summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRodolfo Carvalho <rhcarvalho@gmail.com>2017-06-19 11:11:07 +0200
committerRodolfo Carvalho <rhcarvalho@gmail.com>2017-06-19 11:11:07 +0200
commitc250e0cd02bc0b96e50372fda19e704ef05422be (patch)
tree39ea4ee79d1e715b390fcc0e91179e6d4996ba07
parente2840e8ab50215eb7603a832f2f729d873e5a811 (diff)
downloadopenshift-c250e0cd02bc0b96e50372fda19e704ef05422be.tar.gz
openshift-c250e0cd02bc0b96e50372fda19e704ef05422be.tar.bz2
openshift-c250e0cd02bc0b96e50372fda19e704ef05422be.tar.xz
openshift-c250e0cd02bc0b96e50372fda19e704ef05422be.zip
Disable TLS verification in skopeo inspect
Some registries are not configured with valid certificates and thus the check fails with 'http: server gave HTTP response to HTTPS client'. Since this is not fetching images, but only checking for existence, trade security for convenience.
-rw-r--r--roles/openshift_health_checker/openshift_checks/docker_image_availability.py2
1 files changed, 1 insertions, 1 deletions
diff --git a/roles/openshift_health_checker/openshift_checks/docker_image_availability.py b/roles/openshift_health_checker/openshift_checks/docker_image_availability.py
index 60aacf715..26bf4c09b 100644
--- a/roles/openshift_health_checker/openshift_checks/docker_image_availability.py
+++ b/roles/openshift_health_checker/openshift_checks/docker_image_availability.py
@@ -169,7 +169,7 @@ class DockerImageAvailability(DockerHostMixin, OpenShiftCheck):
registries = [registry]
for registry in registries:
- args = {"_raw_params": "skopeo inspect docker://{}/{}".format(registry, image)}
+ args = {"_raw_params": "skopeo inspect --tls-verify=false docker://{}/{}".format(registry, image)}
result = self.execute_module("command", args, task_vars=task_vars)
if result.get("rc", 0) == 0 and not result.get("failed"):
return True