Allow to connect to docker daemons without certificates but using tls

2017-09-15 17:19:34 -03:00
parent 6ac9784bef
commit e9e20a5e79
3 changed files with 11 additions and 5 deletions
--- a/docker/local_cached_factory.go
+++ b/docker/local_cached_factory.go
@@ -83,15 +83,17 @@ func (f *localCachedFactory) GetForInstance(instance *types.Instance) (DockerApi
 	// Need to create client to the DinD docker daemon
 	// We check if the client needs to use TLS
 	var tlsConfig *tls.Config
-	if len(instance.Cert) > 0 && len(instance.Key) > 0 {
+	if (len(instance.Cert) > 0 && len(instance.Key) > 0) || instance.Tls {
 		tlsConfig = tlsconfig.ClientDefault()
 		tlsConfig.InsecureSkipVerify = true
+		if len(instance.Cert) > 0 && len(instance.Key) > 0 {
 			tlsCert, err := tls.X509KeyPair(instance.Cert, instance.Key)
 			if err != nil {
 				return nil, fmt.Errorf("Could not load X509 key pair: %v. Make sure the key is not encrypted", err)
 			}
 			tlsConfig.Certificates = []tls.Certificate{tlsCert}
 		}
+	}

 	proxyUrl, _ := url.Parse("http://l2:443")
 	transport := &http.Transport{
--- a/pwd/session.go
+++ b/pwd/session.go
@@ -41,6 +41,7 @@ type SessionSetupInstanceConf struct {
 	IsSwarmWorker  bool       `json:"is_swarm_worker"`
 	Type           string     `json:"type"`
 	Run            [][]string `json:"run"`
+	Tls            bool       `json:"tls"`
 }

 func (p *pwd) SessionNew(duration time.Duration, stack, stackName, imageName string) (*types.Session, error) {
@@ -241,6 +242,7 @@ func (p *pwd) SessionSetup(session *types.Session, sconf SessionSetupConf) error
 				Hostname:       conf.Hostname,
 				PlaygroundFQDN: sconf.PlaygroundFQDN,
 				Type:           conf.Type,
+				Tls:            conf.Tls,
 			}
 			i, err := p.InstanceNew(session, instanceConf)
 			if err != nil {
--- a/pwd/types/instance.go
+++ b/pwd/types/instance.go
@@ -13,6 +13,7 @@ type Instance struct {
 	CACert      []byte          `json:"ca_cert" bson:"ca_cert"`
 	Cert        []byte          `json:"cert" bson:"cert"`
 	Key         []byte          `json:"key" bson:"key"`
+	Tls         bool            `json:"tls" bson:"tls"`
 	SessionId   string          `json:"session_id" bson:"session_id"`
 	ProxyHost   string          `json:"proxy_host" bson:"proxy_host"`
 	SessionHost string          `json:"session_host" bson:"session_host"`
@@ -34,6 +35,7 @@ type InstanceConfig struct {
 	CACert         []byte
 	Cert           []byte
 	Key            []byte
+	Tls            bool
 	PlaygroundFQDN string
 	Type           string
 }