Skip to content

--insecure option does not work #88

New issue
New issue
Closed
Closed
--insecure option does not work#88
Labels
bugSomething isn't working
@senimagan

Description

@senimagan
senimagan
opened on Feb 1, 2021

Description

dockle's usage explains that insecure connection to the registry is possible by specifying the --insecure option.
However, the --insecure option does not provide an insecure connection.

What did you expect to happen?
Insecure connection shall be possible by specifying --insecure options.

What happened instead?

The --insecure option does not result in an insecure connection.

$ dockle --insecure $REDACTED
2021-02-01T08:47:34.137Z        FATAL   unable to initialize a image struct: failed to initialize source: error pinging docker registry $REDACTED: Get https://$REDACTED/v2/: x509: certificate signed by unknown authority

Output of run with -debug:

$ dockle --debug --insecure $REDACTED
2021-02-01T08:26:24.777Z        DEBUG   Add new ignore code: CIS-DI-0006
2021-02-01T08:26:24.777Z        DEBUG   Fetch latest version from github
2021-02-01T08:26:25.451Z        DEBUG   Start assessments...
2021-02-01T08:26:25.466Z        FATAL   unable to initialize a image struct:
    github.com/goodwithtech/deckoder/extractor/docker.newDockerExtractor
        /go/pkg/mod/github.com/goodwithtech/[email protected]/extractor/docker/docker.go:73
  - failed to initialize source:
    github.com/goodwithtech/deckoder/extractor/image.NewImage
        /go/pkg/mod/github.com/goodwithtech/[email protected]/extractor/image/image.go:86
  - Get https://$REDACTED/v2/: x509: certificate signed by unknown authority
    error pinging docker registry $REDACTED
    github.com/containers/image/v5/docker.(*dockerClient).detectPropertiesHelper
        /go/pkg/mod/github.com/containers/image/[email protected]/docker/docker_client.go:642
    github.com/containers/image/v5/docker.(*dockerClient).detectProperties.func1
        /go/pkg/mod/github.com/containers/image/[email protected]/docker/docker_client.go:675
    sync.(*Once).doSlow
        /usr/local/go/src/sync/once.go:66
    sync.(*Once).Do
        /usr/local/go/src/sync/once.go:57
    github.com/containers/image/v5/docker.(*dockerClient).detectProperties
        /go/pkg/mod/github.com/containers/image/[email protected]/docker/docker_client.go:675
    github.com/containers/image/v5/docker.(*dockerClient).makeRequest
        /go/pkg/mod/github.com/containers/image/[email protected]/docker/docker_client.go:395
    github.com/containers/image/v5/docker.(*dockerImageSource).fetchManifest
        /go/pkg/mod/github.com/containers/image/[email protected]/docker/docker_image_src.go:151
    github.com/containers/image/v5/docker.(*dockerImageSource).ensureManifestIsLoaded
        /go/pkg/mod/github.com/containers/image/[email protected]/docker/docker_image_src.go:183
    github.com/containers/image/v5/docker.newImageSource
        /go/pkg/mod/github.com/containers/image/[email protected]/docker/docker_image_src.go:87
    github.com/containers/image/v5/docker.dockerReference.NewImageSource
        /go/pkg/mod/github.com/containers/image/[email protected]/docker/docker_transport.go:144
    github.com/goodwithtech/deckoder/extractor/image.newSource
        /go/pkg/mod/github.com/goodwithtech/[email protected]/extractor/image/image.go:109
    github.com/goodwithtech/deckoder/extractor/image.NewImage
        /go/pkg/mod/github.com/goodwithtech/[email protected]/extractor/image/image.go:84
    github.com/goodwithtech/deckoder/extractor/docker.newDockerExtractor
        /go/pkg/mod/github.com/goodwithtech/[email protected]/extractor/docker/docker.go:71
    github.com/goodwithtech/deckoder/extractor/docker.NewDockerExtractor
        /go/pkg/mod/github.com/goodwithtech/[email protected]/extractor/docker/docker.go:57
    github.com/goodwithtech/dockle/pkg/scanner.ScanImage
        /go/src/github.com/goodwithtech/dockle/pkg/scanner/scan.go:30
    github.com/goodwithtech/dockle/pkg.Run
        /go/src/github.com/goodwithtech/dockle/pkg/run.go:71
    github.com/urfave/cli.HandleAction
        /go/pkg/mod/github.com/urfave/[email protected]/app.go:523
    github.com/urfave/cli.(*App).Run
        /go/pkg/mod/github.com/urfave/[email protected]/app.go:285
    main.main
        /go/src/github.com/goodwithtech/dockle/cmd/dockle/main.go:107
    runtime.main
        /usr/local/go/src/runtime/proc.go:203
    runtime.goexit
        /usr/local/go/src/runtime/asm_amd64.s:1357

Output of dockle -v:

dockle version 0.3.1

Additional details (base image name, container registry info...):

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions