splicemachine · splicemaahs · Jun 21, 2021 · May 27, 2021 · Jun 8, 2021
@@ -1,6 +1,8 @@
 package cmd
 
 import (
+ "crypto/tls"
+ "crypto/x509"
  "encoding/json"
  "fmt"
  "io/ioutil"
@@ -88,6 +90,16 @@ func displayApplyCmSettingsV1(in string) {
 
 func setCMSettings(comp string, in []byte) (string, error) {
  restClient := resty.New()
+ // Check if we've set a caBundle (via --ca-cert parameter)
+ if len(caBundle) > 0 {
+ roots := x509.NewCertPool()
+ ok := roots.AppendCertsFromPEM([]byte(caBundle))
+ if !ok {
+ logrus.Info("Failed to parse CABundle")
+ }
+ restClient.SetTLSClientConfig(&tls.Config{RootCAs: roots})
+ }
+
  uri := fmt.Sprintf("splicectl/v1/vault/cmsettings?component=%s", comp)
  resp, resperr := restClient.R().
  SetHeader("X-Token-Bearer", authClient.GetTokenBearer()).

@@ -1,6 +1,8 @@
 package cmd
 
 import (
+ "crypto/tls"
+ "crypto/x509"
  "encoding/json"
  "fmt"
  "io/ioutil"
@@ -105,6 +107,16 @@ func displayApplyDatabaseCRV2(in string) {
 
 func setDatabaseCR(dbname string, in []byte) (string, error) {
  restClient := resty.New()
+ // Check if we've set a caBundle (via --ca-cert parameter)
+ if len(caBundle) > 0 {
+ roots := x509.NewCertPool()
+ ok := roots.AppendCertsFromPEM([]byte(caBundle))
+ if !ok {
+ logrus.Info("Failed to parse CABundle")
+ }
+ restClient.SetTLSClientConfig(&tls.Config{RootCAs: roots})
+ }
+
  uri := fmt.Sprintf("splicectl/v1/vault/databasecr?database-name=%s", dbname)
  resp, resperr := restClient.R().
  SetHeader("X-Token-Bearer", authClient.GetTokenBearer()).

@@ -1,6 +1,8 @@
 package cmd
 
 import (
+ "crypto/tls"
+ "crypto/x509"
  "encoding/json"
  "fmt"
  "io/ioutil"
@@ -95,6 +97,16 @@ func displayApplyDefaultCRV2(in string) {
 
 func setDefaultCR(in []byte) (string, error) {
  restClient := resty.New()
+ // Check if we've set a caBundle (via --ca-cert parameter)
+ if len(caBundle) > 0 {
+ roots := x509.NewCertPool()
+ ok := roots.AppendCertsFromPEM([]byte(caBundle))
+ if !ok {
+ logrus.Info("Failed to parse CABundle")
+ }
+ restClient.SetTLSClientConfig(&tls.Config{RootCAs: roots})
+ }
+
  uri := "splicectl/v1/vault/defaultcr"
  resp, resperr := restClient.R().
  SetHeader("X-Token-Bearer", authClient.GetTokenBearer()).

@@ -1,6 +1,8 @@
 package cmd
 
 import (
+ "crypto/tls"
+ "crypto/x509"
  "fmt"
  "os"
 
@@ -62,6 +64,16 @@ func displayApplyImageTagV1(in string) {
 
 func setDatabaseImageTag(componentName string, databaseName string, imageTag string) (string, error) {
  restClient := resty.New()
+ // Check if we've set a caBundle (via --ca-cert parameter)
+ if len(caBundle) > 0 {
+ roots := x509.NewCertPool()
+ ok := roots.AppendCertsFromPEM([]byte(caBundle))
+ if !ok {
+ logrus.Info("Failed to parse CABundle")
+ }
+ restClient.SetTLSClientConfig(&tls.Config{RootCAs: roots})
+ }
+
  uri := fmt.Sprintf("splicectl/v1/splicedb/imagetag?component-name=%s&database-name=%s&tag=%s",
  componentName, databaseName, imageTag)
  resp, resperr := restClient.R().

@@ -1,6 +1,8 @@
 package cmd
 
 import (
+ "crypto/tls"
+ "crypto/x509"
  "encoding/json"
  "fmt"
  "io/ioutil"
@@ -97,6 +99,16 @@ func displayApplySystemSettingsV2(in string) {
 
 func setSystemSettings(in []byte) (string, error) {
  restClient := resty.New()
+ // Check if we've set a caBundle (via --ca-cert parameter)
+ if len(caBundle) > 0 {
+ roots := x509.NewCertPool()
+ ok := roots.AppendCertsFromPEM([]byte(caBundle))
+ if !ok {
+ logrus.Info("Failed to parse CABundle")
+ }
+ restClient.SetTLSClientConfig(&tls.Config{RootCAs: roots})
+ }
+
  uri := "splicectl/v1/vault/systemsettings"
  resp, resperr := restClient.R().
  SetHeader("X-Token-Bearer", authClient.GetTokenBearer()).

