From b87c05e5a8722620bf0743d2c8aec636c68fab06 Mon Sep 17 00:00:00 2001 From: Guillaume Giamarchi Date: Wed, 15 Apr 2015 14:58:01 +0200 Subject: [PATCH] Allow to disable HTTPS certificate check --- builtin/providers/openstack/config.go | 18 +++++++++++++++++- builtin/providers/openstack/provider.go | 6 ++++++ .../providers/openstack/index.html.markdown | 3 +++ 3 files changed, 26 insertions(+), 1 deletion(-) diff --git a/builtin/providers/openstack/config.go b/builtin/providers/openstack/config.go index d05662017..903345fb6 100644 --- a/builtin/providers/openstack/config.go +++ b/builtin/providers/openstack/config.go @@ -1,6 +1,9 @@ package openstack import ( + "crypto/tls" + "net/http" + "github.com/rackspace/gophercloud" "github.com/rackspace/gophercloud/openstack" ) @@ -15,6 +18,7 @@ type Config struct { TenantName string DomainID string DomainName string + Insecure bool osClient *gophercloud.ProviderClient } @@ -32,7 +36,19 @@ func (c *Config) loadAndValidate() error { DomainName: c.DomainName, } - client, err := openstack.AuthenticatedClient(ao) + client, err := openstack.NewClient(ao.IdentityEndpoint) + if err != nil { + return err + } + + if c.Insecure { + // Configure custom TLS settings. + config := &tls.Config{InsecureSkipVerify: true} + transport := &http.Transport{TLSClientConfig: config} + client.HTTPClient.Transport = transport + } + + err = openstack.Authenticate(client, ao) if err != nil { return err } diff --git a/builtin/providers/openstack/provider.go b/builtin/providers/openstack/provider.go index d71f5a8f0..188beadd7 100644 --- a/builtin/providers/openstack/provider.go +++ b/builtin/providers/openstack/provider.go @@ -56,6 +56,11 @@ func Provider() terraform.ResourceProvider { Optional: true, Default: "", }, + "insecure": &schema.Schema{ + Type: schema.TypeBool, + Optional: true, + Default: false, + }, }, ResourcesMap: map[string]*schema.Resource{ @@ -93,6 +98,7 @@ func configureProvider(d *schema.ResourceData) (interface{}, error) { TenantName: d.Get("tenant_name").(string), DomainID: d.Get("domain_id").(string), DomainName: d.Get("domain_name").(string), + Insecure: d.Get("insecure").(bool), } if err := config.loadAndValidate(); err != nil { diff --git a/website/source/docs/providers/openstack/index.html.markdown b/website/source/docs/providers/openstack/index.html.markdown index 02b8c8dc8..808b71d1e 100644 --- a/website/source/docs/providers/openstack/index.html.markdown +++ b/website/source/docs/providers/openstack/index.html.markdown @@ -57,6 +57,9 @@ The following arguments are supported: * `tenant_name` - (Optional) If omitted, the `OS_TENANT_NAME` environment variable is used. +* `insecure` - (Optional) Explicitly allow the provider to perform + "insecure" SSL requests. If omitted, default value is `false` + ## Testing In order to run the Acceptance Tests for development, the following environment