Support passing --insecure-policy

src/imageproxy.rs

@@ -217,6 +217,9 @@ pub struct ImageProxyConfig {
     /// If set, disable TLS verification.  Equivalent to `skopeo --tls-verify=false`.
     pub insecure_skip_tls_verification: Option<bool>,
 
+    /// If set, disable signature verification. Equivalent to `skopeo --insecure-policy`.
+    pub insecure_policy: Option<bool>,
+
     /// Prefix to add to the user agent string. Equivalent to `skopeo --user-agent-prefix`.
     /// The resulting user agent will be in the format "prefix skopeo/version".
     /// This option is only used if the installed skopeo version supports it.
@@ -351,6 +354,10 @@ impl TryFrom<ImageProxyConfig> for Command {
             c.arg("--tls-verify=false");
         }
 
+        if config.insecure_policy.unwrap_or_default() {
+            c.arg("--insecure-policy");
+        }
+
         // Add user agent prefix if provided and supported by skopeo
         if let Some(user_agent_prefix) = config.user_agent_prefix {
             if supports_user_agent_prefix() {
@@ -902,6 +909,13 @@ mod tests {
         .unwrap();
         validate(c, &[r"--tls-verify=false"], &[]);
 
+        let c = Command::try_from(ImageProxyConfig {
+            insecure_policy: Some(true),
+            ..Default::default()
+        })
+        .unwrap();
+        validate(c, &[r"--insecure-policy"], &[]);
+
         let mut tmpf = cap_tempfile::TempFile::new_anonymous(tmpd).unwrap();
         tmpf.write_all(r#"{ "auths": {} "#.as_bytes()).unwrap();
         tmpf.seek(std::io::SeekFrom::Start(0)).unwrap();