Commit 4e1c7eb6 authored by runseb's avatar runseb

Logic for the token is wrong

The use of token or basic auth was a conditional inside the TLS verify loop.
You can use TLS or skip the verification and use token or basic auth.

Just a tab issue. Put the token conditional outside the kubeInsecure check.

Also handled the case that we actually switch the boolean for skip TLS and forced it to replace true or false.
parent 1d51ef1b
...@@ -204,7 +204,7 @@ func getConfigurator() *configurator.Configurator { ...@@ -204,7 +204,7 @@ func getConfigurator() *configurator.Configurator {
} }
if *kubeInsecure { if *kubeInsecure {
args = append(args, "--insecure-skip-tls-verify") args = append(args, fmt.Sprintf("--insecure-skip-tls-verify=%s", *kubeInsecure))
} else { } else {
if *kubeCertAuth != "" { if *kubeCertAuth != "" {
args = append(args, fmt.Sprintf("--certificate-authority=%s", *kubeCertAuth)) args = append(args, fmt.Sprintf("--certificate-authority=%s", *kubeCertAuth))
...@@ -216,17 +216,16 @@ func getConfigurator() *configurator.Configurator { ...@@ -216,17 +216,16 @@ func getConfigurator() *configurator.Configurator {
args = append(args, fmt.Sprintf("--client-key=%s", *kubeClientKey)) args = append(args, fmt.Sprintf("--client-key=%s", *kubeClientKey))
} }
} }
}
if *kubeToken != "" {
args = append(args, fmt.Sprintf("--token=%s", *kubeToken))
} else {
if *kubeUsername != "" {
args = append(args, fmt.Sprintf("--username=%s", *kubeUsername))
}
if *kubeToken != "" { if *kubePassword != "" {
args = append(args, fmt.Sprintf("--token=%s", *kubeToken)) args = append(args, fmt.Sprintf("--password=%s", *kubePassword))
} else {
if *kubeUsername != "" {
args = append(args, fmt.Sprintf("--username=%s", *kubeUsername))
}
if *kubePassword != "" {
args = append(args, fmt.Sprintf("--password=%s", *kubePassword))
}
} }
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment