Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add insecure binding for testing to knebind #64

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add insecure binding for testing to knebind #64

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions knebind/config.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ type Config struct {
CLIPath string `yaml:"cli"`
KubecfgPath string `yaml:"kubecfg"`
SkipReset bool `yaml:"skip_reset"`
Insecure bool `yaml:"insecure"`
}

// Credentials contains credential maps for nodes in the KNE topology.
Expand Down
15 changes: 13 additions & 2 deletions knebind/knebind.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -120,6 +120,10 @@ func (d *kneDUT) resetConfig() error {
}

func (d *kneDUT) DialGNMI(ctx context.Context, opts ...grpc.DialOption) (gpb.GNMIClient, error) {
//If the insecure field is set to true then set to insecure
if d.cfg.Insecure {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this feels like someting that should really be on the testbed as an option not on the bind
Either per testbed or per dut this would be set

opts = append(opts, grpc.WithTransportCredentials(insecure.NewCredentials()))
}
conn, err := d.dialGRPC(ctx, "gnmi", opts...)
if err != nil {
return nil, err
Expand Down Expand Up @@ -157,7 +161,9 @@ func (d *kneDUT) dialGRPC(ctx context.Context, serviceName string, opts ...grpc.
return nil, err
}
addr := serviceAddr(s)
opts = append(opts, grpc.WithTransportCredentials(credentials.NewTLS(&tls.Config{InsecureSkipVerify: true}))) // NOLINT
if !d.cfg.Insecure {
opts = append(opts, grpc.WithTransportCredentials(credentials.NewTLS(&tls.Config{InsecureSkipVerify: true}))) // NOLINT
}
creds := newRPCCredentials(d.cfg, d.Name(), d.NodeVendor)
if creds != nil {
opts = append(opts, grpc.WithPerRPCCredentials(creds))
Expand Down Expand Up @@ -188,7 +194,12 @@ func (r *rpcCredentials) GetRequestMetadata(ctx context.Context, uri ...string)
}

func (r *rpcCredentials) RequireTransportSecurity() bool {
return true
cfg := Config{}
if !cfg.Insecure {
return false
} else {
return true
}
}

// newRPCCredentials determines the correct credentials used to access a node via rpc
Expand Down