pub struct ImageProxyConfig {
pub authfile: Option<PathBuf>,
pub auth_data: Option<File>,
pub auth_anonymous: bool,
pub certificate_directory: Option<PathBuf>,
pub decryption_keys: Option<Vec<String>>,
pub insecure_skip_tls_verification: Option<bool>,
pub debug: bool,
pub skopeo_cmd: Option<Command>,
}
Expand description
Configuration for the proxy.
Fields§
§authfile: Option<PathBuf>
Path to container auth file; equivalent to skopeo --authfile
.
This conflicts with [auth_data
].
auth_data: Option<File>
Data stream for container auth. This conflicts with [authfile
].
auth_anonymous: bool
Do not use default container authentication paths; equivalent to skopeo --no-creds
.
Defaults to false
; in other words, use the default file paths from man containers-auth.json
.
certificate_directory: Option<PathBuf>
§decryption_keys: Option<Vec<String>>
Decryption keys to decrypt an encrypted container image.
equivalent to skopeo copy --decryption-key <path_to_decryption_key>
insecure_skip_tls_verification: Option<bool>
If set, disable TLS verification. Equivalent to skopeo --tls-verify=false
.
debug: bool
If enabled, propagate debug-logging level from the proxy via stderr to the current process’ stderr. Note than when enabled, this also means that standard error will no longer be captured.
skopeo_cmd: Option<Command>
Provide a configured std::process::Command
instance.
This allows configuring aspects of the resulting child skopeo
process.
The intention of this hook is to allow the caller to use e.g.
systemd-run
or equivalent containerization tools. For example you
can set up a command whose arguments are systemd-run -Pq -p DynamicUser=yes -- skopeo
.
You can also set up arbitrary aspects of the child via e.g.
current_dir
pre_exec
.
The default is to wrap via util-linux setpriv --pdeathsig SIGTERM -- skopeo
,
which on Linux binds the lifecycle of the child process to the parent.
Note that you must add skopeo
as the primary argument or
indirectly. However, all other command line options including
experimental-image-proxy
will be injected by this library.
You may use a different command name from skopeo
if your
application has set up a compatible copy, e.g. /usr/lib/myapp/my-private-skopeo
/
Trait Implementations§
Source§impl Debug for ImageProxyConfig
impl Debug for ImageProxyConfig
Source§impl Default for ImageProxyConfig
impl Default for ImageProxyConfig
Source§fn default() -> ImageProxyConfig
fn default() -> ImageProxyConfig
Auto Trait Implementations§
impl Freeze for ImageProxyConfig
impl !RefUnwindSafe for ImageProxyConfig
impl Send for ImageProxyConfig
impl Sync for ImageProxyConfig
impl Unpin for ImageProxyConfig
impl !UnwindSafe for ImageProxyConfig
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Source§impl<T> Instrument for T
impl<T> Instrument for T
Source§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
Source§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
Source§impl<T> IntoEither for T
impl<T> IntoEither for T
Source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left
is true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read moreSource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
self
into a Left
variant of Either<Self, Self>
if into_left(&self)
returns true
.
Converts self
into a Right
variant of Either<Self, Self>
otherwise. Read more