From 8f0cd35d7a42e4eaaa32b71745eb240458b18891 Mon Sep 17 00:00:00 2001 From: Stefan Prodan Date: Thu, 1 Apr 2021 09:31:55 +0300 Subject: [PATCH] Allow self-signed certs when using go-git Signed-off-by: Stefan Prodan --- cmd/flux/create_source_git.go | 22 +++++++++++----------- docs/cmd/flux_create_source_git.md | 2 +- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/cmd/flux/create_source_git.go b/cmd/flux/create_source_git.go index 0a87610f..8f00636c 100644 --- a/cmd/flux/create_source_git.go +++ b/cmd/flux/create_source_git.go @@ -122,7 +122,7 @@ func init() { createSourceGitCmd.Flags().Var(&sourceGitArgs.keyECDSACurve, "ssh-ecdsa-curve", sourceGitArgs.keyECDSACurve.Description()) createSourceGitCmd.Flags().StringVar(&sourceGitArgs.secretRef, "secret-ref", "", "the name of an existing secret containing SSH or basic credentials") createSourceGitCmd.Flags().Var(&sourceGitArgs.gitImplementation, "git-implementation", sourceGitArgs.gitImplementation.Description()) - createSourceGitCmd.Flags().StringVar(&sourceGitArgs.caFile, "ca-file", "", "path to TLS CA file used for validating self-signed certificates, requires libgit2") + createSourceGitCmd.Flags().StringVar(&sourceGitArgs.caFile, "ca-file", "", "path to TLS CA file used for validating self-signed certificates") createSourceGitCmd.Flags().StringVar(&sourceGitArgs.privateKeyFile, "private-key-file", "", "path to a passwordless private key file used for authenticating to the Git SSH server") createSourceCmd.AddCommand(createSourceGitCmd) @@ -146,16 +146,6 @@ func createSourceGitCmdRun(cmd *cobra.Command, args []string) error { return fmt.Errorf("url is required") } - if sourceGitArgs.gitImplementation.String() != sourcev1.LibGit2Implementation && sourceGitArgs.caFile != "" { - return fmt.Errorf("specifing a CA file requires --git-implementation=%s", sourcev1.LibGit2Implementation) - } - - tmpDir, err := ioutil.TempDir("", name) - if err != nil { - return err - } - defer os.RemoveAll(tmpDir) - u, err := url.Parse(sourceGitArgs.url) if err != nil { return fmt.Errorf("git URL parse failed: %w", err) @@ -164,6 +154,16 @@ func createSourceGitCmdRun(cmd *cobra.Command, args []string) error { return fmt.Errorf("git URL scheme '%s' not supported, can be: ssh, http and https", u.Scheme) } + if sourceGitArgs.caFile != "" && u.Scheme == "ssh" { + return fmt.Errorf("specifing a CA file is not supported for Git over SSH") + } + + tmpDir, err := ioutil.TempDir("", name) + if err != nil { + return err + } + defer os.RemoveAll(tmpDir) + sourceLabels, err := parseLabels() if err != nil { return err diff --git a/docs/cmd/flux_create_source_git.md b/docs/cmd/flux_create_source_git.md index 890f21bc..14cddd5a 100644 --- a/docs/cmd/flux_create_source_git.md +++ b/docs/cmd/flux_create_source_git.md @@ -65,7 +65,7 @@ flux create source git [name] [flags] ``` --branch string git branch (default "master") - --ca-file string path to TLS CA file used for validating self-signed certificates, requires libgit2 + --ca-file string path to TLS CA file used for validating self-signed certificates --git-implementation gitImplementation the Git implementation to use, available options are: (go-git, libgit2) -h, --help help for git -p, --password string basic authentication password