You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add a (global) flag to disable TLS validation for OCM-CLI's commands. Inspired by curl, the flag might be named --insecure, but any name will do.
Why is this needed
For development purposes, there may be cases where no valid certificate is available in a testing environment (e.g. if using a self-signed certificate). Having the option to disable TLS validation will be handy in such cases.
One might also consider productive scenarios, where, through a misconfiguration, TLS validation fails, and OCM-CLI is needed to perform urgent tasks that would otherwise be blocked by TLS validation issues.
Admittedly, those are exceptional and corner-cases. However, most other tooling supports explicit disabling of TLS validation, including e.g. package-managers (apt, apk, pacman), HTTP-APIs for all programming languages, HTTP-tools, such as curl or wget, ... - even security-aware tools such as ssh offer disabling of checks / unsafe mode of operation.
The text was updated successfully, but these errors were encountered:
Hi @ccwienk, @fabianburth last week added the ability to use http registries: #676. It's not an explicit option, but implicitly set by using http as scheme instead of https (which is also the default when omitting the scheme). The latest version https://github.com/open-component-model/ocm/releases/tag/v0.9.0 contains this functionality. I didn't find this enhancement in the documentation, though. @fabianburth, is this part maybe still pending or was I just not able to find it? :-)
What would you like to be added
Add a (global) flag to disable TLS validation for OCM-CLI's commands. Inspired by
curl
, the flag might be named--insecure
, but any name will do.Why is this needed
For development purposes, there may be cases where no valid certificate is available in a testing environment (e.g. if using a self-signed certificate). Having the option to disable TLS validation will be handy in such cases.
One might also consider productive scenarios, where, through a misconfiguration, TLS validation fails, and OCM-CLI is needed to perform urgent tasks that would otherwise be blocked by TLS validation issues.
Admittedly, those are exceptional and corner-cases. However, most other tooling supports explicit disabling of TLS validation, including e.g. package-managers (apt, apk, pacman), HTTP-APIs for all programming languages, HTTP-tools, such as
curl
orwget
, ... - even security-aware tools such asssh
offer disabling of checks / unsafe mode of operation.The text was updated successfully, but these errors were encountered: