From 4e1c7eb6ef913df5c5f6fbfdc56cb9b3fe67bd80 Mon Sep 17 00:00:00 2001 From: runseb Date: Wed, 9 Dec 2015 00:12:14 +0100 Subject: [PATCH] Logic for the token is wrong The use of token or basic auth was a conditional inside the TLS verify loop. You can use TLS or skip the verification and use token or basic auth. Just a tab issue. Put the token conditional outside the kubeInsecure check. Also handled the case that we actually switch the boolean for skip TLS and forced it to replace true or false. --- resourcifier/configurations.go | 21 ++++++++++----------- 1 file changed, 10 insertions(+), 11 deletions(-) diff --git a/resourcifier/configurations.go b/resourcifier/configurations.go index 76032ebda..818981559 100644 --- a/resourcifier/configurations.go +++ b/resourcifier/configurations.go @@ -204,7 +204,7 @@ func getConfigurator() *configurator.Configurator { } if *kubeInsecure { - args = append(args, "--insecure-skip-tls-verify") + args = append(args, fmt.Sprintf("--insecure-skip-tls-verify=%s", *kubeInsecure)) } else { if *kubeCertAuth != "" { args = append(args, fmt.Sprintf("--certificate-authority=%s", *kubeCertAuth)) @@ -216,17 +216,16 @@ func getConfigurator() *configurator.Configurator { args = append(args, fmt.Sprintf("--client-key=%s", *kubeClientKey)) } } + } + if *kubeToken != "" { + args = append(args, fmt.Sprintf("--token=%s", *kubeToken)) + } else { + if *kubeUsername != "" { + args = append(args, fmt.Sprintf("--username=%s", *kubeUsername)) + } - if *kubeToken != "" { - args = append(args, fmt.Sprintf("--token=%s", *kubeToken)) - } else { - if *kubeUsername != "" { - args = append(args, fmt.Sprintf("--username=%s", *kubeUsername)) - } - - if *kubePassword != "" { - args = append(args, fmt.Sprintf("--password=%s", *kubePassword)) - } + if *kubePassword != "" { + args = append(args, fmt.Sprintf("--password=%s", *kubePassword)) } } }