Waiting for buildpacks/lifecycle#1140

We need to wait for platform 0.13 to work on this

We reviewed the Platform 0.13 scope yesterday during our WG meeting, I think we will unblock this issue soon

It should be possible to work on this one already - though there isn't a released lifecycle that supports it, we should be able to verify that the flag is passed all the way down from the command line invocation to the "lifecycle execution"

Adding a few notes here in case that makes it easier to pick up:

• We need to add a new string slice flag to pack build (example)
• We'll need to hold onto a list of insecure registries (here and here)
• When fetching images from the host, we need to provide the insecure registry options (here is where we'll need to provide the options to the fetcher and here is where the fetcher will use them)
• When fetching images from the container, we need to provide the insecure registry options to the lifecycle (here and by appending the flag for analyze, restore, export, create, and rebase)
• We'll probably want an acceptance test (but if needed a maintainer can help with this as our acceptance suite is a bit tricky)

Questions:

• Do we need to add warnings anywhere when insecure registry options are provided?

cc @jjbustamante

Thank you very much @natalieparellano, all those hints are great for new contributors.

Questions:
Do we need to add warnings anywhere when insecure registry options are provided?

I will say Yes, using an insecure registry is probably something just for development and it is valuable to add some warnings

@prashantrewar what about this one? do you want to give it a try?

@prashantrewar what about this one? do you want to give it a try?

Sure, I will try.

Thank you so much @jjbustamante

/assign

Hey @jjbustamante and @natalieparellano I have a question related to image.NewFetcher.

pkg/client/client.go

How should I pass the insecureRegistries values to the client?

@natalieparellano, could you please describe me more on the [rebase] (

hi @prashantrewar!

I think for the rebase we need the following:

• Add a new string slice flag to pack rebase command to get the insecure registry values
• When we are fetching the application images and the base image we need to pass through this value when invoking the fetching.

Hey, @jjbustamante and @natalieparellano I created a PR on this issue. Could you please take a look and suggest any changes if required?

Thank you for the help.