From c250e0cd02bc0b96e50372fda19e704ef05422be Mon Sep 17 00:00:00 2001
From: Rodolfo Carvalho <rhcarvalho@gmail.com>
Date: Mon, 19 Jun 2017 11:11:07 +0200
Subject: Disable TLS verification in skopeo inspect

Some registries are not configured with valid certificates and thus the
check fails with 'http: server gave HTTP response to HTTPS client'.
Since this is not fetching images, but only checking for existence,
trade security for convenience.
---
 .../openshift_checks/docker_image_availability.py                       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'roles')

diff --git a/roles/openshift_health_checker/openshift_checks/docker_image_availability.py b/roles/openshift_health_checker/openshift_checks/docker_image_availability.py
index 60aacf715..26bf4c09b 100644
--- a/roles/openshift_health_checker/openshift_checks/docker_image_availability.py
+++ b/roles/openshift_health_checker/openshift_checks/docker_image_availability.py
@@ -169,7 +169,7 @@ class DockerImageAvailability(DockerHostMixin, OpenShiftCheck):
             registries = [registry]
 
         for registry in registries:
-            args = {"_raw_params": "skopeo inspect docker://{}/{}".format(registry, image)}
+            args = {"_raw_params": "skopeo inspect --tls-verify=false docker://{}/{}".format(registry, image)}
             result = self.execute_module("command", args, task_vars=task_vars)
             if result.get("rc", 0) == 0 and not result.get("failed"):
                 return True
-- 
cgit v1.2.1