Support SSL in the CLI

Make the CLI allow server host names to be prefixed with "http://" or "https://" so that the CLI can talk to a server which is running behind an SSL proxy.
quantopian · Oct 4, 2018 · 4b0fcc6 · 4b0fcc6
1 parent fb30ceb
commit 4b0fcc6
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 11 deletions.
diff --git a/README.md b/README.md
@@ -217,6 +217,11 @@ settings that it can or must contain:
 2. `cmcli configure [--host server-host-name] [--port server-port]
         [--auth-key key | --no-auth-key]`
 
+The `--host` argument can take a URL base (i.e.,
+`http://server-host-name` or `https://server-host-name`) as well. This
+is useful if, for example, you've put your Coal Mine server behind an
+SSL proxy so the CLI needs to use SSL to connect to it.
+
 The CLI stores its configuration in `~/.coal-mine.ini`. Note that the
 authentication key is stored in plaintext. Any configuration
 parameters the CLI needs that aren't stored in the INI file must be

diff --git a/coal_mine/cli.py b/coal_mine/cli.py
@@ -47,14 +47,10 @@ def doit(args, config_file):
     connect_parser = argparse.ArgumentParser(add_help=False)
     host_default = section.get('host', 'localhost')
     connect_parser.add_argument('--host', action='store',
-                                help="Server host name (default {})".format(
-                                    host_default),
-                                default=host_default)
-    port_default = section.getint('port', 80)
+                                help="Server host name or URL (default {})".
+                                format(host_default), default=host_default)
     connect_parser.add_argument('--port', action='store', type=int,
-                                help='Server port (default {})'.format(
-                                    port_default),
-                                default=port_default)
+                                help='Server port')
     auth_key_group = connect_parser.add_mutually_exclusive_group()
     auth_key_default = section.get('auth-key', None)
     auth_key_group.add_argument('--auth-key', action='store',
@@ -148,6 +144,16 @@ def doit(args, config_file):
     unpause_parser.set_defaults(func=handle_unpause)
 
     args = parser.parse_args(args)
+
+    url = ''
+    if not re.match(r'^https?:', args.host):
+        url += 'http://'
+    url += args.host
+    if args.port:
+        url += ':{}'.format(args.port)
+    url += '/coal-mine/v1/canary/'
+    args.url = url
+
     try:
         if args.no_auth_key:
             args.auth_key = None
@@ -161,7 +167,8 @@ def doit(args, config_file):
 def handle_configure(args):
     section = args.config_parser[config_section]
     section['host'] = args.host
-    section['port'] = str(args.port)
+    if args.port:
+        section['port'] = str(args.port)
     if args.auth_key:
         section['auth-key'] = args.auth_key
     elif args.no_auth_key:
@@ -231,16 +238,15 @@ def handle_unpause(args):
 
 
 def call(command, args, payload=None, action='print', filter=None):
-    url = 'http://{}:{}/coal-mine/v1/canary/{}'.format(
-        args.host, args.port, command)
+    url = args.url + command
     if payload:
         if args.auth_key:
             payload['auth_key'] = args.auth_key
     else:
         payload = {key: (getattr(args, key) if key == 'email'
                          else str(getattr(args, key)))
                    for key in dir(args)
-                   if key not in ('host', 'port', 'func') and
+                   if key not in ('host', 'port', 'func', 'url') and
                    not key.startswith('_') and
                    getattr(args, key) is not None and
                    not (key == 'email' and getattr(args, key) == [])}