feat: Add options to skip TLS validation

tembleking · tembleking · commit 23b1e0751f39 · 2020-05-11T09:51:10.000+02:00
Signed-off-by: Federico Barcelona &lt;fede_rico_94@hotmail.com&gt;
diff --git a/sysdig/monitor/client.go b/sysdig/monitor/client.go
@@ -1,6 +1,7 @@
 package monitor
 
 import (
+	"crypto/tls"
 	"io"
 	"net/http"
 )
@@ -12,11 +13,17 @@ type SysdigMonitorClient interface {
 	GetAlertById(int) (Alert, error)
 }
 
-func NewSysdigMonitorClient(apiToken string, url string) SysdigMonitorClient {
+func NewSysdigMonitorClient(apiToken string, url string, insecure bool) SysdigMonitorClient {
+	httpClient := &http.Client{
+		Transport: &http.Transport{
+			TLSClientConfig: &tls.Config{InsecureSkipVerify: insecure},
+		},
+	}
+
 	return &sysdigMonitorClient{
 		SysdigMonitorAPIToken: apiToken,
 		URL:                   url,
-		httpClient:            http.DefaultClient,
+		httpClient:            httpClient,
 	}
 }
 
diff --git a/sysdig/provider.go b/sysdig/provider.go
@@ -19,6 +19,11 @@ func Provider() terraform.ResourceProvider {
 				Optional:    true,
 				DefaultFunc: schema.EnvDefaultFunc("SYSDIG_SECURE_URL", "https://secure.sysdig.com"),
 			},
+			"sysdig_secure_insecure_tls": {
+				Type:        schema.TypeBool,
+				Optional:    true,
+				DefaultFunc: schema.EnvDefaultFunc("SYSDIG_SECURE_INSECURE_TLS", false),
+			},
 			"sysdig_monitor_api_token": {
 				Type:        schema.TypeString,
 				Optional:    true,
@@ -30,6 +35,11 @@ func Provider() terraform.ResourceProvider {
 				Optional:    true,
 				DefaultFunc: schema.EnvDefaultFunc("SYSDIG_MONITOR_URL", "https://app.sysdigcloud.com"),
 			},
+			"sysdig_monitor_insecure_tls": {
+				Type:        schema.TypeBool,
+				Optional:    true,
+				DefaultFunc: schema.EnvDefaultFunc("SYSDIG_MONITOR_INSECURE_TLS", false),
+			},
 		},
 		ResourcesMap: map[string]*schema.Resource{
 			"sysdig_user": resourceSysdigUser(),
diff --git a/sysdig/secure/client.go b/sysdig/secure/client.go
@@ -1,6 +1,7 @@
 package secure
 
 import (
+	"crypto/tls"
 	"io"
 	"log"
 	"net/http"
@@ -45,11 +46,17 @@ type SysdigSecureClient interface {
 	UpdateMacro(Macro) (Macro, error)
 }
 
-func NewSysdigSecureClient(sysdigSecureAPIToken string, url string) SysdigSecureClient {
+func NewSysdigSecureClient(sysdigSecureAPIToken string, url string, insecure bool) SysdigSecureClient {
+	httpClient := &http.Client{
+		Transport: &http.Transport{
+			TLSClientConfig: &tls.Config{InsecureSkipVerify: insecure},
+		},
+	}
+
 	return &sysdigSecureClient{
 		SysdigSecureAPIToken: sysdigSecureAPIToken,
 		URL:                  url,
-		httpClient:           http.DefaultClient,
+		httpClient:           httpClient,
 	}
 }
 
diff --git a/sysdig/sysdig_clients.go b/sysdig/sysdig_clients.go
@@ -32,6 +32,7 @@ func (c *sysdigClients) sysdigMonitorClient() (m monitor.SysdigMonitorClient, er
 		c.monitorClient = monitor.NewSysdigMonitorClient(
 			monitorAPIToken,
 			c.d.Get("sysdig_monitor_url").(string),
+			c.d.Get("sysdig_monitor_insecure_tls").(bool),
 		)
 	})
 
@@ -49,6 +50,7 @@ func (c *sysdigClients) sysdigSecureClient() (s secure.SysdigSecureClient, err e
 		c.secureClient = secure.NewSysdigSecureClient(
 			secureAPIToken,
 			c.d.Get("sysdig_secure_url").(string),
+			c.d.Get("sysdig_secure_insecure_tls").(bool),
 		)
 	})
 

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,7 @@`
`1`	`1`	`package monitor`
`2`	`2`
`3`	`3`	`import (`
	`4`	`+ "crypto/tls"`
`4`	`5`	`"io"`
`5`	`6`	`"net/http"`
`6`	`7`	`)`
`@@ -12,11 +13,17 @@ type SysdigMonitorClient interface {`
`12`	`13`	`GetAlertById(int) (Alert, error)`
`13`	`14`	`}`
`14`	`15`
`15`		`-func NewSysdigMonitorClient(apiToken string, url string) SysdigMonitorClient {`
	`16`	`+func NewSysdigMonitorClient(apiToken string, url string, insecure bool) SysdigMonitorClient {`
	`17`	`+ httpClient := &http.Client{`
	`18`	`+ Transport: &http.Transport{`
	`19`	`+ TLSClientConfig: &tls.Config{InsecureSkipVerify: insecure},`
	`20`	`+ },`
	`21`	`+ }`
	`22`	`+`
`16`	`23`	`return &sysdigMonitorClient{`
`17`	`24`	`SysdigMonitorAPIToken: apiToken,`
`18`	`25`	`URL: url,`
`19`		`- httpClient: http.DefaultClient,`
	`26`	`+ httpClient: httpClient,`
`20`	`27`	`}`
`21`	`28`	`}`
`22`	`29`
Original file line number	Diff line number	Diff line change
`@@ -32,6 +32,7 @@ func (c *sysdigClients) sysdigMonitorClient() (m monitor.SysdigMonitorClient, er`
`32`	`32`	`c.monitorClient = monitor.NewSysdigMonitorClient(`
`33`	`33`	`monitorAPIToken,`
`34`	`34`	`c.d.Get("sysdig_monitor_url").(string),`
	`35`	`+ c.d.Get("sysdig_monitor_insecure_tls").(bool),`
`35`	`36`	`)`
`36`	`37`	`})`
`37`	`38`
`@@ -49,6 +50,7 @@ func (c *sysdigClients) sysdigSecureClient() (s secure.SysdigSecureClient, err e`
`49`	`50`	`c.secureClient = secure.NewSysdigSecureClient(`
`50`	`51`	`secureAPIToken,`
`51`	`52`	`c.d.Get("sysdig_secure_url").(string),`
	`53`	`+ c.d.Get("sysdig_secure_insecure_tls").(bool),`
`52`	`54`	`)`
`53`	`55`	`})`
`54`	`56`