feat: [ASSMT-242]: Support for insecure skip verify flag in x509 (#95)

harness · Mar 4, 2024 · cb1ca48 · cb1ca48
1 parent b4106e4
commit cb1ca48
Show file tree

Hide file tree

Showing 3 changed files with 35 additions and 17 deletions.
diff --git a/client.go b/client.go
@@ -113,7 +113,7 @@ func AuthHeaderKey(auth string) string {
 	return "x-api-key"
 }
 
-func GetWithAuth(host string, query string, authMethod string, base64Auth string, certPath string, keyPath string) (body []byte, err error) {
+func GetWithAuth(host string, query string, authMethod string, base64Auth string, certPath string, keyPath string, insecure bool) (body []byte, err error) {
 	baseURL := "https://" + host + "/api/v1/" + query
 
 	var client *http.Client
@@ -134,34 +134,35 @@ func GetWithAuth(host string, query string, authMethod string, base64Auth string
 		// Load client certificate
 		cert, err := tls.LoadX509KeyPair(certPath, keyPath)
 		if err != nil {
-			fmt.Println("Error loading certificate:", err)
+			log.WithError(err).Error("Error loading certificate")
 			return nil, err
 		}
 
 		// Create a HTTPS client and supply the created CA pool and certificate
 		config := &tls.Config{
-			Certificates: []tls.Certificate{cert},
+			Certificates:       []tls.Certificate{cert},
+			InsecureSkipVerify: insecure,
 			// In a real application, you should adjust the TLS settings according to your security requirements.
 		}
 		client = &http.Client{Transport: &http.Transport{TLSClientConfig: config}}
 	} else {
-		fmt.Println("Unsupported authentication method")
 		return nil, fmt.Errorf("unsupported authentication method %s", authMethod)
 	}
 
 	resp, err := client.Do(req)
 	if err != nil {
-		fmt.Println("Error sending request:", err)
+		log.WithError(err).Error("Error sending request")
 		return nil, err
 	}
 	defer resp.Body.Close()
 
 	// Read and print the response body
 	body, err = ioutil.ReadAll(resp.Body)
 	if err != nil {
-		fmt.Println("Error reading response body:", err)
+		log.Error("Error reading response body:", err)
 		return nil, err
 	}
-	fmt.Println(string(body))
+	log.Debugf("Found the following pipelines:")
+	log.Debugf(string(body))
 	return body, nil
 }
diff --git a/main.go b/main.go
@@ -67,6 +67,7 @@ var migrationReq = struct {
 	Cert                  string `survey:"cert"`
 	Key                   string `survey:"key"`
 	Auth64                string `survey:"auth64"`
+	Insecure              bool   `survey:"insecure"`
 }{}
 
 func getReqBody(entityType EntityType, filter Filter) RequestBody {
@@ -140,12 +141,14 @@ func logSpinnakerMigrationDetails(authMethod string) {
 		"  Spinnaker Host: %s\n"+
 		"  App name: %s\n"+
 		"  Pipeline Name: %s\n"+
-		"  Authentication method: %s",
+		"  Authentication method: %s \n"+
+		"  Insecure: %t",
 		migrationReq.Platform,
 		migrationReq.SpinnakerHost,
 		migrationReq.SpinnakerAppName,
 		migrationReq.PipelineName,
 		authMethod,
+		migrationReq.Insecure,
 	)
 
 	// Log the formatted message
@@ -587,6 +590,11 @@ func main() {
 						Usage:       "Cert file location in case Spinnaker uses x509 auth",
 						Destination: &migrationReq.Cert,
 					},
+					&cli.BoolFlag{
+						Name:        "insecure",
+						Usage:       "Weteher to validate the TLS certificate or not",
+						Destination: &migrationReq.Insecure,
+					},
 					&cli.StringFlag{
 						Name:        "key",
 						Usage:       "Optional. key file location in case Spinnaker uses x509 auth",

diff --git a/pipelines.go b/pipelines.go
@@ -235,11 +235,11 @@ func findPipelineIdByName(pipelines []PipelineDetails, name string) string {
 }
 
 func getAllPipelines(authMethod string) ([]byte, error) {
-	return GetWithAuth(migrationReq.SpinnakerHost, "applications/"+migrationReq.SpinnakerAppName+"/pipelineConfigs", authMethod, migrationReq.Auth64, migrationReq.Cert, migrationReq.Key)
+	return GetWithAuth(migrationReq.SpinnakerHost, "applications/"+migrationReq.SpinnakerAppName+"/pipelineConfigs", authMethod, migrationReq.Auth64, migrationReq.Cert, migrationReq.Key, migrationReq.Insecure)
 }
 
 func getSinglePipeline(authMethod string, name string) ([]byte, error) {
-	return GetWithAuth(migrationReq.SpinnakerHost, "applications/"+migrationReq.SpinnakerAppName+"/pipelineConfigs/"+name, authMethod, migrationReq.Auth64, migrationReq.Cert, migrationReq.Key)
+	return GetWithAuth(migrationReq.SpinnakerHost, "applications/"+migrationReq.SpinnakerAppName+"/pipelineConfigs/"+name, authMethod, migrationReq.Auth64, migrationReq.Cert, migrationReq.Key, migrationReq.Insecure)
 }
 
 func createSpinnakerPipelines(pipelines interface{}) (reqId string, err error) {
@@ -250,16 +250,25 @@ func createSpinnakerPipelines(pipelines interface{}) (reqId string, err error) {
 	}
 	url := GetUrlWithQueryParams(migrationReq.Environment, MigratorService, "spinnaker/pipelines", queryParams)
 	resp, err := Post(url, migrationReq.Auth, pipelines)
-	if err != nil || resp.Status != "SUCCESS" {
+	if err != nil {
 		log.Fatal("Failed to create pipelines", err)
-		return
 	}
 	resource, err := getResource(resp.Resource)
-	if err != nil || len(resource.RequestId) == 0 {
-		log.Fatal("Failed to create the entities", err)
-		return
+	if err == nil && resource.Errors != nil && len(resource.Errors) > 0 {
+		// Convert the data to JSON
+		jsonData, err := json.MarshalIndent(resource.Errors, "", "    ")
+		if err != nil {
+			// Handle the error
+			log.Error(err)
+		}
+		// Convert bytes to string and print
+		jsonString := string(jsonData)
+		log.Warnf(jsonString)
+	}
+	if len(resource.RequestId) != 0 {
+		reqId = resource.RequestId
+		log.Infof("The request id is - %s", reqId)
 	}
-	reqId = resource.RequestId
-	log.Infof("The request id is - %s", reqId)
+	log.Info("Spinnaker migration completed")
 	return
 }