs/zh/modules/image.md @@ -14,6 +14,7 @@ image模块允许用户下载镜像到本地目录或上传镜像到远程目录 | pull.auths.username | 用于认证远程仓库的用户名 | 字符串 | 否 | - | | pull.auths.password | 用于认证远程仓库的密码 | 字符串 | 否 | - | | pull.auths.insecure | 是否跳过当前远程仓库的tls认证 | bool | 否 | - | +| pull.auths.plain_http | 是否使用http访问远程仓库 | bool | 否 | - | | pull.platform | 镜像的架构信息 | 字符串 | 否 | - | | pull.skip_tls_verify | 默认的是否跳过远程仓库的tls认证 | bool | 否 | - | | push | 从本地目录中推送镜像到远程仓库 | map | 否 | - | @@ -23,6 +24,7 @@ image模块允许用户下载镜像到本地目录或上传镜像到远程目录 | push.auths.username | 用于认证远程仓库的用户名 | 字符串 | 否 | - | | push.auths.password | 用于认证远程仓库的密码 | 字符串 | 否 | - | | push.auths.insecure | 是否跳过当前远程仓库的tls认证 | bool | 否 | - | +| push.auths.plain_http | 是否使用http访问远程仓库 | bool | 否 | - | | push.skip_tls_verify | 默认的是否跳过远程仓库的tls认证 | bool | 否 | - | | push.src_pattern | 正则表达式,过滤本地目录中存放的镜像 | map | 否 | - | | push.dest | 模版语法,从本地目录镜像推送到的远程仓库镜像 | map | 否 | - | diff --git a/pkg/modules/image.go b/pkg/modules/image.go index c4fe466c..5e67e238 100644 --- a/pkg/modules/image.go +++ b/pkg/modules/image.go @@ -162,10 +162,11 @@ type imagePullArgs struct { } type imageAuth struct { - Repo string `json:"repo"` - Username string `json:"username"` - Password string `json:"password"` - Insecure *bool `json:"insecure"` + Repo string `json:"repo"` + Username string `json:"username"` + Password string `json:"password"` + Insecure *bool `json:"insecure"` + PlainHTTP *bool `json:"plain_http"` } // pull retrieves images from a remote registry and stores them locally @@ -203,6 +204,8 @@ func (i imagePullArgs) pull(ctx context.Context, platform string) error { } } + src.PlainHTTP = plainHTTPFunc(img, i.auths, false) + if _, err = oras.Copy(ctx, src, src.Reference.Reference, dst, "", copyOption); err != nil { return errors.Wrapf(err, "failed to pull image %q to local dir", img) } @@ -259,6 +262,19 @@ func skipTLSVerifyFunc(img string, auths []imageAuth, defaults bool) bool { return defaults } +func plainHTTPFunc(img string, auths []imageAuth, defaults bool) bool { + imgHost := strings.Split(img, "/")[0] + for _, a := range auths { + if imgHost == a.Repo { + if a.PlainHTTP != nil { + return *a.PlainHTTP + } + return defaults + } + } + return defaults +} + // parse platform string to ocispec.Platform func parsePlatform(platformStr string) (imagev1.Platform, error) { parts := strings.Split(platformStr, "/") @@ -333,6 +349,8 @@ func (i imagePushArgs) push(ctx context.Context, hostVars map[string]any) error Credential: authFunc(i.auths), } + dst.PlainHTTP = plainHTTPFunc(dest, i.auths, false) + if _, err = oras.Copy(ctx, src, src.Reference.Reference, dst, dst.Reference.Reference, oras.DefaultCopyOptions); err != nil { return errors.Wrapf(err, "failed to push image %q to remote", img) }