Add --skip-verify flag to optionally allow insecure https connections

LGUG2Z · Jul 7, 2019 · af9285e · af9285e
1 parent 27d9fdb
commit af9285e
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 2 deletions.
diff --git a/.goreleaser.yml b/.goreleaser.yml
@@ -20,9 +20,10 @@ builds:
 
 dockers:
   - image_templates:
-      - "lgug2z/elasdx:{{ .Tag }}"
       - "lgug2z/elasdx:{{ .Major }}"
       - "lgug2z/elasdx:{{ .Major }}.{{ .Minor }}"
+      - "lgug2z/elasdx:{{ .Major }}.{{ .Minor }}.{{ .Patch }}"
+      - "lgug2z/elasdx:{{ .ShortCommit }}"
       - "lgug2z/elasdx:latest"
 
 brews:

diff --git a/README.md b/README.md
@@ -139,6 +139,9 @@ The ElasticSearch URL can be set using the `ELASDX_URL` environment variable or
 This value defaults to `http://127.0.0.1:9200`. If using basic auth, the username and password can be provided using the
 `ELASDX_USERNAME`, `--username` or `ELASDX_PASSWORD`, `--password` environment variables and flags respectively.
 
+Optionally, `elasdx` can make a connection to an instance or a cluster at a `https://` url without providing a valid
+certificate by setting either `ELASDX_SKIP_VERIFY` or `--skip-verify`.
+
 ### Reindex
 The `reindex` command assumes either a file or a directory of files named to match the index template and the eventual
 alias desired.

diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-0.0.1
+0.0.2
diff --git a/cli/app.go b/cli/app.go
@@ -1,7 +1,9 @@
 package cli
 
 import (
+	"crypto/tls"
 	"fmt"
+	"net/http"
 	"path/filepath"
 	"strings"
 	"time"
@@ -38,6 +40,7 @@ func App() *cli.App {
 		cli.StringFlag{Name: "url", EnvVar: "ELASDX_URL", Usage: "ElasticSearch URL to connect to", Value: elastic.DefaultURL},
 		cli.StringFlag{Name: "username", EnvVar: "ELASDX_USERNAME", Usage: "ElasticSearch basic auth username"},
 		cli.StringFlag{Name: "password", EnvVar: "ELASDX_PASSWORD", Usage: "ElasticSearch basic auth password"},
+		cli.BoolFlag{Name: "skip-verify", EnvVar: "ELASDX_SKIP_VERIFY", Usage: "Skip TLS verification"},
 	}
 
 	app.Commands = []cli.Command{
@@ -54,11 +57,25 @@ func getClient(c *cli.Context) (*elastic.Client, error) {
 	username := c.String("username")
 	password := c.String("password")
 
+	client := http.DefaultClient
+
+	if c.GlobalBool("skip-verify") {
+		fmt.Println("Skipping verification")
+		client = &http.Client{
+			Transport: &http.Transport{
+				TLSClientConfig: &tls.Config{
+					InsecureSkipVerify: true,
+				},
+			},
+		}
+	}
+
 	hasBasicAuth := len(username) > 0
 	if hasBasicAuth {
 		return elastic.NewClient(
 			elastic.SetScheme(schemeAndURL[0]),
 			elastic.SetURL(url),
+			elastic.SetHttpClient(client),
 			elastic.SetBasicAuth(username, password),
 			elastic.SetSniff(false),
 		)
@@ -67,6 +84,7 @@ func getClient(c *cli.Context) (*elastic.Client, error) {
 	return elastic.NewClient(
 		elastic.SetScheme(schemeAndURL[0]),
 		elastic.SetURL(url),
+		elastic.SetHttpClient(client),
 		elastic.SetSniff(false),
 	)
 }