Merge pull request #6039 from stack72/triton-insecure-skip-tls-verify

builder/triton: Add support to Skip TLS Verification of Triton Certificate
2018-04-20 13:44:28 -07:00 · 2018-04-20 13:44:28 -07:00 · bcbee45bf9
parent 40d054a1a7 c877312a4d
commit bcbee45bf9
2 changed files with 23 additions and 7 deletions
--- a/builder/triton/access_config.go
+++ b/builder/triton/access_config.go
@ -17,11 +17,12 @@ import (

 // AccessConfig is for common configuration related to Triton access
 type AccessConfig struct {
-	Endpoint    string `mapstructure:"triton_url"`
-	Account     string `mapstructure:"triton_account"`
-	Username    string `mapstructure:"triton_user"`
-	KeyID       string `mapstructure:"triton_key_id"`
-	KeyMaterial string `mapstructure:"triton_key_material"`
+	Endpoint              string `mapstructure:"triton_url"`
+	Account               string `mapstructure:"triton_account"`
+	Username              string `mapstructure:"triton_user"`
+	KeyID                 string `mapstructure:"triton_key_id"`
+	KeyMaterial           string `mapstructure:"triton_key_material"`
+	InsecureSkipTLSVerify bool   `mapstructure:"insecure_skip_tls_verify"`

 	signer authentication.Signer
 }
@ -131,12 +132,14 @@ func (c *AccessConfig) CreateTritonClient() (*Client, error) {
 	}

 	return &Client{
-		config: config,
+		config:                config,
+		insecureSkipTLSVerify: c.InsecureSkipTLSVerify,
 	}, nil
 }

 type Client struct {
-	config *tgo.ClientConfig
+	config                *tgo.ClientConfig
+	insecureSkipTLSVerify bool
 }

 func (c *Client) Compute() (*compute.ComputeClient, error) {
@ -145,6 +148,10 @@ func (c *Client) Compute() (*compute.ComputeClient, error) {
 		return nil, errwrap.Wrapf("Error Creating Triton Compute Client: {{err}}", err)
 	}

+	if c.insecureSkipTLSVerify {
+		computeClient.Client.InsecureSkipTLSVerify()
+	}
+
 	return computeClient, nil
 }

@ -154,6 +161,10 @@ func (c *Client) Network() (*network.NetworkClient, error) {
 		return nil, errwrap.Wrapf("Error Creating Triton Network Client: {{err}}", err)
 	}

+	if c.insecureSkipTLSVerify {
+		networkClient.Client.InsecureSkipTLSVerify()
+	}
+
 	return networkClient, nil
 }

--- a/website/source/docs/builders/triton.html.md
+++ b/website/source/docs/builders/triton.html.md
@ -95,6 +95,11 @@ builder.
    
 -   `triton_user` (string) - The username of a user who has access to your Triton
    account. 
+    
+-   `insecure_skip_tls_verify` - (bool) This allows skipping TLS verification of 
+    the Triton endpoint. It is useful when connecting to a temporary Triton 
+    installation such as Cloud-On-A-Laptop which does not generally use a 
+    certificate signed by a trusted root CA. The default is `false`.

 -   `source_machine_firewall_enabled` (boolean) - Whether or not the firewall of
    the VM used to create an image of is enabled. The Triton firewall only