Skip to content

Commit

Permalink
support adding a CA cert to http collector (#1624)
Browse files Browse the repository at this point in the history 
* add a TLS parameter for cacert

* pass a ca cert into http request

* test preflight

* make schemas

* log extra information from http request

* pass a proxy into the collector spec

* hitting a segfault; breakpoint

* accept a dir, file, or a string-literal as CA

* move tls params into get, put, post methods

* test for cert untrusted response

* make generate

* make schemas

* more test cases

* make schemas

* dont include system certs

* make generate && make schemas

* resolve gosec G402 warning

* remove old check for system certs

* ignore errcheck "return value not checked" linter errors
  • Loading branch information
@adamancini
adamancini authored Oct 23, 2024
1 parent 7ed2f4b commit eacff71
Show file tree
Hide file tree
Showing 17 changed files with 1,561 additions and 25 deletions.
2 changes: 2 additions & 0 deletions .golangci.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,3 +11,5 @@ linters:
- gofmt
- gosec
- govet
disable:
- errcheck
138 changes: 138 additions & 0 deletions config/crds/troubleshoot.sh_collectors.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -408,11 +408,34 @@ spec:
type: object
insecureSkipVerify:
type: boolean
proxy:
type: string
timeout:
description: |-
Timeout is the time to wait for a server's response. Its a duration e.g 15s, 2h30m.
Missing value or empty string or means no timeout.
type: string
tls:
properties:
cacert:
type: string
clientCert:
type: string
clientKey:
type: string
secret:
properties:
name:
type: string
namespace:
type: string
required:
- name
- namespace
type: object
skipVerify:
type: boolean
type: object
url:
type: string
required:
Expand All @@ -430,11 +453,34 @@ spec:
type: object
insecureSkipVerify:
type: boolean
proxy:
type: string
timeout:
description: |-
Timeout is the time to wait for a server's response. Its a duration e.g 15s, 2h30m.
Missing value or empty string or means no timeout.
type: string
tls:
properties:
cacert:
type: string
clientCert:
type: string
clientKey:
type: string
secret:
properties:
name:
type: string
namespace:
type: string
required:
- name
- namespace
type: object
skipVerify:
type: boolean
type: object
url:
type: string
required:
Expand All @@ -450,11 +496,34 @@ spec:
type: object
insecureSkipVerify:
type: boolean
proxy:
type: string
timeout:
description: |-
Timeout is the time to wait for a server's response. Its a duration e.g 15s, 2h30m.
Missing value or empty string or means no timeout.
type: string
tls:
properties:
cacert:
type: string
clientCert:
type: string
clientKey:
type: string
secret:
properties:
name:
type: string
namespace:
type: string
required:
- name
- namespace
type: object
skipVerify:
type: boolean
type: object
url:
type: string
required:
Expand Down Expand Up @@ -17054,11 +17123,34 @@ spec:
type: object
insecureSkipVerify:
type: boolean
proxy:
type: string
timeout:
description: |-
Timeout is the time to wait for a server's response. Its a duration e.g 15s, 2h30m.
Missing value or empty string or means no timeout.
type: string
tls:
properties:
cacert:
type: string
clientCert:
type: string
clientKey:
type: string
secret:
properties:
name:
type: string
namespace:
type: string
required:
- name
- namespace
type: object
skipVerify:
type: boolean
type: object
url:
type: string
required:
Expand All @@ -17074,11 +17166,34 @@ spec:
type: object
insecureSkipVerify:
type: boolean
proxy:
type: string
timeout:
description: |-
Timeout is the time to wait for a server's response. Its a duration e.g 15s, 2h30m.
Missing value or empty string or means no timeout.
type: string
tls:
properties:
cacert:
type: string
clientCert:
type: string
clientKey:
type: string
secret:
properties:
name:
type: string
namespace:
type: string
required:
- name
- namespace
type: object
skipVerify:
type: boolean
type: object
url:
type: string
required:
Expand All @@ -17094,11 +17209,34 @@ spec:
type: object
insecureSkipVerify:
type: boolean
proxy:
type: string
timeout:
description: |-
Timeout is the time to wait for a server's response. Its a duration e.g 15s, 2h30m.
Missing value or empty string or means no timeout.
type: string
tls:
properties:
cacert:
type: string
clientCert:
type: string
clientKey:
type: string
secret:
properties:
name:
type: string
namespace:
type: string
required:
- name
- namespace
type: object
skipVerify:
type: boolean
type: object
url:
type: string
required:
Expand Down
69 changes: 69 additions & 0 deletions config/crds/troubleshoot.sh_hostcollectors.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1400,11 +1400,34 @@ spec:
type: object
insecureSkipVerify:
type: boolean
proxy:
type: string
timeout:
description: |-
Timeout is the time to wait for a server's response. Its a duration e.g 15s, 2h30m.
Missing value or empty string or means no timeout.
type: string
tls:
properties:
cacert:
type: string
clientCert:
type: string
clientKey:
type: string
secret:
properties:
name:
type: string
namespace:
type: string
required:
- name
- namespace
type: object
skipVerify:
type: boolean
type: object
url:
type: string
required:
Expand All @@ -1420,11 +1443,34 @@ spec:
type: object
insecureSkipVerify:
type: boolean
proxy:
type: string
timeout:
description: |-
Timeout is the time to wait for a server's response. Its a duration e.g 15s, 2h30m.
Missing value or empty string or means no timeout.
type: string
tls:
properties:
cacert:
type: string
clientCert:
type: string
clientKey:
type: string
secret:
properties:
name:
type: string
namespace:
type: string
required:
- name
- namespace
type: object
skipVerify:
type: boolean
type: object
url:
type: string
required:
Expand All @@ -1440,11 +1486,34 @@ spec:
type: object
insecureSkipVerify:
type: boolean
proxy:
type: string
timeout:
description: |-
Timeout is the time to wait for a server's response. Its a duration e.g 15s, 2h30m.
Missing value or empty string or means no timeout.
type: string
tls:
properties:
cacert:
type: string
clientCert:
type: string
clientKey:
type: string
secret:
properties:
name:
type: string
namespace:
type: string
required:
- name
- namespace
type: object
skipVerify:
type: boolean
type: object
url:
type: string
required:
Expand Down
Loading

0 comments on commit eacff71

Please sign in to comment.