added support for self signed certificates

scm-manager · Mar 20, 2024 · 9d576ed · 9d576ed
1 parent 67180a9
commit 9d576ed
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 15 deletions.
diff --git a/applicationset/generators/scm_provider.go b/applicationset/generators/scm_provider.go
@@ -200,7 +200,7 @@ func (g *SCMProviderGenerator) GenerateParams(appSetGenerator *argoprojiov1alpha
 		if err != nil {
 			return nil, fmt.Errorf("error fetching SCM-Manager token: %v", err)
 		}
-		provider, err = scm_provider.NewScmManagerProvider(ctx, token, providerConfig.ScmManager.API, providerConfig.ScmManager.AllBranches, providerConfig.ScmManager.Insecure)
+		provider, err = scm_provider.NewScmManagerProvider(ctx, token, providerConfig.ScmManager.API, providerConfig.ScmManager.AllBranches, providerConfig.ScmManager.Insecure, g.scmRootCAPath)
 		if err != nil {
 			return nil, fmt.Errorf("error initializing SCM-Manager provider: %v", err)
 		}

diff --git a/applicationset/services/scm_provider/scm-manager.go b/applicationset/services/scm_provider/scm-manager.go
@@ -2,11 +2,10 @@ package scm_provider
 
 import (
 	"context"
-	"crypto/tls"
 	"errors"
 	"fmt"
+	"github.com/argoproj/argo-cd/v2/applicationset/utils"
 	"net/http"
-	"net/http/cookiejar"
 	"os"
 
 	scmm "github.com/scm-manager/goscm"
@@ -19,25 +18,23 @@ type ScmManagerProvider struct {
 
 var _ SCMProviderService = &ScmManagerProvider{}
 
-func NewScmManagerProvider(ctx context.Context, token, url string, allBranches, insecure bool) (*ScmManagerProvider, error) {
+func NewScmManagerProvider(ctx context.Context, token, url string, allBranches, insecure bool, scmRootCAPath string) (*ScmManagerProvider, error) {
 	if token == "" {
 		token = os.Getenv("SCMM_TOKEN")
 	}
 	httpClient := &http.Client{}
-	if insecure {
-		cookieJar, _ := cookiejar.New(nil)
-
-		httpClient = &http.Client{
-			Jar: cookieJar,
-			Transport: &http.Transport{
-				TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
-			}}
-	}
+	tr := http.DefaultTransport.(*http.Transport).Clone()
+	tr.TLSClientConfig = utils.GetTlsConfig(scmRootCAPath, insecure)
+	httpClient.Transport = tr
+
 	client, err := scmm.NewClient(url, token)
+
 	if err != nil {
 		return nil, fmt.Errorf("error creating a new SCM-Manager client: %w", err)
 	}
+
 	client.SetHttpClient(httpClient)
+
 	return &ScmManagerProvider{
 		client:      client,
 		allBranches: allBranches,

diff --git a/applicationset/services/scm_provider/scm-manager_test.go b/applicationset/services/scm_provider/scm-manager_test.go
@@ -137,7 +137,7 @@ func TestScmManagerListRepos(t *testing.T) {
 	defer ts.Close()
 	for _, c := range cases {
 		t.Run(c.name, func(t *testing.T) {
-			provider, _ := NewScmManagerProvider(context.Background(), "", ts.URL, c.allBranches, false)
+			provider, _ := NewScmManagerProvider(context.Background(), "", ts.URL, c.allBranches, false, "")
 			rawRepos, err := ListRepos(context.Background(), provider, c.filters, c.proto)
 			if c.hasError {
 				assert.NotNil(t, err)
@@ -166,7 +166,7 @@ func TestScmManagerHasPath(t *testing.T) {
 		scmManagerMockHandler(t)(w, r)
 	}))
 	defer ts.Close()
-	host, _ := NewScmManagerProvider(context.Background(), "", ts.URL, false, false)
+	host, _ := NewScmManagerProvider(context.Background(), "", ts.URL, false, false, "")
 	repo := &Repository{
 		Organization: "test-argocd",
 		Repository:   "pr-test",