github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #1538 from smarterclayton/allow_skip_tls_verify 

Allow clients to skip TLS verification
pull/6/head
erictune 2014-10-02 11:49:40 -07:00
parent 40f9201610 7af3c7d75e
commit 0a2e208e8f
3 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/kubecfg/kubecfg.go
View File

@ -66,6 +66,7 @@ func init() {
flag.StringVar(&clientConfig.CAFile, "certificate_authority", "", "Path to a cert. file for the certificate authority") flag.StringVar(&clientConfig.CAFile, "certificate_authority", "", "Path to a cert. file for the certificate authority")
flag.StringVar(&clientConfig.CertFile, "client_certificate", "", "Path to a client certificate for TLS.") flag.StringVar(&clientConfig.CertFile, "client_certificate", "", "Path to a client certificate for TLS.")
flag.StringVar(&clientConfig.KeyFile, "client_key", "", "Path to a client key file for TLS.") flag.StringVar(&clientConfig.KeyFile, "client_key", "", "Path to a client key file for TLS.")
flag.BoolVar(&clientConfig.Insecure, "insecure_skip_tls_verify", clientConfig.Insecure, "If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure.")
} }
var parser = kubecfg.NewParser(map[string]runtime.Object{ var parser = kubecfg.NewParser(map[string]runtime.Object{
@ -197,6 +198,9 @@ func main() {
if auth.KeyFile != "" { if auth.KeyFile != "" {
clientConfig.KeyFile = auth.KeyFile clientConfig.KeyFile = auth.KeyFile
} }
if auth.Insecure != nil {
clientConfig.Insecure = *auth.Insecure
}
} }
kubeClient, err := client.New(clientConfig) kubeClient, err := client.New(clientConfig)
if err != nil { if err != nil {

2
pkg/client/flags.go
View File

@ -20,10 +20,12 @@ package client
// and cobra pflags (Posix style). // and cobra pflags (Posix style).
type FlagSet interface { type FlagSet interface {
StringVar(p *string, name, value, usage string) StringVar(p *string, name, value, usage string)
BoolVar(p *bool, name string, value bool, usage string)
} }
// BindClientConfigFlags registers a standard set of CLI flags for connecting to a Kubernetes API server. // BindClientConfigFlags registers a standard set of CLI flags for connecting to a Kubernetes API server.
func BindClientConfigFlags(flags FlagSet, config *Config) { func BindClientConfigFlags(flags FlagSet, config *Config) {
flags.StringVar(&config.Host, "master", config.Host, "The address of the Kubernetes API server") flags.StringVar(&config.Host, "master", config.Host, "The address of the Kubernetes API server")
flags.StringVar(&config.Version, "api_version", config.Version, "The API version to use when talking to the server") flags.StringVar(&config.Version, "api_version", config.Version, "The API version to use when talking to the server")
flags.BoolVar(&config.Insecure, "insecure_skip_tls_verify", config.Insecure, "If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure.")
} }

1
pkg/kubecfg/kubecfg.go
View File

@ -57,6 +57,7 @@ type AuthInfo struct {
CAFile string CAFile string
CertFile string CertFile string
KeyFile string KeyFile string
Insecure *bool
} }
// LoadAuthInfo parses an AuthInfo object from a file path. It prompts user and creates file if it doesn't exist. // LoadAuthInfo parses an AuthInfo object from a file path. It prompts user and creates file if it doesn't exist.