Add support for custom cacert

[pboutes]

Hello everybody,

I've closed this previous PR (#88) because I did not sync my fork with the upstream. So sorry for that.

this PR allows us to override cacerts that are used for all http communications, that is really useful to communicate with a private registry for example. There are already PRs about that (#39, #52) but they seem to be incomplete.

Here we basically define a new transport.Factory() class that will be able to add custom parameters (such as ca_certs, ...), and then pass it to the underlying httplib2.Http transport.

The CA can be override by using --cacert flag. If no flag is passed, we will use the default one CA embedded with the httplib2.

Example for pusher :

bazel run @containerregistry//:pusher.par -- --name="custom.registry/myimage:latest" --tarball="${PWD}/myimage.tar" --cacert="path_to_custom_crt"

[EdSchouten]

Hi there,

We would love to be able to use this at work, where we have a registry with a cert signed by an internal CA. Any chance this can get integrated at some point?

[EdSchouten]

Friendly ping.