fix: 'certificate signed by unknown authority' and not working skip-t…

…ls-verify-registry param Signed-off-by: Timofey Kirillov <timofey.kirillov@flant.com>
werf · Mar 29, 2023 · b646359 · b646359
1 parent f0d2c00
commit b646359
Showing 1 changed file with 5 additions and 8 deletions.
diff --git a/pkg/docker_registry/api.go b/pkg/docker_registry/api.go
@@ -270,14 +270,11 @@ func (api *api) image(reference string) (v1.Image, name.Reference, error) {
 		return nil, nil, fmt.Errorf("parsing reference %q: %w", reference, err)
 	}
 
-	// FIXME: Hack for the go-containerregistry library,
-	// FIXME: that uses default transport without options to change transport to custom.
-	// FIXME: Needed for the insecure https registry to work.
-	oldDefaultTransport := http.DefaultTransport
-	http.DefaultTransport = api.getHttpTransport()
-	img, err := remote.Image(ref, remote.WithAuthFromKeychain(authn.DefaultKeychain))
-	http.DefaultTransport = oldDefaultTransport
-
+	img, err := remote.Image(
+		ref,
+		remote.WithAuthFromKeychain(authn.DefaultKeychain),
+		remote.WithTransport(api.getHttpTransport()),
+	)
 	if err != nil {
 		return nil, nil, fmt.Errorf("reading image %q: %w", ref, err)
 	}