3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-24 14:37:12 +02:00
Code Issues Projects Releases Packages Wiki Activity

add TLS flags for TCP tunnel (#1725)

Browse source
This commit is contained in:
Caleb Doxsey 2020-12-29 14:36:52 -07:00 committed by GitHub
parent 73f4ee26fc
commit ea4e9fa3aa
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 24 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

20
cmd/pomerium-cli/kubernetes.go
View file

@ -15,20 +15,8 @@ import (
"github.com/pomerium/pomerium/internal/authclient"
)
var kubernetesExecCredentialOption struct {
disableTLSVerification bool
alternateCAPath string
caCert string
}
func init() {
flags := kubernetesExecCredentialCmd.Flags()
flags.BoolVar(&kubernetesExecCredentialOption.disableTLSVerification, "disable-tls-verification", false,
"disables TLS verification")
flags.StringVar(&kubernetesExecCredentialOption.alternateCAPath, "alternate-ca-path", "",
"path to CA certificate to use for HTTP requests")
flags.StringVar(&kubernetesExecCredentialOption.caCert, "ca-cert", "",
"base64-encoded CA TLS certificate to use for HTTP requests")
addTLSFlags(kubernetesExecCredentialCmd)
kubernetesCmd.AddCommand(kubernetesExecCredentialCmd)
rootCmd.AddCommand(kubernetesCmd)
}
@ -57,11 +45,7 @@ var kubernetesExecCredentialCmd = &cobra.Command{
var tlsConfig *tls.Config
if serverURL.Scheme == "https" {
tlsConfig = getTLSConfig(
kubernetesExecCredentialOption.disableTLSVerification,
kubernetesExecCredentialOption.caCert,
kubernetesExecCredentialOption.alternateCAPath,
)
tlsConfig = getTLSConfig()
}
ac := authclient.New(authclient.WithTLSConfig(tlsConfig))