mirror of
https://github.com/woodpecker-ci/woodpecker.git
synced 2024-11-26 11:51:02 +00:00
Merge pull request #116 from imduffy15/secure-grpc
Allow the agent to connect to a secure grpc endpoint
This commit is contained in:
commit
a9ee3c2296
2 changed files with 19 additions and 1 deletions
|
@ -16,7 +16,9 @@ package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
"crypto/tls"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
|
grpccredentials "google.golang.org/grpc/credentials"
|
||||||
"io"
|
"io"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
@ -83,9 +85,15 @@ func loop(c *cli.Context) error {
|
||||||
|
|
||||||
// grpc.Dial(target, ))
|
// grpc.Dial(target, ))
|
||||||
|
|
||||||
|
var transport = grpc.WithInsecure()
|
||||||
|
|
||||||
|
if c.Bool("secure-grpc") {
|
||||||
|
transport = grpc.WithTransportCredentials(grpccredentials.NewTLS(&tls.Config{InsecureSkipVerify: c.Bool("skip-insecure-grpc")}))
|
||||||
|
}
|
||||||
|
|
||||||
conn, err := grpc.Dial(
|
conn, err := grpc.Dial(
|
||||||
c.String("server"),
|
c.String("server"),
|
||||||
grpc.WithInsecure(),
|
transport,
|
||||||
grpc.WithPerRPCCredentials(&credentials{
|
grpc.WithPerRPCCredentials(&credentials{
|
||||||
username: c.String("username"),
|
username: c.String("username"),
|
||||||
password: c.String("password"),
|
password: c.String("password"),
|
||||||
|
|
|
@ -109,6 +109,16 @@ func main() {
|
||||||
Usage: "after pinging for a keepalive check, the agent waits for a duration of this time before closing the connection if no activity",
|
Usage: "after pinging for a keepalive check, the agent waits for a duration of this time before closing the connection if no activity",
|
||||||
Value: time.Second * 20,
|
Value: time.Second * 20,
|
||||||
},
|
},
|
||||||
|
cli.BoolFlag{
|
||||||
|
Name: "secure-grpc",
|
||||||
|
Usage: "should the connection to DRONE_SERVER be made using a secure transport",
|
||||||
|
EnvVar: "DRONE_GRPC_SECURE",
|
||||||
|
},
|
||||||
|
cli.BoolTFlag{
|
||||||
|
Name: "skip-insecure-grpc",
|
||||||
|
Usage: "should the grpc server certificate be verified, only valid when DRONE_GRPC_SECURE is true",
|
||||||
|
EnvVar: "DRONE_GRPC_VERIFY",
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := app.Run(os.Args); err != nil {
|
if err := app.Run(os.Args); err != nil {
|
||||||
|
|
Loading…
Reference in a new issue