diff --git a/pkg/controller/plan/adapter/vsphere/client.go b/pkg/controller/plan/adapter/vsphere/client.go index 1480b7a36..89acfe80c 100644 --- a/pkg/controller/plan/adapter/vsphere/client.go +++ b/pkg/controller/plan/adapter/vsphere/client.go @@ -4,6 +4,7 @@ import ( "context" "fmt" liburl "net/url" + "strconv" planapi "github.com/konveyor/forklift-controller/pkg/apis/forklift/v1beta1/plan" "github.com/konveyor/forklift-controller/pkg/apis/forklift/v1beta1/ref" @@ -330,7 +331,7 @@ func (r *Client) connect() error { url.User = liburl.UserPassword( r.user(), r.password()) - soapClient := soap.NewClient(url, false) + soapClient := soap.NewClient(url, r.getInsecureSkipVerifyFlag()) soapClient.SetThumbprint(url.Host, r.thumbprint()) vimClient, err := vim25.NewClient(context.TODO(), soapClient) if err != nil { @@ -369,6 +370,22 @@ func (r *Client) thumbprint() string { return "" } +// getInsecureSkipVerifyFlag gets the insecureSkipVerify boolean flag +// value from the provider connection secret. +func (r *Client) getInsecureSkipVerifyFlag() bool { + insecure, found := r.Source.Secret.Data["insecureSkipVerify"] + if !found { + return false + } + + insecureSkipVerify, err := strconv.ParseBool(string(insecure)) + if err != nil { + return false + } + + return insecureSkipVerify +} + func (r *Client) DetachDisks(vmRef ref.Ref) (err error) { // no-op return diff --git a/pkg/controller/plan/adapter/vsphere/host.go b/pkg/controller/plan/adapter/vsphere/host.go index 1ba4c77f1..13df8d71c 100644 --- a/pkg/controller/plan/adapter/vsphere/host.go +++ b/pkg/controller/plan/adapter/vsphere/host.go @@ -2,6 +2,10 @@ package vsphere import ( "context" + liburl "net/url" + "strconv" + "time" + model "github.com/konveyor/forklift-controller/pkg/controller/provider/web/vsphere" liberr "github.com/konveyor/forklift-controller/pkg/lib/error" "github.com/vmware/govmomi" @@ -10,8 +14,6 @@ import ( "github.com/vmware/govmomi/vim25" "github.com/vmware/govmomi/vim25/soap" core "k8s.io/api/core/v1" - liburl "net/url" - "time" ) // ESX Host. @@ -92,7 +94,7 @@ func (r *EsxHost) connect(ctx context.Context) (err error) { url.User = liburl.UserPassword( r.user(), r.password()) - soapClient := soap.NewClient(url, false) + soapClient := soap.NewClient(url, r.getInsecureSkipVerifyFlag()) soapClient.SetThumbprint(url.Host, r.thumbprint()) vimClient, err := vim25.NewClient(ctx, soapClient) if err != nil { @@ -147,3 +149,19 @@ func (r *EsxHost) thumbprint() string { return "" } + +// GetInsecureSkipVerifyFlag gets the insecureSkipVerify boolean flag +// value from the provider connection secret. +func (r *EsxHost) getInsecureSkipVerifyFlag() bool { + insecure, found := r.Secret.Data["insecureSkipVerify"] + if !found { + return false + } + + insecureSkipVerify, err := strconv.ParseBool(string(insecure)) + if err != nil { + return false + } + + return insecureSkipVerify +} diff --git a/pkg/controller/provider/container/vsphere/collector.go b/pkg/controller/provider/container/vsphere/collector.go index 788988f7d..2f39ed274 100644 --- a/pkg/controller/provider/container/vsphere/collector.go +++ b/pkg/controller/provider/container/vsphere/collector.go @@ -486,7 +486,7 @@ func (r *Collector) connect(ctx context.Context) (status int, err error) { url.User = liburl.UserPassword( r.user(), r.password()) - soapClient := soap.NewClient(url, false) + soapClient := soap.NewClient(url, r.getInsecureSkipVerifyFlag()) soapClient.SetThumbprint(url.Host, r.thumbprint()) vimClient, err := vim25.NewClient(ctx, soapClient) if err != nil { @@ -545,6 +545,22 @@ func (r *Collector) thumbprint() string { return "" } +// getInsecureSkipVerifyFlag gets the insecureSkipVerify boolean flag +// value from the provider connection secret. +func (r *Collector) getInsecureSkipVerifyFlag() bool { + insecure, found := r.secret.Data["insecureSkipVerify"] + if !found { + return false + } + + insecureSkipVerify, err := strconv.ParseBool(string(insecure)) + if err != nil { + return false + } + + return insecureSkipVerify +} + // Build the object Spec filter. func (r *Collector) filter(pc *property.Collector) *property.WaitFilter { return &property.WaitFilter{