Unseal: Add 'insecure-skip-tls-verify' flag when unsealing. Fixes #79

nemosupremo · Sep 6, 2019 · db8593c · db8593c
1 parent 4faf5db
commit db8593c
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/cmd/unseal.go b/cmd/unseal.go
@@ -30,6 +30,8 @@ func init() {
 		{"auth-aws-nonce", "", "AWS-EC2 nonce for repeated authentication."},
 
 		{"auth-gh-token", "", "Vault authorized github personal token."},
+
+		{"insecure-skip-tls-verify", false, `Skip TLS verification for insecure cerificates with the Gatekeeper host. Useful for communicating with clusters with self signed certificates. Defaults to "false".`},
 	}
 	unsealOptions = options
 
@@ -127,6 +129,7 @@ func gatekeeperUnseal(cmd *cobra.Command, args []string) {
 			Method:      "POST",
 			Body:        body,
 			ContentType: "application/json",
+			Insecure:    viper.GetBool("insecure-skip-tls-verify"),
 		}.Do()
 		if err == nil {
 			defer req.Body.Close()