@@ -1,6 +1,8 @@
 package cmd
 
 import (
+ "crypto/tls"
+ "crypto/x509"
  "encoding/json"
  "fmt"
  "io/ioutil"
@@ -101,6 +103,16 @@ func displayApplyVaultKeyV2(in string) {
 
 func setVaultKeyData(keypath string, in []byte) (string, error) {
  restClient := resty.New()
+ // Check if we've set a caBundle (via --ca-cert parameter)
+ if len(caBundle) > 0 {
+ roots := x509.NewCertPool()
+ ok := roots.AppendCertsFromPEM([]byte(caBundle))
+ if !ok {
+ logrus.Info("Failed to parse CABundle")
+ }
+ restClient.SetTLSClientConfig(&tls.Config{RootCAs: roots})
+ }
+
  uri := fmt.Sprintf("splicectl/v1/vault/vaultkey?keypath=%s", keypath)
  resp, resperr := restClient.R().
  SetHeader("X-Token-Bearer", authClient.GetTokenBearer()).

@@ -1,6 +1,8 @@
 package cmd
 
 import (
+ "crypto/tls"
+ "crypto/x509"
  "encoding/json"
  "fmt"
 
@@ -63,6 +65,15 @@ var authCmd = &cobra.Command{
 
 func performAuth() (string, error) {
  restClient := resty.New()
+ // Check if we've set a caBundle (via --ca-cert parameter)
+ if len(caBundle) > 0 {
+ roots := x509.NewCertPool()
+ ok := roots.AppendCertsFromPEM([]byte(caBundle))
+ if !ok {
+ logrus.Info("Failed to parse CABundle")
+ }
+ restClient.SetTLSClientConfig(&tls.Config{RootCAs: roots})
+ }
 
  uri := "splicectl/v1/auth"
  resp, resperr := restClient.R().

@@ -1,6 +1,8 @@
 package cmd
 
 import (
+ "crypto/tls"
+ "crypto/x509"
  "encoding/json"
  "fmt"
  "io/ioutil"
@@ -221,6 +223,15 @@ func generateSkel(dbReq *objects.DatabaseRequest) {
 func createSpliceDatabase(dbReq *objects.DatabaseRequest, outputonly bool) (string, error) {
 
  restClient := resty.New()
+ // Check if we've set a caBundle (via --ca-cert parameter)
+ if len(caBundle) > 0 {
+ roots := x509.NewCertPool()
+ ok := roots.AppendCertsFromPEM([]byte(caBundle))
+ if !ok {
+ logrus.Info("Failed to parse CABundle")
+ }
+ restClient.SetTLSClientConfig(&tls.Config{RootCAs: roots})
+ }
 
  uri := "splicectl/v1/splicedb/splicedatabase"
 

@@ -1,6 +1,8 @@
 package cmd
 
 import (
+ "crypto/tls"
+ "crypto/x509"
  "encoding/json"
  "fmt"
  "os"
@@ -86,6 +88,15 @@ func getMatchingClusterID(db string) string {
 
 func deleteDatabase(cid string) (string, error) {
  restClient := resty.New()
+ // Check if we've set a caBundle (via --ca-cert parameter)
+ if len(caBundle) > 0 {
+ roots := x509.NewCertPool()
+ ok := roots.AppendCertsFromPEM([]byte(caBundle))
+ if !ok {
+ logrus.Info("Failed to parse CABundle")
+ }
+ restClient.SetTLSClientConfig(&tls.Config{RootCAs: roots})
+ }
 
  uri := fmt.Sprintf("splicectl/v1/splicedb/splicedatabasedelete?database-name=%s", cid)
 

@@ -1,6 +1,8 @@
 package cmd
 
 import (
+ "crypto/tls"
+ "crypto/x509"
  "encoding/json"
  "fmt"
  "os"
@@ -76,6 +78,15 @@ func displayGetAccountsV1(in string) {
 
 func getAccounts() (string, error) {
  restClient := resty.New()
+ // Check if we've set a caBundle (via --ca-cert parameter)
+ if len(caBundle) > 0 {
+ roots := x509.NewCertPool()
+ ok := roots.AppendCertsFromPEM([]byte(caBundle))
+ if !ok {
+ logrus.Info("Failed to parse CABundle")
+ }
+ restClient.SetTLSClientConfig(&tls.Config{RootCAs: roots})
+ }
 
  uri := "splicectl/v1/cm/accounts"
  resp, resperr := restClient.R().

