Skip to content

Commit

Permalink
Added tls_server_name option
Browse files Browse the repository at this point in the history
  • Loading branch information
alekc committed Dec 14, 2023
1 parent 9c07d38 commit c8fdb35
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 0 deletions.
1 change: 1 addition & 0 deletions docs/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -70,6 +70,7 @@ The following arguments are supported:
* `config_context_cluster` - (Optional) Cluster context of the kube config (name of the kubeconfig cluster, `--cluster` flag in `kubectl`). Can be sourced from `KUBE_CTX_CLUSTER`.
* `token` - (Optional) Token of your service account. Can be sourced from `KUBE_TOKEN`.
* `proxy_url` - (Optional) URL to the proxy to be used for all API requests. URLs with "http", "https", and "socks5" schemes are supported. Can be sourced from `KUBE_PROXY_URL`.
* `tls_server_name` - (Optional) Server name passed to the server for SNI and is used in the client to check server certificates against.
* `exec` - (Optional) Configuration block to use an [exec-based credential plugin] (https://kubernetes.io/docs/reference/access-authn-authz/authentication/#client-go-credential-plugins), e.g. call an external command to receive user credentials.
* `api_version` - (Required) API version to use when decoding the ExecCredentials resource, e.g. `client.authentication.k8s.io/v1beta1`.
* `command` - (Required) Command to execute.
Expand Down
9 changes: 9 additions & 0 deletions kubernetes/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -132,6 +132,12 @@ func Provider() *schema.Provider {
DefaultFunc: schema.EnvDefaultFunc("KUBE_LOAD_CONFIG_FILE", true),
Description: "Load local kubeconfig.",
},
"tls_server_name": {
Type: schema.TypeString,
Optional: true,
Description: "Server name passed to the server for SNI and is used in the client to check server certificates against.",
DefaultFunc: schema.EnvDefaultFunc("KUBE_TLS_SERVER_NAME", ""),
},
"exec": {
Type: schema.TypeList,
Optional: true,
Expand Down Expand Up @@ -383,6 +389,9 @@ func initializeConfiguration(d *schema.ResourceData) (*restclient.Config, error)
if v, ok := d.GetOk("proxy_url"); ok {
overrides.ClusterDefaults.ProxyURL = v.(string)
}
if v, ok := d.GetOk("tls_server_name"); ok {
overrides.ClusterInfo.TLSServerName = v.(string)
}

cc := clientcmd.NewNonInteractiveDeferredLoadingClientConfig(loader, overrides)
cfg, err := cc.ClientConfig()
Expand Down

0 comments on commit c8fdb35

Please sign in to comment.