fix: perform tls verification by default (#219)

wolf31o2 · web-flow · commit 5c44475a4e1e · 2024-06-12T11:33:43.000-04:00
Signed-off-by: Chris Gianelloni &lt;wolf31o2@blinklabs.io&gt;
diff --git a/output/webhook/options.go b/output/webhook/options.go
@@ -28,9 +28,10 @@ func WithLogger(logger plugin.Logger) WebhookOptionFunc {
 }
 
 // WithUrl specifies the webhook URL
-func WithUrl(url string) WebhookOptionFunc {
+func WithUrl(url string, skipVerify bool) WebhookOptionFunc {
 	return func(o *WebhookOutput) {
 		o.url = url
+		o.skipVerify = skipVerify
 	}
 }
 
diff --git a/output/webhook/plugin.go b/output/webhook/plugin.go
@@ -20,10 +20,11 @@ import (
 )
 
 var cmdlineOptions struct {
-	format   string
-	url      string
-	username string
-	password string
+	format     string
+	url        string
+	username   string
+	password   string
+	skipVerify bool
 }
 
 func init() {
@@ -48,6 +49,13 @@ func init() {
 					DefaultValue: "http://localhost:3000",
 					Dest:         &(cmdlineOptions.url),
 				},
+				{
+					Name:         "tls-skip-verify",
+					Type:         plugin.PluginOptionTypeBool,
+					Description:  "skip tls verification (for self-signed certs)",
+					DefaultValue: false,
+					Dest:         &(cmdlineOptions.skipVerify),
+				},
 				{
 					Name:         "username",
 					Type:         plugin.PluginOptionTypeString,
@@ -72,7 +80,7 @@ func NewFromCmdlineOptions() plugin.Plugin {
 		WithLogger(
 			logging.GetLogger().With("plugin", "output.webhook"),
 		),
-		WithUrl(cmdlineOptions.url),
+		WithUrl(cmdlineOptions.url, cmdlineOptions.skipVerify),
 		WithBasicAuth(cmdlineOptions.username, cmdlineOptions.password),
 		WithFormat(cmdlineOptions.format),
 	)
diff --git a/output/webhook/webhook.go b/output/webhook/webhook.go
@@ -41,21 +41,23 @@ const (
 )
 
 type WebhookOutput struct {
-	errorChan chan error
-	eventChan chan event.Event
-	logger    plugin.Logger
-	format    string
-	url       string
-	username  string
-	password  string
+	errorChan  chan error
+	eventChan  chan event.Event
+	logger     plugin.Logger
+	format     string
+	url        string
+	username   string
+	password   string
+	skipVerify bool
 }
 
 func New(options ...WebhookOptionFunc) *WebhookOutput {
 	w := &WebhookOutput{
-		errorChan: make(chan error),
-		eventChan: make(chan event.Event, 10),
-		format:    "adder",
-		url:       "http://localhost:3000",
+		errorChan:  make(chan error),
+		eventChan:  make(chan event.Event, 10),
+		format:     "adder",
+		url:        "http://localhost:3000",
+		skipVerify: false,
 	}
 	for _, option := range options {
 		option(w)
@@ -270,7 +272,7 @@ func (w *WebhookOutput) SendWebhook(e *event.Event) error {
 		IdleConnTimeout:       defaultTransport.IdleConnTimeout,
 		ExpectContinueTimeout: defaultTransport.ExpectContinueTimeout,
 		TLSHandshakeTimeout:   defaultTransport.TLSHandshakeTimeout,
-		TLSClientConfig:       &tls.Config{InsecureSkipVerify: true},
+		TLSClientConfig:       &tls.Config{InsecureSkipVerify: w.skipVerify},
 	}
 	client := &http.Client{Transport: customTransport}
 	// Send payload

Original file line number	Diff line number	Diff line change
`@@ -28,9 +28,10 @@ func WithLogger(logger plugin.Logger) WebhookOptionFunc {`
`28`	`28`	`}`
`29`	`29`
`30`	`30`	`// WithUrl specifies the webhook URL`
`31`		`-func WithUrl(url string) WebhookOptionFunc {`
	`31`	`+func WithUrl(url string, skipVerify bool) WebhookOptionFunc {`
`32`	`32`	`return func(o *WebhookOutput) {`
`33`	`33`	`o.url = url`
	`34`	`+ o.skipVerify = skipVerify`
`34`	`35`	`}`
`35`	`36`	`}`
`36`	`37`