diff --git a/pkg/fetch/vendir.go b/pkg/fetch/vendir.go index 5ed7dcb9e..fc11cf5eb 100644 --- a/pkg/fetch/vendir.go +++ b/pkg/fetch/vendir.go @@ -22,15 +22,14 @@ import ( kyaml "sigs.k8s.io/yaml" ) -// SourceType to extract host -type SourceType string - const ( // GitURL source type to extract host - GitURL SourceType = "gitURL" + GitURL = iota // ImageRegistry source type to extract host - ImageRegistry SourceType = "image" + ImageRegistry +) +const ( vendirEntireDirPath = "." ) @@ -386,8 +385,8 @@ func (v *Vendir) configMapBytes(configMapRef vendirconf.DirectoryContentsLocalRe return kyaml.Marshal(configMap) } -// This function works on image refs and hostname extraction using isGitURL flag -func (v *Vendir) shouldSkipTLSVerify(url string, sourceType SourceType) bool { +// This function works on image refs and hostname extraction based on source type +func (v *Vendir) shouldSkipTLSVerify(url string, sourceType int) bool { return v.opts.SkipTLSConfig.ShouldSkipTLSForAuthority(ExtractHost(url, sourceType)) } @@ -440,7 +439,7 @@ func extractGitHostname(input string) string { } // ExtractHost return registry for Docker Image and Host for git url -func ExtractHost(input string, sourceType SourceType) string { +func ExtractHost(input string, sourceType int) string { switch sourceType { case GitURL: return extractGitHostname(input) diff --git a/pkg/fetch/vendir_test.go b/pkg/fetch/vendir_test.go index 3106af8bb..5a37efc92 100644 --- a/pkg/fetch/vendir_test.go +++ b/pkg/fetch/vendir_test.go @@ -58,10 +58,50 @@ func Test_AddDir_skipsTLS(t *testing.T) { } } +func Test_GitURL_skipsTLS(t *testing.T) { + configMap := &v1.ConfigMap{ + ObjectMeta: metav1.ObjectMeta{ + Name: "kapp-controller-config", + Namespace: "default", + }, + Data: map[string]string{ + "dangerousSkipTLSVerify": "github.com, gitlab.com, hostname.com", + }, + } + k8scs := k8sfake.NewSimpleClientset(configMap) + config, err := kcconfig.NewConfig(k8scs) + assert.NoError(t, err) + + vendir := fetch.NewVendir("default", k8scs, + fetch.VendirOpts{SkipTLSConfig: config}, exec.NewPlainCmdRunner()) + + type testCase struct { + URL string + shouldSkipTLS bool + } + testCases := []testCase{ + {"https://github.com/bitnami/charts/", true}, + {"https://gitlab.com/bitnami/charts/", true}, + {"ssh://username@hostname.com:/path/to/repo.git", true}, + {"https://bitbucket.org/bitnami/charts/", false}, + } + for i, tc := range testCases { + err = vendir.AddDir(v1alpha1.AppFetch{ + Git: &v1alpha1.AppFetchGit{URL: tc.URL}, + }, + "dirpath/0") + assert.NoError(t, err) + + vConf := vendir.Config() + assert.Equal(t, i+1, len(vConf.Directories), "Failed on iteration %d", i) + assert.Equal(t, tc.shouldSkipTLS, vConf.Directories[i].Contents[0].Git.DangerousSkipTLSVerify, "Failed with URL %s", tc.URL) + } +} + func TestExtractHost(t *testing.T) { tests := []struct { name string - sourceType fetch.SourceType + sourceType int want string }{ { @@ -90,9 +130,9 @@ func TestExtractHost(t *testing.T) { want: "github.com", }, { - name: "http://github.com/bitnami/charts/", + name: "http://gitlab.com/bitnami/charts/", sourceType: fetch.GitURL, - want: "github.com", + want: "gitlab.com", }, { name: "ssh://username@hostname.com:/path/to/repo.git",