From a55548de076f396580bd0aa1196553f5eae61976 Mon Sep 17 00:00:00 2001 From: Vipul Newaskar Date: Mon, 30 May 2022 23:23:40 +0530 Subject: [PATCH 1/2] allow http git repos connections while bootstrap This change will allow user to bootstrap with http git urls But user must explicitely set --allow-insecure-http=true Signed-off-by: Vipul Newaskar --- cmd/flux/bootstrap_git.go | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/cmd/flux/bootstrap_git.go b/cmd/flux/bootstrap_git.go index f3005107..6f540fe5 100644 --- a/cmd/flux/bootstrap_git.go +++ b/cmd/flux/bootstrap_git.go @@ -67,12 +67,13 @@ command will perform an upgrade if needed.`, } type gitFlags struct { - url string - interval time.Duration - path flags.SafeRelativePath - username string - password string - silent bool + url string + interval time.Duration + path flags.SafeRelativePath + username string + password string + silent bool + insecureHttpAllowed bool } const ( @@ -88,6 +89,7 @@ func init() { bootstrapGitCmd.Flags().StringVarP(&gitArgs.username, "username", "u", "git", "basic authentication username") bootstrapGitCmd.Flags().StringVarP(&gitArgs.password, "password", "p", "", "basic authentication password") bootstrapGitCmd.Flags().BoolVarP(&gitArgs.silent, "silent", "s", false, "assumes the deploy key is already setup, skips confirmation") + bootstrapGitCmd.Flags().BoolVar(&gitArgs.insecureHttpAllowed, "allow-insecure-http", false, "allows http git url connections") bootstrapCmd.AddCommand(bootstrapGitCmd) } @@ -269,6 +271,14 @@ func bootstrapGitCmdRun(cmd *cobra.Command, args []string) error { // SSH-agent is attempted. func transportForURL(u *url.URL) (transport.AuthMethod, error) { switch u.Scheme { + case "http": + if !gitArgs.insecureHttpAllowed { + return nil, fmt.Errorf("scheme http is not supported") + } + return &http.BasicAuth{ + Username: gitArgs.username, + Password: gitArgs.password, + }, nil case "https": return &http.BasicAuth{ Username: gitArgs.username, From 0a30bc1024f427e4688af45441bf1b27f3b87e55 Mon Sep 17 00:00:00 2001 From: Vipul Newaskar Date: Thu, 2 Jun 2022 10:27:58 +0530 Subject: [PATCH 2/2] allow http git repos connections while bootstrap Updated misleading error message Signed-off-by: Vipul Newaskar --- cmd/flux/bootstrap_git.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/flux/bootstrap_git.go b/cmd/flux/bootstrap_git.go index 6f540fe5..27515775 100644 --- a/cmd/flux/bootstrap_git.go +++ b/cmd/flux/bootstrap_git.go @@ -273,7 +273,7 @@ func transportForURL(u *url.URL) (transport.AuthMethod, error) { switch u.Scheme { case "http": if !gitArgs.insecureHttpAllowed { - return nil, fmt.Errorf("scheme http is not supported") + return nil, fmt.Errorf("scheme http is insecure, pass --allow-insecure-http=true to allow it") } return &http.BasicAuth{ Username: gitArgs.username,