mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-30 18:20:19 +00:00
util: store EnvVaultInsecure as string, not bool
The configuration option `EnvVaultInsecure` is expected to be a string,
not a boolean. By converting the bool back to a string (after
verification), it is now possible to skip the certificate validation
check by setting `vaultCAVerify: false` in the Vault configuration.
Fixes: #1852
Reported-by: Bryon Nevis <bryon.nevis@intel.com>
Signed-off-by: Niels de Vos <ndevos@redhat.com>
(cherry picked from commit 582d004ca5
)
This commit is contained in:
parent
08904884d3
commit
4005585806
@ -104,7 +104,7 @@ func (vc *vaultConnection) initConnection(kmsID string, config, secrets map[stri
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("failed to parse 'vaultCAVerify': %w", err)
|
return fmt.Errorf("failed to parse 'vaultCAVerify': %w", err)
|
||||||
}
|
}
|
||||||
vaultConfig[api.EnvVaultInsecure] = !vaultCAVerify
|
vaultConfig[api.EnvVaultInsecure] = strconv.FormatBool(!vaultCAVerify)
|
||||||
}
|
}
|
||||||
|
|
||||||
vaultCAFromSecret, ok := config["vaultCAFromSecret"]
|
vaultCAFromSecret, ok := config["vaultCAFromSecret"]
|
||||||
|
Loading…
Reference in New Issue
Block a user