@@ -1,6 +1,8 @@
 package cmd
 
 import (
+ "crypto/tls"
+ "crypto/x509"
  "encoding/json"
  "fmt"
  "os"
@@ -77,6 +79,15 @@ func displayGetCmSettingsV1(in string) {
 
 func getCMSettings(comp string, ver int) (string, error) {
  restClient := resty.New()
+ // Check if we've set a caBundle (via --ca-cert parameter)
+ if len(caBundle) > 0 {
+ roots := x509.NewCertPool()
+ ok := roots.AppendCertsFromPEM([]byte(caBundle))
+ if !ok {
+ logrus.Info("Failed to parse CABundle")
+ }
+ restClient.SetTLSClientConfig(&tls.Config{RootCAs: roots})
+ }
 
  uri := fmt.Sprintf("splicectl/v1/vault/cmsettings?component=%s&version=%d", comp, ver)
  resp, resperr := restClient.R().

@@ -1,6 +1,8 @@
 package cmd
 
 import (
+ "crypto/tls"
+ "crypto/x509"
  "encoding/json"
  "fmt"
  "os"
@@ -98,6 +100,15 @@ func displayGetDatabaseV2(in string, fp string) {
 
 func getDatabaseCR(dbname string, ver int) (string, error) {
  restClient := resty.New()
+ // Check if we've set a caBundle (via --ca-cert parameter)
+ if len(caBundle) > 0 {
+ roots := x509.NewCertPool()
+ ok := roots.AppendCertsFromPEM([]byte(caBundle))
+ if !ok {
+ logrus.Info("Failed to parse CABundle")
+ }
+ restClient.SetTLSClientConfig(&tls.Config{RootCAs: roots})
+ }
 
  uri := fmt.Sprintf("splicectl/v1/vault/databasecr?version=%d&database-name=%s", ver, dbname)
  resp, resperr := restClient.R().

@@ -1,6 +1,8 @@
 package cmd
 
 import (
+ "crypto/tls"
+ "crypto/x509"
  "fmt"
  "os"
 
@@ -54,6 +56,15 @@ func displayGetDatabaseStatusV1(in string) {
 func getDatabaseStatusData(databaseName string) (string, error) {
 
  restClient := resty.New()
+ // Check if we've set a caBundle (via --ca-cert parameter)
+ if len(caBundle) > 0 {
+ roots := x509.NewCertPool()
+ ok := roots.AppendCertsFromPEM([]byte(caBundle))
+ if !ok {
+ logrus.Info("Failed to parse CABundle")
+ }
+ restClient.SetTLSClientConfig(&tls.Config{RootCAs: roots})
+ }
 
  uri := fmt.Sprintf("splicectl/v1/splicedb/splicedatabasestatus?database-name=%s", databaseName)
  resp, resperr := restClient.R().

@@ -2,6 +2,8 @@ package cmd
 
 import (
  "bytes"
+ "crypto/tls"
+ "crypto/x509"
  "encoding/json"
  "fmt"
  "os"
@@ -100,7 +102,17 @@ func displayGetDefaultCRV2(in string) {
 }
 
 func getDefaultCR(ver int) (string, error) {
+
  restClient := resty.New()
+ // Check if we've set a caBundle (via --ca-cert parameter)
+ if len(caBundle) > 0 {
+ roots := x509.NewCertPool()
+ ok := roots.AppendCertsFromPEM([]byte(caBundle))
+ if !ok {
+ logrus.Info("Failed to parse CABundle")
+ }
+ restClient.SetTLSClientConfig(&tls.Config{RootCAs: roots})
+ }
 
  uri := fmt.Sprintf("splicectl/v1/vault/defaultcr?version=%d", ver)
  resp, resperr := restClient.R().

@@ -1,6 +1,8 @@
 package cmd
 
 import (
+ "crypto/tls"
+ "crypto/x509"
  "encoding/json"
  "fmt"
  "os"
@@ -100,6 +102,15 @@ func displayGetImageTagV2(in string) {
 func getImageTagData(componenetName string, databaseName string) (string, error) {
 
  restClient := resty.New()
+ // Check if we've set a caBundle (via --ca-cert parameter)
+ if len(caBundle) > 0 {
+ roots := x509.NewCertPool()
+ ok := roots.AppendCertsFromPEM([]byte(caBundle))
+ if !ok {
+ logrus.Info("Failed to parse CABundle")
+ }
+ restClient.SetTLSClientConfig(&tls.Config{RootCAs: roots})
+ }
 
  uri := fmt.Sprintf("splicectl/v1/splicedb/imagetag?component-name=%s&database-name=%s", componenetName, databaseName)
  resp, resperr := restClient.R().