Add WithTLSClientConfigVerification function to enable setting TLS verification flag without env var #46599

Signed-off-by: Luis Cavalcante <luis@turbot.com>
2023-11-16 20:13:09 -03:00 · 2023-11-16 20:13:09 -03:00 · 783362322a
commit 783362322a
parent f6fa56194f
1 changed files with 19 additions and 0 deletions
--- a/client/options.go
+++ b/client/options.go
@ -154,6 +154,25 @@ func WithTLSClientConfig(cacertPath, certPath, keyPath string) Opt {
 	}
 }

+func WithInsecureSkipVerifyTLSClientConfig(certPath, keyPath string) Opt {
+	return func(c *Client) error {
+		opts := tlsconfig.Options{
+			CertFile:           certPath,
+			KeyFile:            keyPath,
+			InsecureSkipVerify: true,
+		}
+		config, err := tlsconfig.Client(opts)
+		if err != nil {
+			return errors.Wrap(err, "failed to create tls config")
+		}
+		if transport, ok := c.client.Transport.(*http.Transport); ok {
+			transport.TLSClientConfig = config
+			return nil
+		}
+		return errors.Errorf("cannot apply tls config to transport: %T", c.client.Transport)
+	}
+}
+
 // WithTLSClientConfigFromEnv configures the client's TLS settings with the
 // settings in the DOCKER_CERT_PATH ([EnvOverrideCertPath]) and DOCKER_TLS_VERIFY
 // ([EnvTLSVerify]) environment variables. If DOCKER_CERT_PATH is not set or empty,