From 2889464116b5144a309043802c8f92ba85b49bdb Mon Sep 17 00:00:00 2001 From: Ricardo Pardini Date: Wed, 3 Jul 2024 14:51:59 +0200 Subject: [PATCH] hook-bootkit: read `tinkerbell_insecure_tls` from kernel cmdline and pass it to worker as TINKERBELL_INSECURE_TLS Signed-off-by: Ricardo Pardini --- images/hook-bootkit/main.go | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/images/hook-bootkit/main.go b/images/hook-bootkit/main.go index 75d211ba..8a8d6d97 100644 --- a/images/hook-bootkit/main.go +++ b/images/hook-bootkit/main.go @@ -42,9 +42,13 @@ type tinkWorkerConfig struct { // tinkServerTLS is whether or not to use TLS for tink-server communication. tinkServerTLS string - httpProxy string - httpsProxy string - noProxy string + + // tinkServerInsecureTLS is whether or not to use insecure TLS for tink-server communication; only applies is TLS itself is on + tinkServerInsecureTLS string + + httpProxy string + httpsProxy string + noProxy string } func main() { @@ -167,6 +171,7 @@ func run(ctx context.Context, log logr.Logger) error { fmt.Sprintf("REGISTRY_PASSWORD=%s", cfg.password), fmt.Sprintf("TINKERBELL_GRPC_AUTHORITY=%s", cfg.grpcAuthority), fmt.Sprintf("TINKERBELL_TLS=%s", cfg.tinkServerTLS), + fmt.Sprintf("TINKERBELL_INSECURE_TLS=%s", cfg.tinkServerInsecureTLS), fmt.Sprintf("WORKER_ID=%s", cfg.workerID), fmt.Sprintf("ID=%s", cfg.workerID), fmt.Sprintf("HTTP_PROXY=%s", cfg.httpProxy), @@ -267,6 +272,8 @@ func parseCmdLine(cmdLines []string) (cfg tinkWorkerConfig) { cfg.tinkWorkerImage = cmdLine[1] case "tinkerbell_tls": cfg.tinkServerTLS = cmdLine[1] + case "tinkerbell_insecure_tls": + cfg.tinkServerInsecureTLS = cmdLine[1] case "HTTP_PROXY": cfg.httpProxy = cmdLine[1] case "HTTPS_PROXY":