Add insecure flag for insecure TLS connections

kayrus · kayrus · commit 7fd7267ad362 · 2024-07-15T22:21:03.000+02:00
diff --git a/README.md b/README.md
@@ -50,6 +50,7 @@ Flags:
   -d, --debug                                     print out request and response objects
   -h, --help                                      help for cyclone
       --image-web-download                        use Glance web-download image import method
+  -k, --insecure                                  Allow insecure server connections (use if you understand the risks)
   -n, --no                                        assume "no" to all questions
       --timeout-backup string                     timeout to wait for a backup status (default "24h")
       --timeout-image string                      timeout to wait for an image status (default "24h")
diff --git a/pkg/main.go b/pkg/main.go
@@ -108,6 +108,7 @@ func initRootCmdFlags() {
 	RootCmd.PersistentFlags().StringP("timeout-secret", "", "24h", "timeout to wait for a secret status")
 	RootCmd.PersistentFlags().StringP("timeout-security-group", "", "24h", "timeout to wait for a security group status")
 	RootCmd.PersistentFlags().BoolP("image-web-download", "", false, "use Glance web-download image import method")
+	RootCmd.PersistentFlags().BoolP("insecure", "k", false, "Allow insecure server connections (use if you understand the risks)")
 
 	err := viper.BindPFlag("debug", RootCmd.PersistentFlags().Lookup("debug"))
 	if err != nil {
@@ -201,6 +202,10 @@ func initRootCmdFlags() {
 	if err != nil {
 		panic(err)
 	}
+	err = viper.BindPFlag("insecure", RootCmd.PersistentFlags().Lookup("insecure"))
+	if err != nil {
+		panic(err)
+	}
 }
 
 func parseTimeoutArg(arg string, dst *float64, errors *[]error) {
diff --git a/pkg/utils.go b/pkg/utils.go
@@ -2,13 +2,15 @@ package pkg
 
 import (
 	"context"
+	"crypto/tls"
 	"fmt"
 	"net/http"
 	"os"
 	"strings"
 	"sync"
 	"time"
 
+	"github.com/spf13/viper"
 	"golang.org/x/term"
 
 	"github.com/gophercloud/gophercloud/v2"
@@ -84,12 +86,19 @@ func newOpenStackClient(ctx context.Context, loc Location) (*gophercloud.Provide
 	}
 	provider.UserAgent.Prepend("cyclone/" + Version)
 
+	insecure := viper.GetBool("insecure")
+	tlsConfig := &tls.Config{
+		InsecureSkipVerify: insecure,
+	}
+
 	// debug logger is enabled by default and writes logs into a cyclone temp dir
 	provider.HTTPClient = http.Client{
 		Transport: &client.RoundTripper{
 			MaxRetries: 5,
-			Rt:         &http.Transport{},
-			Logger:     &logger{Prefix: loc.Origin},
+			Rt: &http.Transport{
+				TLSClientConfig: tlsConfig,
+			},
+			Logger: &logger{Prefix: loc.Origin},
 		},
 	}
 
