Merge pull request #4811 from superseb/vcd_unverified_ssl
provider/vcd: Add flags for unverified SSL/TLS
This commit is contained in:
commit
4e22655192
|
@ -14,11 +14,13 @@ type Config struct {
|
|||
Href string
|
||||
VDC string
|
||||
MaxRetryTimeout int
|
||||
InsecureFlag bool
|
||||
}
|
||||
|
||||
type VCDClient struct {
|
||||
*govcd.VCDClient
|
||||
MaxRetryTimeout int
|
||||
InsecureFlag bool
|
||||
}
|
||||
|
||||
func (c *Config) Client() (*VCDClient, error) {
|
||||
|
@ -28,8 +30,8 @@ func (c *Config) Client() (*VCDClient, error) {
|
|||
}
|
||||
|
||||
vcdclient := &VCDClient{
|
||||
govcd.NewVCDClient(*u),
|
||||
c.MaxRetryTimeout}
|
||||
govcd.NewVCDClient(*u, c.InsecureFlag),
|
||||
c.MaxRetryTimeout, c.InsecureFlag}
|
||||
org, vcd, err := vcdclient.Authenticate(c.User, c.Password, c.Org, c.VDC)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("Something went wrong: %s", err)
|
||||
|
|
|
@ -50,6 +50,13 @@ func Provider() terraform.ResourceProvider {
|
|||
DefaultFunc: schema.EnvDefaultFunc("VCD_MAX_RETRY_TIMEOUT", 60),
|
||||
Description: "Max num seconds to wait for successful response when operating on resources within vCloud (defaults to 60)",
|
||||
},
|
||||
|
||||
"allow_unverified_ssl": &schema.Schema{
|
||||
Type: schema.TypeBool,
|
||||
Optional: true,
|
||||
DefaultFunc: schema.EnvDefaultFunc("VCD_ALLOW_UNVERIFIED_SSL", false),
|
||||
Description: "If set, VCDClient will permit unverifiable SSL certificates.",
|
||||
},
|
||||
},
|
||||
|
||||
ResourcesMap: map[string]*schema.Resource{
|
||||
|
@ -72,6 +79,7 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
|
|||
Href: d.Get("url").(string),
|
||||
VDC: d.Get("vdc").(string),
|
||||
MaxRetryTimeout: d.Get("maxRetryTimeout").(int),
|
||||
InsecureFlag: d.Get("allow_unverified_ssl").(bool),
|
||||
}
|
||||
|
||||
return config.Client()
|
||||
|
|
|
@ -19,12 +19,13 @@ Use the navigation to the left to read about the available resources.
|
|||
```
|
||||
# Configure the VMware vCloud Director Provider
|
||||
provider "vcd" {
|
||||
user = "${var.vcd_user}"
|
||||
password = "${var.vcd_pass}"
|
||||
org = "${var.vcd_org}"
|
||||
url = "${var.vcd_url}"
|
||||
vdc = "${var.vcd_vdc}"
|
||||
maxRetryTimeout = "${var.vcd_maxRetryTimeout}"
|
||||
user = "${var.vcd_user}"
|
||||
password = "${var.vcd_pass}"
|
||||
org = "${var.vcd_org}"
|
||||
url = "${var.vcd_url}"
|
||||
vdc = "${var.vcd_vdc}"
|
||||
maxRetryTimeout = "${var.vcd_maxRetryTimeout}"
|
||||
allow_unverified_ssl = "${var.vcd_allow_unverified_ssl}"
|
||||
}
|
||||
|
||||
# Create a new network
|
||||
|
@ -56,3 +57,8 @@ The following arguments are used to configure the VMware vCloud Director Provide
|
|||
(as long as it is still within the `maxRetryTimeout` value) to try and ensure success.
|
||||
Defaults to 60 seconds if not set.
|
||||
Can also be specified with the `VCD_MAX_RETRY_TIMEOUT` environment variable.
|
||||
* `allow_unverified_ssl` - (Optional) Boolean that can be set to true to
|
||||
disable SSL certificate verification. This should be used with care as it
|
||||
could allow an attacker to intercept your auth token. If omitted, default
|
||||
value is false. Can also be specified with the
|
||||
`VCD_ALLOW_UNVERIFIED_SSL` environment variable.
|
||||
|
|
Loading…
Reference in New Issue