Merge branch 'rakutentech-insecure-flag'
Rebase of @tkak's work onto master. Closes #3933
This commit is contained in:
commit
5985220497
|
@ -9,14 +9,11 @@ import (
|
|||
"golang.org/x/net/context"
|
||||
)
|
||||
|
||||
const (
|
||||
defaultInsecureFlag = true
|
||||
)
|
||||
|
||||
type Config struct {
|
||||
User string
|
||||
Password string
|
||||
VSphereServer string
|
||||
InsecureFlag bool
|
||||
}
|
||||
|
||||
// Client() returns a new client for accessing VMWare vSphere.
|
||||
|
@ -28,7 +25,7 @@ func (c *Config) Client() (*govmomi.Client, error) {
|
|||
|
||||
u.User = url.UserPassword(c.User, c.Password)
|
||||
|
||||
client, err := govmomi.NewClient(context.TODO(), u, defaultInsecureFlag)
|
||||
client, err := govmomi.NewClient(context.TODO(), u, c.InsecureFlag)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("Error setting up client: %s", err)
|
||||
}
|
||||
|
|
|
@ -29,6 +29,13 @@ func Provider() terraform.ResourceProvider {
|
|||
DefaultFunc: schema.EnvDefaultFunc("VSPHERE_SERVER", nil),
|
||||
Description: "The vSphere Server name for vSphere API operations.",
|
||||
},
|
||||
|
||||
"allow_unverified_ssl": &schema.Schema{
|
||||
Type: schema.TypeBool,
|
||||
Optional: true,
|
||||
DefaultFunc: schema.EnvDefaultFunc("VSPHERE_ALLOW_UNVERIFIED_SSL", false),
|
||||
Description: "If set, VMware vSphere client will permit unverifiable SSL certificates.",
|
||||
},
|
||||
},
|
||||
|
||||
ResourcesMap: map[string]*schema.Resource{
|
||||
|
@ -44,6 +51,7 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) {
|
|||
User: d.Get("user").(string),
|
||||
Password: d.Get("password").(string),
|
||||
VSphereServer: d.Get("vsphere_server").(string),
|
||||
InsecureFlag: d.Get("allow_unverified_ssl").(bool),
|
||||
}
|
||||
|
||||
return config.Client()
|
||||
|
|
|
@ -58,6 +58,11 @@ The following arguments are used to configure the VMware vSphere Provider:
|
|||
* `vsphere_server` - (Required) This is the vCenter server name for vSphere API
|
||||
operations. Can also be specified with the `VSPHERE_SERVER` environment
|
||||
variable.
|
||||
* `allow_unverified_ssl` - (Optional) Boolean that can be set to true to
|
||||
disable SSL certificate verification. This should be used with care as it
|
||||
could allow an attacker to intercept your auth token. If omitted, default
|
||||
value is `false`. Can also be specified with the `VSPHERE_ALLOW_UNVERIFIED_SSL`
|
||||
environment variable.
|
||||
|
||||
## Acceptance Tests
|
||||
|
||||
|
|
Loading…
Reference in New Issue