Skip to content
This repository was archived by the owner on Jun 19, 2020. It is now read-only.

Support insecure-skip-tls-verify and timeout #7

Merged
ricoberger merged 1 commit into from
Apr 22, 2020
Merged

Support insecure-skip-tls-verify and timeout #7

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 6 additions & 4 deletions request/request.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,17 +36,17 @@ type APIError struct {
}

// Do runs the given HTTP request.
func Do(method, url, body, certificateAuthorityData, clientCertificateData, clientKeyData, token, username, password string) (string, error) {
func Do(method, url, body, certificateAuthorityData, clientCertificateData, clientKeyData, token, username, password string, insecureSkipTLSVerify bool, timeout int64) (string, error) {
var tlsConfig *tls.Config
var err error

tlsConfig, err = httpClientForRootCAs(certificateAuthorityData, clientCertificateData, clientKeyData)
tlsConfig, err = httpClientForRootCAs(certificateAuthorityData, clientCertificateData, clientKeyData, insecureSkipTLSVerify)
if err != nil {
return "", err
}

client := &http.Client{
Timeout: 60 * time.Second,
Timeout: time.Duration(timeout) * time.Second,
Transport: &http.Transport{
TLSClientConfig: tlsConfig,
Proxy: http.ProxyFromEnvironment,
Expand Down Expand Up @@ -100,7 +100,7 @@ func Do(method, url, body, certificateAuthorityData, clientCertificateData, clie
}

// httpClientForRootCAs return an HTTP client which trusts the provided root CAs.
func httpClientForRootCAs(certificateAuthorityData, clientCertificateData, clientKeyData string) (*tls.Config, error) {
func httpClientForRootCAs(certificateAuthorityData, clientCertificateData, clientKeyData string, insecureSkipTLSVerify bool) (*tls.Config, error) {
tlsConfig := tls.Config{}

if certificateAuthorityData != "" {
Expand All @@ -121,6 +121,8 @@ func httpClientForRootCAs(certificateAuthorityData, clientCertificateData, clien
tlsConfig.Certificates = []tls.Certificate{cert}
}

tlsConfig.InsecureSkipVerify = insecureSkipTLSVerify

return &tlsConfig, nil
}

Expand Down
21 changes: 16 additions & 5 deletions request/request_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
// Usage:
// export API_URL=
// export CERTIFICATE_AUTHORITY_DATA=
// export CLIENT_CERTIFICATE_DATA=
// export CLIENT_KEY_DATA=
// export CERTIFICATE_AUTHORITY_DATA=`echo -n "<BASE64>" | base64 --decode`
// export CLIENT_CERTIFICATE_DATA=`echo -n "<BASE64>" | base64 --decode`
// export CLIENT_KEY_DATA=`echo -n "<BASE64>" | base64 --decode`
// export API_TOKEN=
// export API_USERNAME=
// export API_PASSWORD=
// export INSECURE_SKIP_TLS_VERIFY=
//
// make test
package request
Expand All @@ -24,8 +25,13 @@ func TestDoNamespaces(t *testing.T) {
username := os.Getenv("API_USERNAME")
password := os.Getenv("API_PASSWORD")

var insecureSkipTLSVerify bool
if os.Getenv("INSECURE_SKIP_TLS_VERIFY") != "" {
insecureSkipTLSVerify = true
}

// Get namespaces
data, err := Do("GET", url+"/api/v1/namespaces", "", certificateAuthorityData, clientCertificateData, clientKeyData, token, username, password)
data, err := Do("GET", url+"/api/v1/namespaces", "", certificateAuthorityData, clientCertificateData, clientKeyData, token, username, password, insecureSkipTLSVerify, 5)
if err != nil {
t.Errorf("Could not get namespaces: %s", err.Error())
}
Expand All @@ -42,8 +48,13 @@ func TestDoNonexistingResource(t *testing.T) {
username := os.Getenv("API_USERNAME")
password := os.Getenv("API_PASSWORD")

var insecureSkipTLSVerify bool
if os.Getenv("INSECURE_SKIP_TLS_VERIFY") != "" {
insecureSkipTLSVerify = true
}

// Try to get nonexisting resource
_, err := Do("GET", url+"/api/v1/nonexisting-resource", "", certificateAuthorityData, clientCertificateData, clientKeyData, token, username, password)
_, err := Do("GET", url+"/api/v1/nonexisting-resource", "", certificateAuthorityData, clientCertificateData, clientKeyData, token, username, password, insecureSkipTLSVerify, 5)
if err == nil {
t.Errorf("Get resource instead of nonexisting resource error")
}
Expand Down