Support insecure pull

[dtaniwaki]

I run a system which pushes a Docker image by user's request and creates another Docker images based on the built image. As I use insecure Docker registry in my local environment for this system, I also need to pull Docker images in an insecure manner.

Could you consider merging it? If the option --insecure should be separated for push and pull, please tell me, then I will make it like so.

[googlebot]

Thanks for your pull request. It looks like this may be your first contribution to a Google open source project (if not, look below for help). Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please visit https://cla.developers.google.com/ to sign.

Once you've signed (or fixed any issues), please reply here (e.g. I signed it!) and we'll verify it.

---

What to do if you already signed the CLA

Individual signers

• It's possible we don't have your GitHub username or you're using a different email address on your commit. Check your existing CLA data and verify that your email is set on your git commits.

Corporate signers

• Your company has a Point of Contact who decides which employees are authorized to participate. Ask your POC to be added to the group of authorized contributors. If you don't know who your Point of Contact is, direct the Google project maintainer to go/cla#troubleshoot (Public version).
• The email used to register you as an authorized contributor must be the email used for the Git commit. Check your existing CLA data and verify that your email is set on your git commits.
• The email used to register you as an authorized contributor must also be attached to your GitHub account.

[container-tools-bot]

Hi @dtaniwaki. Thanks for your PR.

I'm waiting for a GoogleContainerTools member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[googlebot]

CLAs look good, thanks!

[avorima]

@dtaniwaki I would really appreciate if the --insecure flag could be separated for push and pull.

I'm using a registry that doesn't allow HTTP for pulling images and pushing the resulting images after a build to an insecure registry. With this generalized option I don't see a way for this to be done without some intermediate steps.

[dtaniwaki]

@avorima That makes sense. How do the separated options look like? Maybe, --insecure-pull and --insecure-push?

[avorima]

@dtaniwaki That would be the most obvious choice, yes. Maybe even keep the --insecure flag and make it set both pull and push to true, to not break behaviour.

[dtaniwaki]

I'll make a pull request now.