diff --git a/config/config.go b/config/config.go index 0a38cb1..ad2e267 100644 --- a/config/config.go +++ b/config/config.go @@ -53,6 +53,7 @@ func (config *Config) parseFlags() { flag.StringVar(&config.Marathon.Protocol, "marathon-protocol", "http", "marathon protocol (http or https)") flag.StringVar(&config.Marathon.Username, "marathon-username", "", "marathon username for basic auth") flag.StringVar(&config.Marathon.Password, "marathon-password", "", "marathon password for basic auth") + flag.BoolVar(&config.Marathon.NoVerifySSL, "marathon-noverify", false, "don't verify marathon SSL certificates") // General flag.StringVar(&config.LogLevel, "log-level", "info", "log level: panic, fatal, error, warn, info, or debug") diff --git a/config/marathon.go b/config/marathon.go index a914dd6..aecd85e 100644 --- a/config/marathon.go +++ b/config/marathon.go @@ -8,10 +8,11 @@ import ( ) type MarathonConfig struct { - Location string - Protocol string - Username string - Password string + Location string + Protocol string + Username string + Password string + NoVerifySSL bool } func (m MarathonConfig) Validate() { @@ -29,5 +30,6 @@ func (m MarathonConfig) NewMarathon() (marathon.Marathon, error) { m.Location, m.Protocol, url.UserPassword(m.Username, m.Password), + m.NoVerifySSL, ) } diff --git a/main.go b/main.go index 1e5ba67..0cb3666 100644 --- a/main.go +++ b/main.go @@ -3,6 +3,7 @@ package main import ( "bufio" "bytes" + "crypto/tls" "net/http" "os" "time" @@ -61,7 +62,7 @@ func main() { func SubscribeToEventStream(config *config.Config, m marathon.Marathon, fh *ForwardHandler) { Reconnect: for { - resp, err := makeEventStreamRequest(m.Url("/v2/events")) + resp, err := makeEventStreamRequest(m.Url("/v2/events"), m.NoVerifySsl) defer resp.Body.Close() reader := bufio.NewReader(resp.Body) log.Info("connected to /v2/events endpoint") @@ -134,7 +135,7 @@ func ServeWebhookReceiver(config *config.Config, fh *ForwardHandler) { log.Fatal(http.ListenAndServe(config.Web.Listen, nil)) } -func makeEventStreamRequest(url string) (*http.Response, error) { +func makeEventStreamRequest(url string, noVerifySsl bool) (*http.Response, error) { buffer := make([]byte, 1024) req, err := http.NewRequest("GET", url, bytes.NewBuffer(buffer)) if err != nil { @@ -143,6 +144,13 @@ func makeEventStreamRequest(url string) (*http.Response, error) { } req.Header.Set("Accept", "text/event-stream") client := &http.Client{} + client.Transport = &http.Transport{ + Proxy: http.ProxyFromEnvironment, + TLSClientConfig: &tls.Config{ + InsecureSkipVerify: noVerifySsl, + }, + } + resp, err := client.Do(req) if err != nil { log.WithError(err).Error("HTTP request for /v2/events failed!") diff --git a/marathon/marathon.go b/marathon/marathon.go index 27fe5da..294c5fc 100644 --- a/marathon/marathon.go +++ b/marathon/marathon.go @@ -27,8 +27,8 @@ type Marathon struct { NoVerifySsl bool } -func NewMarathon(location, protocol string, auth *url.Userinfo) (Marathon, error) { - return Marathon{location, protocol, auth, false}, nil +func NewMarathon(location, protocol string, auth *url.Userinfo, sslVerify bool) (Marathon, error) { + return Marathon{location, protocol, auth, sslVerify}, nil } func (m Marathon) Url(path string) string { diff --git a/marathon/marathon_test.go b/marathon/marathon_test.go index 6feca2e..743c2b4 100644 --- a/marathon/marathon_test.go +++ b/marathon/marathon_test.go @@ -10,7 +10,7 @@ import ( func TestUrl(t *testing.T) { t.Parallel() - m, _ := NewMarathon("localhost:8080", "http", nil) + m, _ := NewMarathon("localhost:8080", "http", nil, false) url := m.Url("/v2/apps") assert.Equal(t, url, "http://localhost:8080/v2/apps") @@ -62,7 +62,7 @@ func TestParseVersion(t *testing.T) { "type": "http_callback" } }`) - m, _ := NewMarathon("localhost:8080", "http", nil) + m, _ := NewMarathon("localhost:8080", "http", nil, false) v, err := m.ParseVersion(infoBlob) assert.Equal(t, v, "0.11.1") assert.Nil(t, err) @@ -129,7 +129,7 @@ func TestParseApps(t *testing.T) { ]} `) - m, _ := NewMarathon("localhost:8080", "http", nil) + m, _ := NewMarathon("localhost:8080", "http", nil, false) apps, err := m.ParseApps(appBlob) assert.Nil(t, err) assert.Equal(t, len(apps), 1) @@ -162,7 +162,7 @@ func TestParseTasks(t *testing.T) { } `) - m, _ := NewMarathon("localhost:8080", "http", nil) + m, _ := NewMarathon("localhost:8080", "http", nil, false) tasks, err := m.ParseTasks(tasksBlob) assert.Nil(t, err) assert.Equal(t, len(tasks), 2)