pass insecure env to ui

Deploy/prepare

@@ -98,7 +98,8 @@ render(os.path.join(templates_dir, "ui", "env"),
         ldap_url=ldap_url,
         ldap_basedn=ldap_basedn,
 	self_registration=self_registration,
-        ui_secret=ui_secret)
+        ui_secret=ui_secret,
+		verify_remote_cert=verify_remote_cert)
 
 render(os.path.join(templates_dir, "ui", "app.conf"),
         ui_conf,

Deploy/templates/ui/env

@@ -17,3 +17,4 @@ LOG_LEVEL=debug
 GODEBUG=netdns=cgo
 EXT_ENDPOINT=$ui_url
 TOKEN_URL=http://ui
+VERIFY_REMOTE_CERT=$verify_remote_cert

api/config.go

@@ -0,0 +1,35 @@
+/*
+   Copyright (c) 2016 VMware, Inc. All Rights Reserved.
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+*/
+
+package api
+
+import (
+	"os"
+)
+
+var (
+	Insecure bool
+)
+
+func init() {
+	verifyRemoteCert := os.Getenv("VERIFY_REMOTE_CERT")
+	if len(verifyRemoteCert) == 0 {
+		verifyRemoteCert = "on"
+	}
+
+	if verifyRemoteCert == "off" {
+		Insecure = false
+	}
+}

api/repository.go

@@ -255,12 +255,10 @@ func (ra *RepositoryAPI) GetManifests() {
 
 func (ra *RepositoryAPI) initRepositoryClient(repoName string) (r *registry.Repository, err error) {
 	endpoint := os.Getenv("REGISTRY_URL")
-	// TODO read variable from config file
-	insecure := true
 
 	username, password, ok := ra.Ctx.Request.BasicAuth()
 	if ok {
-		return newRepositoryClient(endpoint, insecure, username, password,
+		return newRepositoryClient(endpoint, Insecure, username, password,
 			repoName, "repository", repoName, "pull", "push", "*")
 	}
 
@@ -269,7 +267,7 @@ func (ra *RepositoryAPI) initRepositoryClient(repoName string) (r *registry.Repo
 		return nil, err
 	}
 
-	return cache.NewRepositoryClient(endpoint, insecure, username, repoName,
+	return cache.NewRepositoryClient(endpoint, Insecure, username, repoName,
 		"repository", repoName, "pull", "push", "*")
 }
 

api/target.go

@@ -92,9 +92,7 @@ func (t *TargetAPI) Ping() {
 		password = t.GetString("password")
 	}
 
-	// TODO read variable from config file
-	insecure := true
-	registry, err := newRegistryClient(endpoint, insecure, username, password,
+	registry, err := newRegistryClient(endpoint, Insecure, username, password,
 		"", "", "")
 	if err != nil {
 		// timeout, dns resolve error, connection refused, etc.