From dc259f2fcee1645d11c0ec151112331bc5b70d9e Mon Sep 17 00:00:00 2001 From: Chaim Lev-Ari Date: Sun, 21 May 2023 12:27:32 +0700 Subject: [PATCH] fix(stacks): confirm enable tls verification [EE-5410] (#8895) --- .../kubernetes-redeploy-app-git-form.controller.js | 8 ++++++++ .../stack-redeploy-git-form.controller.js | 14 ++++++++++++-- app/react/portainer/gitops/utils.ts | 10 ++++++++++ 3 files changed, 30 insertions(+), 2 deletions(-) diff --git a/app/portainer/components/forms/kubernetes-redeploy-app-git-form/kubernetes-redeploy-app-git-form.controller.js b/app/portainer/components/forms/kubernetes-redeploy-app-git-form/kubernetes-redeploy-app-git-form.controller.js index e18232f34..e4eff1ca6 100644 --- a/app/portainer/components/forms/kubernetes-redeploy-app-git-form/kubernetes-redeploy-app-git-form.controller.js +++ b/app/portainer/components/forms/kubernetes-redeploy-app-git-form/kubernetes-redeploy-app-git-form.controller.js @@ -4,6 +4,7 @@ import { buildConfirmButton } from '@@/modals/utils'; import { ModalType } from '@@/modals'; import { parseAutoUpdateResponse } from '@/react/portainer/gitops/AutoUpdateFieldset/utils'; import { baseStackWebhookUrl, createWebhookId } from '@/portainer/helpers/webhookHelper'; +import { confirmEnableTLSVerify } from '@/react/portainer/gitops/utils'; class KubernetesRedeployAppGitFormController { /* @ngInject */ @@ -71,6 +72,13 @@ class KubernetesRedeployAppGitFormController { onChangeTLSSkipVerify(value) { return this.$async(async () => { + if (this.stack.GitConfig.TLSSkipVerify && !value) { + const confirmed = await confirmEnableTLSVerify(); + + if (!confirmed) { + return; + } + } this.onChange({ TLSSkipVerify: value }); }); } diff --git a/app/portainer/components/forms/stack-redeploy-git-form/stack-redeploy-git-form.controller.js b/app/portainer/components/forms/stack-redeploy-git-form/stack-redeploy-git-form.controller.js index 4e436c208..8fc48e276 100644 --- a/app/portainer/components/forms/stack-redeploy-git-form/stack-redeploy-git-form.controller.js +++ b/app/portainer/components/forms/stack-redeploy-git-form/stack-redeploy-git-form.controller.js @@ -4,6 +4,7 @@ import { confirmStackUpdate } from '@/react/docker/stacks/common/confirm-stack-u import { parseAutoUpdateResponse } from '@/react/portainer/gitops/AutoUpdateFieldset/utils'; import { baseStackWebhookUrl, createWebhookId } from '@/portainer/helpers/webhookHelper'; +import { confirmEnableTLSVerify } from '@/react/portainer/gitops/utils'; class StackRedeployGitFormController { /* @ngInject */ @@ -95,8 +96,17 @@ class StackRedeployGitFormController { this.onChange({ Env: value }); } - onChangeTLSSkipVerify(value) { - this.onChange({ TLSSkipVerify: value }); + async onChangeTLSSkipVerify(value) { + return this.$async(async () => { + if (this.model.TLSSkipVerify && !value) { + const confirmed = await confirmEnableTLSVerify(); + + if (!confirmed) { + return; + } + } + this.onChange({ TLSSkipVerify: value }); + }); } onChangeOption(values) { diff --git a/app/react/portainer/gitops/utils.ts b/app/react/portainer/gitops/utils.ts index 676756f55..2b5157890 100644 --- a/app/react/portainer/gitops/utils.ts +++ b/app/react/portainer/gitops/utils.ts @@ -1,3 +1,5 @@ +import { confirm } from '@@/modals/confirm'; + import { GitFormModel } from './types'; export function getAuthentication( @@ -18,3 +20,11 @@ export function getAuthentication( password: model.RepositoryPassword, }; } + +export function confirmEnableTLSVerify() { + return confirm({ + title: 'Enable TLS Verification?', + message: + 'Enabling the verification of TLS certificates without ensuring the correct configuration of your Certificate Authority (CA) for self-signed certificates can result in deployment failures.', + }); +}