add common insecure flag (#1280)

Migrated from #1191 ## Description Adding support for insecure flag for external registry in `zarf init`. Fixing `zarf package create` and `zarf package deploy` failures with external self signed cert registry as mentioned in #1190 and #1181 ## Related Issue Fixes # #1190 Fixes # #1181 Fixes # #561 Fixes # #1015 --------- Co-authored-by: Rishi <[email protected]>
zarf-dev · Feb 2, 2023 · a0b1394 · a0b1394
1 parent 945dde2
commit a0b1394
Show file tree

Hide file tree

Showing 56 changed files with 74 additions and 39 deletions.
diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf.md
@@ -17,6 +17,7 @@ zarf [COMMAND] [flags]
 ```
   -a, --architecture string   Architecture for OCI images
   -h, --help                  help for zarf
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_completion.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_completion.md
@@ -19,6 +19,7 @@ See each sub-command's help for details on how to use the generated script.
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_completion_bash.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_completion_bash.md
@@ -42,6 +42,7 @@ zarf completion bash
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_completion_fish.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_completion_fish.md
@@ -33,6 +33,7 @@ zarf completion fish [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_completion_powershell.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_completion_powershell.md
@@ -30,6 +30,7 @@ zarf completion powershell [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_completion_zsh.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_completion_zsh.md
@@ -44,6 +44,7 @@ zarf completion zsh [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_connect.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_connect.md
@@ -33,6 +33,7 @@ zarf connect {REGISTRY|LOGGING|GIT|connect-name} [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_connect_list.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_connect_list.md
@@ -17,6 +17,7 @@ zarf connect list [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_destroy.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_destroy.md
@@ -29,6 +29,7 @@ zarf destroy [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_init.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_init.md
@@ -63,6 +63,7 @@ zarf init [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_package.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_package.md
@@ -13,6 +13,7 @@ Zarf package commands for creating, deploying, and inspecting packages
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_package_create.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_package_create.md
@@ -18,7 +18,6 @@ zarf package create [DIRECTORY] [flags]
 ```
       --confirm                   Confirm package creation without prompting
   -h, --help                      help for create
-      --insecure                  Allow insecure registry connections when pulling OCI images
   -m, --max-package-size int      Specify the maximum size of the package in megabytes, packages larger than this will be split into multiple parts. Use 0 to disable splitting.
       --no-local-images           Do not use local container images when creating this package
   -o, --output-directory string   Specify the output directory for the created Zarf package
@@ -32,6 +31,7 @@ zarf package create [DIRECTORY] [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_package_deploy.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_package_deploy.md
@@ -17,16 +17,16 @@ zarf package deploy [PACKAGE] [flags]
       --components string    Comma-separated list of components to install.  Adding this flag will skip the init prompts for which components to install
       --confirm              Confirm package deployment without prompting
   -h, --help                 help for deploy
-      --insecure --shasum    Skip shasum validation of remote package. Required if deploying a remote package and --shasum is not provided
       --set stringToString   Specify deployment variables to set on the command line (KEY=value) (default [])
       --sget string          Path to public sget key file for remote packages signed via cosign
-      --shasum --insecure    Shasum of the package to deploy. Required if deploying a remote package and --insecure is not provided
+      --shasum string        Shasum of the package to deploy. Required if deploying a remote package and "--insecure" is not provided
 ```
 
 ## Options inherited from parent commands
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_package_inspect.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_package_inspect.md
@@ -24,6 +24,7 @@ zarf package inspect [PACKAGE] [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_package_list.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_package_list.md
@@ -17,6 +17,7 @@ zarf package list [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_package_remove.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_package_remove.md
@@ -19,6 +19,7 @@ zarf package remove {PACKAGE_NAME|PACKAGE_FILE} [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_prepare.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_prepare.md
@@ -13,6 +13,7 @@ Tools to help prepare assets for packaging
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_prepare_find-images.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_prepare_find-images.md
@@ -25,6 +25,7 @@ zarf prepare find-images [PACKAGE] [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_prepare_generate-config.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_prepare_generate-config.md
@@ -26,6 +26,7 @@ zarf prepare generate-config [FILENAME] [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_prepare_patch-git.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_prepare_patch-git.md
@@ -19,6 +19,7 @@ zarf prepare patch-git [HOST] [FILE] [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_prepare_sha256sum.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_prepare_sha256sum.md
@@ -17,6 +17,7 @@ zarf prepare sha256sum [FILE|URL] [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools.md
@@ -13,6 +13,7 @@ Collection of additional tools to make airgap easier
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools_archiver.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools_archiver.md
@@ -13,6 +13,7 @@ Compress/Decompress generic archives, including Zarf packages.
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools_archiver_compress.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools_archiver_compress.md
@@ -17,6 +17,7 @@ zarf tools archiver compress {SOURCES} {ARCHIVE} [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/.../4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools_archiver_decompress.md b/.../4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools_archiver_decompress.md
@@ -17,6 +17,7 @@ zarf tools archiver decompress {ARCHIVE} {DESTINATION} [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools_clear-cache.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools_clear-cache.md
@@ -18,6 +18,7 @@ zarf tools clear-cache [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools_gen-pki.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools_gen-pki.md
@@ -18,6 +18,7 @@ zarf tools gen-pki {HOST} [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools_get-creds.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools_get-creds.md
@@ -21,6 +21,7 @@ zarf tools get-creds [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools_monitor.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools_monitor.md
@@ -17,6 +17,7 @@ zarf tools monitor [flags]
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc

diff --git a/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools_registry.md b/docs/4-user-guide/1-the-zarf-cli/100-cli-commands/zarf_tools_registry.md
@@ -13,6 +13,7 @@ Tools for working with container registries using go-containertools.
 
 ```
   -a, --architecture string   Architecture for OCI images
+      --insecure              Allow access to insecure registries and disable other recommended security enforcements. This flag should only be used if you have a specific reason and accept the reduced security posture.
   -l, --log-level string      Log level when running Zarf. Valid options are: warn, info, debug, trace (default "info")
       --no-log-file           Disable log file creation
       --no-progress           Disable fancy UI progress bars, spinners, logos, etc