github/kubelogin
1
0
Fork 0
mirror of https://github.com/int128/kubelogin.git synced 2026-02-14 16:39:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add insecure-skip-tls-verify option

Browse Source
This commit is contained in:
Hidetake Iwata
2018-08-16 09:34:12 +09:00
parent 4bf77886a8
commit b776bac764
2 changed files with 13 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@@ -15,7 +15,9 @@
kubelogin [OPTIONS]
Application Options:
--kubeconfig= Path to the kubeconfig file. (default: ~/.kube/config) [$KUBECONFIG]
--kubeconfig= Path to the kubeconfig file (default: ~/.kube/config) [$KUBECONFIG]
--insecure-skip-tls-verify If set, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
[$KUBELOGIN_INSECURE_SKIP_TLS_VERIFY]
Help Options:
-h, --help Show this help message

11
main.go
View File

@@ -2,17 +2,22 @@ package main
import (
"context"
"crypto/tls"
"fmt"
"log"
"net/http"
"github.com/int128/kubelogin/authn"
"github.com/int128/kubelogin/kubeconfig"
flags "github.com/jessevdk/go-flags"
homedir "github.com/mitchellh/go-homedir"
"golang.org/x/oauth2"
)
type options struct {
KubeConfig string `long:"kubeconfig" default:"~/.kube/config" env:"KUBECONFIG" description:"Path to the kubeconfig file."`
KubeConfig string `long:"kubeconfig" default:"~/.kube/config" env:"KUBECONFIG" description:"Path to the kubeconfig file"`
SkipTLSVerify bool `long:"insecure-skip-tls-verify" env:"KUBELOGIN_INSECURE_SKIP_TLS_VERIFY" description:"If set, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure"`
// CertificateAuthority string `long:"certificate-authority" env:"KUBELOGIN_CERTIFICATE_AUTHORITY" description:"Path to a cert file for the certificate authority"`
}
func (o *options) ExpandKubeConfig() (string, error) {
@@ -60,7 +65,11 @@ func main() {
log.Fatalf("Could not find auth-provider: %s", err)
}
client := &http.Client{Transport: &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: opts.SkipTLSVerify},
}}
ctx := context.Background()
ctx = context.WithValue(ctx, oauth2.HTTPClient, client)
token, err := authn.GetTokenSet(ctx, authProvider.IDPIssuerURL(), authProvider.ClientID(), authProvider.ClientSecret())
if err != nil {
log.Fatalf("Authentication error: %s", err)