beenull/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add WithTLSClientConfigVerification function to enable setting TLS verification flag without env var #46599

Browse source 
Signed-off-by: Luis Cavalcante <luis@turbot.com>
This commit is contained in:
Luis Cavalcante 2023-11-16 20:13:09 -03:00
parent f6fa56194f
commit 783362322a
No known key found for this signature in database
GPG key ID: E9302DB9DCFA3E2E
1 changed files with 19 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
client/options.go
View file

@ -154,6 +154,25 @@ func WithTLSClientConfig(cacertPath, certPath, keyPath string) Opt {
} }
} }
func WithInsecureSkipVerifyTLSClientConfig(certPath, keyPath string) Opt {
return func(c *Client) error {
opts := tlsconfig.Options{
CertFile: certPath,
KeyFile: keyPath,
InsecureSkipVerify: true,
}
config, err := tlsconfig.Client(opts)
if err != nil {
return errors.Wrap(err, "failed to create tls config")
}
if transport, ok := c.client.Transport.(*http.Transport); ok {
transport.TLSClientConfig = config
return nil
}
return errors.Errorf("cannot apply tls config to transport: %T", c.client.Transport)
}
}
// WithTLSClientConfigFromEnv configures the client's TLS settings with the // WithTLSClientConfigFromEnv configures the client's TLS settings with the
// settings in the DOCKER_CERT_PATH ([EnvOverrideCertPath]) and DOCKER_TLS_VERIFY // settings in the DOCKER_CERT_PATH ([EnvOverrideCertPath]) and DOCKER_TLS_VERIFY
// ([EnvTLSVerify]) environment variables. If DOCKER_CERT_PATH is not set or empty, // ([EnvTLSVerify]) environment variables. If DOCKER_CERT_PATH is not set or empty,