Skip to content

Commit

Permalink
Added InsecureSkipVerify flag (#191)
Browse files Browse the repository at this point in the history
Signed-off-by: Eduardo Apolinario <[email protected]>
  • Loading branch information
pmahindrakar-oss authored and eapolinario committed Sep 13, 2023
1 parent 7d98d45 commit a23ee47
Show file tree
Hide file tree
Showing 5 changed files with 30 additions and 3 deletions.
15 changes: 13 additions & 2 deletions flyteidl/clients/go/admin/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package admin

import (
"context"
"crypto/tls"
"fmt"
"io/ioutil"
"strings"
Expand Down Expand Up @@ -185,7 +186,7 @@ func InitializeAuthMetadataClient(ctx context.Context, cfg *Config) (client serv
return service.NewAuthMetadataServiceClient(authMetadataConnection), nil
}

func NewAdminConnection(_ context.Context, cfg *Config, opts ...grpc.DialOption) (*grpc.ClientConn, error) {
func NewAdminConnection(ctx context.Context, cfg *Config, opts ...grpc.DialOption) (*grpc.ClientConn, error) {
if opts == nil {
// Initialize opts list to the potential number of options we will add. Initialization optimizes memory
// allocation.
Expand All @@ -196,7 +197,17 @@ func NewAdminConnection(_ context.Context, cfg *Config, opts ...grpc.DialOption)
opts = append(opts, grpc.WithInsecure())
} else {
// TODO: as of Go 1.11.4, this is not supported on Windows. https://github.com/golang/go/issues/16736
creds := credentials.NewClientTLSFromCert(nil, "")
var creds credentials.TransportCredentials
if cfg.InsecureSkipVerify {
logger.Warnf(ctx, "using insecureSkipVerify. Server's certificate chain and host name wont be verified. Caution : shouldn't be used for production usecases")
tlsConfig := &tls.Config{
InsecureSkipVerify: true, //nolint

}
creds = credentials.NewTLS(tlsConfig)
} else {
creds = credentials.NewClientTLSFromCert(nil, "")
}
opts = append(opts, grpc.WithTransportCredentials(creds))
}

Expand Down
2 changes: 1 addition & 1 deletion flyteidl/clients/go/admin/client_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ func TestGetAdditionalAdminClientConfigOptions(t *testing.T) {
})

t.Run("legal-from-config", func(t *testing.T) {
clientSet, err := initializeClients(ctx, &Config{}, nil)
clientSet, err := initializeClients(ctx, &Config{InsecureSkipVerify: true}, nil)
assert.NoError(t, err)
assert.NotNil(t, clientSet)
assert.NotNil(t, clientSet.AuthMetadataClient())
Expand Down
1 change: 1 addition & 0 deletions flyteidl/clients/go/admin/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ const (
type Config struct {
Endpoint config.URL `json:"endpoint" pflag:",For admin types, specify where the uri of the service is located."`
UseInsecureConnection bool `json:"insecure" pflag:",Use insecure connection."`
InsecureSkipVerify bool `json:"insecureSkipVerify" pflag:",InsecureSkipVerify controls whether a client verifies the server's certificate chain and host name. Caution : shouldn't be use for production usecases'"`
MaxBackoffDelay config.Duration `json:"maxBackoffDelay" pflag:",Max delay for grpc backoff"`
PerRetryTimeout config.Duration `json:"perRetryTimeout" pflag:",gRPC per retry timeout"`
MaxRetries int `json:"maxRetries" pflag:",Max number of gRPC retries"`
Expand Down
1 change: 1 addition & 0 deletions flyteidl/clients/go/admin/config_flags.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

14 changes: 14 additions & 0 deletions flyteidl/clients/go/admin/config_flags_test.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit a23ee47

Please sign in to comment.