Skip to content

feat: Allow using self-signed certificates in HTTPS health tests #39

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
ilaborie merged 1 commit into from
Dec 20, 2024
Merged

feat: Allow using self-signed certificates in HTTPS health tests #39

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 17 additions & 1 deletion rustainers/src/container/wait_condition.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,11 @@ pub enum WaitStrategy {
HttpSuccess {
/// If we use HTTPS instead of HTTP
https: bool,
/// If TLS certificates are validated.
///
/// Setting this field to `false` will allow self-signed certificates to be used.
/// This setting is used only when `https` is set to `true`.
require_valid_certs: bool,
/// The path to check
path: String,
/// The container port
Expand Down Expand Up @@ -82,6 +87,7 @@ impl WaitStrategy {
let container_port = Port(80);
Self::HttpSuccess {
https: false,
require_valid_certs: true,
path,
container_port,
}
Expand All @@ -93,6 +99,7 @@ impl WaitStrategy {
let container_port = Port(443);
Self::HttpSuccess {
https: true,
require_valid_certs: true,
path,
container_port,
}
Expand Down Expand Up @@ -168,12 +175,21 @@ impl Display for WaitStrategy {
Self::State(state) => write!(f, "State {state}"),
Self::HttpSuccess {
https,
require_valid_certs,
path,
container_port,
} => write!(
f,
"HTTP success {}on path path {path} with container port {container_port}",
if *https { "(HTTPS)" } else { "" }
if *https {
if *require_valid_certs {
"(HTTPS with valid certs)"
} else {
"(HTTPS with self-signed certs)"
}
} else {
""
}
),
Self::ScanPort {
container_port,
Expand Down
10 changes: 9 additions & 1 deletion rustainers/src/runner/inner.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -279,6 +279,7 @@ pub(crate) trait InnerRunner: Display + Debug + Send + Sync {
}
WaitStrategy::HttpSuccess {
https,
require_valid_certs,
path,
container_port,
} => {
Expand All @@ -291,7 +292,14 @@ pub(crate) trait InnerRunner: Display + Debug + Send + Sync {
"{scheme}://127.0.0.1:{host_port}/{}",
path.trim_start_matches('/')
);
let Ok(response) = reqwest::get(&url).await else {
let Ok(client) = reqwest::ClientBuilder::new()
.danger_accept_invalid_certs(!require_valid_certs)
.build()
else {
warn!(%url,"Could not create new client, will retry later");
continue;
};
let Ok(response) = client.get(&url).send().await else {
warn!(%url,"Fail to get the URL, will retry later");
continue;
};
Expand Down
Loading