Skip to content

Commit

Permalink
feat: Add a cli option for skipping tls verification
Browse files Browse the repository at this point in the history
  • Loading branch information
dorukozturk committed Dec 15, 2022
1 parent eb5cf86 commit 12cbcba
Showing 1 changed file with 29 additions and 1 deletion.
30 changes: 29 additions & 1 deletion hardeneks/__init__.py
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
import os
from pathlib import Path
from pkg_resources import resource_filename
import tempfile
import urllib3
import yaml

from botocore.exceptions import EndpointConnectionError
Expand Down Expand Up @@ -63,6 +66,22 @@ def _get_region():
return boto3.session.Session().region_name


def _load_kube_config():
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
kube_config_orig = f"{Path.home()}/.kube/config"
tmp_config = tempfile.NamedTemporaryFile().name

with open(kube_config_orig, "r") as fd:
kubeconfig = yaml.load(fd, Loader=yaml.FullLoader)
for cluster in kubeconfig["clusters"]:
cluster["cluster"]["insecure-skip-tls-verify"] = True
with open(tmp_config, "w") as fd:
yaml.dump(kubeconfig, fd, default_flow_style=False)

kubernetes.config.load_kube_config(tmp_config)
os.remove(tmp_config)


@app.command()
def run_hardeneks(
region: str = typer.Option(
Expand All @@ -82,6 +101,10 @@ def run_hardeneks(
callback=_config_callback,
help="Path to a hardeneks config file.",
),
insecure_skip_tls_verify: bool = typer.Option(
False,
"--insecure-skip-tls-verify",
),
):
"""
Main entry point to hardeneks.
Expand All @@ -92,14 +115,19 @@ def run_hardeneks(
cluster (str): Cluster name
namespace (str): Specific namespace to be checked
config (str): Path to hardeneks config file
insecure-skip-tls-verify (str): Skip tls verification
Returns:
None
"""
if insecure_skip_tls_verify:
_load_kube_config()
else:
kubernetes.config.load_kube_config(context=context)

kubernetes.config.load_kube_config(context=context)
context = _get_current_context(context)

if not cluster:
cluster = _get_cluster_name(context, region)

Expand Down

0 comments on commit 12cbcba

Please sign in to comment.