Skip to content

feat(oci): support for insecure registries#2844

Open
brandtkeller wants to merge 3 commits intoguacsec:mainfrom
brandtkeller:2828_insecure_oci
Open

feat(oci): support for insecure registries#2844
brandtkeller wants to merge 3 commits intoguacsec:mainfrom
brandtkeller:2828_insecure_oci

Conversation

@brandtkeller
Copy link

@brandtkeller brandtkeller commented Feb 5, 2026

Description of the PR

This PR implements support for configurable TLS verification settings on the OCI collectors. This is allows for prototyping and deployments with othewise insecure registries.

The updates use an options struct for future extension. I'll create an additional issue to support self-signed client cacert/client-cert/client-key and this pattern will allow extensions naturally.

Fixes #2828

PR Checklist

  • All commits have a Developer Certificate of Origin (DCO) -- they are generated using -s flag to git commit.
  • All new changes are covered by tests
  • If GraphQL schema is changed, make generate has been run
  • If GraphQL schema is changed, GraphQL client updates/additions have been made
  • If OpenAPI spec is changed, make generate has been run
  • If ent schema is changed, make generate has been run
  • If collectsub protobuf has been changed, make proto has been run
  • All CI checks are passing (tests and formatting)
  • All dependent PRs have already been merged

@brandtkeller
feat(oci): support for insecure registries
fdc0066 
Signed-off-by: Brandt Keller <brandt.keller@defenseunicorns.com>
@brandtkeller
feat(oci): deduplicate logic between CLI utilities
4c15e07 
Signed-off-by: Brandt Keller <brandt.keller@defenseunicorns.com>
@brandtkeller
feat(oci): refactor for options pattern
643b6fb 
Signed-off-by: Brandt Keller <brandt.keller@defenseunicorns.com>
pxp928
pxp928 approved these changes Feb 5, 2026
View reviewed changes
Copy link
Collaborator

@pxp928 pxp928 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mihaimaruseac mihaimaruseac mihaimaruseac approved these changes

@pxp928 pxp928 pxp928 approved these changes

@jeffmendoza jeffmendoza Awaiting requested review from jeffmendoza jeffmendoza is a code owner

Assignees

No one assigned

Labels

size/L

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[feature] Support for TLS configuration on OCI Collector

3 participants

@brandtkeller @mihaimaruseac @pxp928