42 lines
1.1 KiB
Go
42 lines
1.1 KiB
Go
// Copyright © 2023 Ory Corp
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package helpers
|
|
|
|
import (
|
|
"crypto/tls"
|
|
"net/http"
|
|
"os"
|
|
|
|
ctrl "sigs.k8s.io/controller-runtime"
|
|
|
|
httptransport "github.com/go-openapi/runtime/client"
|
|
)
|
|
|
|
func CreateHttpClient(insecureSkipVerify bool, tlsTrustStore string) (*http.Client, error) {
|
|
setupLog := ctrl.Log.WithName("setup")
|
|
tr := &http.Transport{}
|
|
httpClient := &http.Client{}
|
|
if insecureSkipVerify {
|
|
setupLog.Info("configuring TLS with InsecureSkipVerify")
|
|
tr.TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
|
|
httpClient.Transport = tr
|
|
}
|
|
if tlsTrustStore != "" {
|
|
if _, err := os.Stat(tlsTrustStore); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
setupLog.Info("configuring TLS with tlsTrustStore")
|
|
ops := httptransport.TLSClientOptions{
|
|
CA: tlsTrustStore,
|
|
InsecureSkipVerify: insecureSkipVerify,
|
|
}
|
|
if tlsClient, err := httptransport.TLSClient(ops); err != nil {
|
|
setupLog.Error(err, "Error while getting TLSClient, default http client will be used")
|
|
return tlsClient, nil
|
|
}
|
|
}
|
|
return httpClient, nil
|
|
}
|