Merge pull request #171 from TheAceMan/main

Add the ability to skip verifying the TLS cert for s3 storage

README.md

@@ -87,6 +87,7 @@ their default values.
 | `s3.encrypt`                | Store images in encrypted format                                                           | `nil`           |
 | `s3.secure`                 | Use HTTPS                                                                                  | `nil`           |
 | `s3.forcepathstyle`         | Use path-style addressing, needed for some s3 compatible storage (minio)                   | `nil`           |
+| `s3.skipverify`             | Allows connection to s3 storage using TLS with untrusted/self-signed certificate           | `nil`           |
 | `swift.authurl`             | Swift authurl                                                                              | `nil`           |
 | `swift.container`           | Swift container                                                                            | `nil`           |
 | `proxy.enabled`             | If true, registry will function as a proxy/mirror                                          | `false`         |

templates/_helpers.tpl

@@ -108,6 +108,11 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this
   value: {{ .Values.s3.forcepathstyle | quote }}
 {{- end -}}
 
+{{- if .Values.s3.skipverify }}
+- name: REGISTRY_STORAGE_S3_SKIPVERIFY
+  value: {{ .Values.s3.skipverify | quote }}
+{{- end -}}
+
 {{- else if eq .Values.storage "swift" }}
 - name: REGISTRY_STORAGE_SWIFT_AUTHURL
   value: {{ required ".Values.swift.authurl is required" .Values.swift.authurl }}

values.yaml

@@ -105,6 +105,7 @@ secrets:
 #   encrypt: false
 #   secure: true
 #   forcepathstyle: true
+#   skipverify: true
 
 # Options for swift storage type:
 # swift: