Skip to content

Commit

Permalink
Add an option to skip certificate verifications
Browse files Browse the repository at this point in the history
  • Loading branch information
@svanharmelen
svanharmelen committed Sep 26, 2019
1 parent 5d1a640 commit 5091d12
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 1 deletion.
23 changes: 22 additions & 1 deletion tfe/provider.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,11 @@ package tfe

import (
"context"
"crypto/tls"
"fmt"
"io/ioutil"
"log"
"net/http"
"net/url"
"os"
"sort"
Expand Down Expand Up @@ -59,6 +61,13 @@ func Provider() terraform.ResourceProvider {
Description: descriptions["token"],
DefaultFunc: schema.EnvDefaultFunc("TFE_TOKEN", nil),
},

"ssl_skip_verify": {
Type: schema.TypeBool,
Optional: true,
Description: descriptions["ssl_skip_verify"],
DefaultFunc: schema.EnvDefaultFunc("TFE_SSL_SKIP_VERIFY", false),
},
},

DataSourcesMap: map[string]*schema.Resource{
Expand Down Expand Up @@ -181,7 +190,18 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
}

httpClient := tfe.DefaultConfig().HTTPClient
httpClient.Transport = logging.NewTransport("TFE", httpClient.Transport)

// Make sure the transport has a TLS config.
transport := httpClient.Transport.(*http.Transport)
if transport.TLSClientConfig == nil {
transport.TLSClientConfig = &tls.Config{}
}

// Configure the certificate verification options.
transport.TLSClientConfig.InsecureSkipVerify = d.Get("ssl_skip_verify").(bool)

// Wrap the configured transport to enable logging.
httpClient.Transport = logging.NewTransport("TFE", transport)

// Create a new TFE client config
cfg := &tfe.Config{
Expand Down Expand Up @@ -362,4 +382,5 @@ var descriptions = map[string]string{
"hostname": "The Terraform Enterprise hostname to connect to. Defaults to app.terraform.io.",
"token": "The token used to authenticate with Terraform Enterprise. We recommend omitting\n" +
"the token which can be set as credentials in the CLI config file.",
"ssl_skip_verify": "Whether or not to skip certificate verifications.",
}
3 changes: 3 additions & 0 deletions website/docs/index.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,3 +70,6 @@ The following arguments are supported:
in the [CLI config file](/docs/commands/cli-config.html#credentials) or set
the `TFE_TOKEN` environment variable. See [Authentication](#authentication)
above for more.
* `ssl_skip_verify` - (Optional) Whether or not to skip certificate verifications.
Defaults to `false`. Can be overridden setting the `TFE_SSL_SKIP_VERIFY`
environment variable.

0 comments on commit 5091d12

Please sign in to comment.