Skip to content

Commit

Permalink
Override TLS flags individually for meta commands (#11592)
Browse files Browse the repository at this point in the history
* Override TLS flags individually for meta commands

* Update command/meta.go

Co-authored-by: Tim Gross <[email protected]>

Co-authored-by: Tim Gross <[email protected]>
  • Loading branch information
2 people authored and lgfa29 committed Jan 17, 2022
1 parent 7557b24 commit b972a7f
Showing 1 changed file with 27 additions and 13 deletions.
40 changes: 27 additions & 13 deletions command/meta.go
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,7 @@ type ApiClientFactory func() (*api.Client, error)
// the default command line arguments and env vars.
func (m *Meta) clientConfig() *api.Config {
config := api.DefaultConfig()

if m.flagAddress != "" {
config.Address = m.flagAddress
}
Expand All @@ -125,23 +126,36 @@ func (m *Meta) clientConfig() *api.Config {
config.Namespace = m.namespace
}

// If we need custom TLS configuration, then set it
if m.caCert != "" || m.caPath != "" || m.clientCert != "" || m.clientKey != "" || m.tlsServerName != "" || m.insecure {
t := &api.TLSConfig{
CACert: m.caCert,
CAPath: m.caPath,
ClientCert: m.clientCert,
ClientKey: m.clientKey,
TLSServerName: m.tlsServerName,
Insecure: m.insecure,
}
config.TLSConfig = t
}

if m.token != "" {
config.SecretID = m.token
}

// Override TLS configuration fields we may have received from env vars with
// flag arguments from the user only if they're provided.
if m.caCert != "" {
config.TLSConfig.CACert = m.caCert
}

if m.caPath != "" {
config.TLSConfig.CAPath = m.caPath
}

if m.clientCert != "" {
config.TLSConfig.ClientCert = m.clientCert
}

if m.clientKey != "" {
config.TLSConfig.ClientKey = m.clientKey
}

if m.tlsServerName != "" {
config.TLSConfig.TLSServerName = m.tlsServerName
}

if m.insecure {
config.TLSConfig.Insecure = m.insecure
}

return config
}

Expand Down

0 comments on commit b972a7f

Please sign in to comment.