feat(client): configure TLS InsecureSkipVerify for server connection (#1287)

Co-authored-by: knqyf263 <knqyf263@gmail.com>
2025-12-22 23:26:39 -08:00 · 2022-02-13 10:34:34 +01:00
parent de6c3cbb6c
commit aa6e1eb6f9
9 changed files with 139 additions and 25 deletions
--- a/pkg/rpc/client/client_test.go
+++ b/pkg/rpc/client/client_test.go
@@ -3,6 +3,8 @@ package client
 import (
 	"context"
 	"errors"
+	"net/http"
+	"net/http/httptest"
 	"testing"

 	"github.com/golang/protobuf/ptypes/timestamp"
@@ -283,3 +285,48 @@ func TestScanner_Scan(t *testing.T) {
 		})
 	}
 }
+
+func TestScanner_ScanServerInsecure(t *testing.T) {
+	ts := httptest.NewTLSServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {}))
+	defer ts.Close()
+
+	type args struct {
+		request  *scanner.ScanRequest
+		insecure bool
+	}
+	tests := []struct {
+		name    string
+		args    args
+		wantErr string
+	}{
+		{
+			name: "happy path",
+			args: args{
+				request:  &scanner.ScanRequest{},
+				insecure: true,
+			},
+		},
+		{
+			name: "sad path",
+			args: args{
+				request:  &scanner.ScanRequest{},
+				insecure: false,
+			},
+			wantErr: "certificate signed by unknown authority",
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+
+			s := NewProtobufClient(RemoteURL(ts.URL), Insecure(tt.args.insecure))
+			_, err := s.Scan(context.Background(), tt.args.request)
+
+			if tt.wantErr != "" {
+				require.Error(t, err)
+				require.Contains(t, err.Error(), tt.wantErr)
+				return
+			}
+			require.NoError(t, err)
+		})
+	}
+}