etcdctl: add --ca-file, --cert-file, --key-file flags

2024-09-27 06:25:44 +00:00 · 2014-11-06 12:16:07 -08:00 · 2014-11-06 12:16:07 -08:00 · 2d942e970b
commit 2d942e970b
parent 902f06c5c4
4 changed files with 35 additions and 17 deletions
--- a/etcdctl/command/handle.go
+++ b/etcdctl/command/handle.go
@ -47,7 +47,13 @@ func rawhandle(c *cli.Context, fn handlerFunc) (*etcd.Response, error) {
 		return nil, err
 	}

+	tr, err := getTransport(c)
+	if err != nil {
+		return nil, err
+	}
+
 	client := etcd.NewClient(endpoints)
+	client.SetTransport(tr)

 	if c.GlobalBool("debug") {
 		go dumpCURL(client)
--- a/etcdctl/command/member_commands.go
+++ b/etcdctl/command/member_commands.go
@ -18,7 +18,6 @@ package command

 import (
 	"fmt"
-	"net/http"
 	"os"
 	"strings"

@ -58,7 +57,13 @@ func mustNewMembersAPI(c *cli.Context) client.MembersAPI {
 		os.Exit(1)
 	}

-	hc, err := client.NewHTTPClient(&http.Transport{}, eps)
+	tr, err := getTransport(c)
+	if err != nil {
+		fmt.Fprintln(os.Stderr, err.Error())
+		os.Exit(1)
+	}
+
+	hc, err := client.NewHTTPClient(tr, eps)
 	if err != nil {
 		fmt.Fprintln(os.Stderr, err.Error())
 		os.Exit(1)
--- a/etcdctl/command/util.go
+++ b/etcdctl/command/util.go
@ -20,11 +20,13 @@ import (
 	"errors"
 	"io"
 	"io/ioutil"
+	"net/http"
 	"net/url"
 	"os"
 	"strings"

 	"github.com/coreos/etcd/Godeps/_workspace/src/github.com/codegangsta/cli"
+	"github.com/coreos/etcd/pkg/transport"
 )

 var (
@ -54,19 +56,6 @@ func argOrStdin(args []string, stdin io.Reader, i int) (string, error) {
 	return string(bytes), nil
 }

-func maybeAddScheme(maybeAddr string) (string, error) {
-	u, err := url.Parse(maybeAddr)
-	if err != nil {
-		return "", err
-	}
-
-	if u.Scheme == "" {
-		u.Scheme = "http"
-	}
-
-	return u.String(), nil
-}
-
 func getPeersFlagValue(c *cli.Context) []string {
 	peerstr := c.GlobalString("peers")

@ -86,12 +75,27 @@ func getPeersFlagValue(c *cli.Context) []string {

 func getEndpoints(c *cli.Context) ([]string, error) {
 	eps := getPeersFlagValue(c)
-	var err error
 	for i, ep := range eps {
-		eps[i], err = maybeAddScheme(ep)
+		u, err := url.Parse(ep)
 		if err != nil {
 			return nil, err
 		}
+
+		if u.Scheme == "" {
+			u.Scheme = "http"
+		}
+
+		eps[i] = u.String()
 	}
 	return eps, nil
 }
+
+func getTransport(c *cli.Context) (*http.Transport, error) {
+	tls := transport.TLSInfo{
+		CAFile:   c.GlobalString("ca-file"),
+		CertFile: c.GlobalString("cert-file"),
+		KeyFile:  c.GlobalString("key-file"),
+	}
+	return transport.NewTransport(tls)
+
+}
--- a/etcdctl/main.go
+++ b/etcdctl/main.go
@ -35,6 +35,9 @@ func main() {
 		cli.BoolFlag{Name: "no-sync", Usage: "don't synchronize cluster information before sending request"},
 		cli.StringFlag{Name: "output, o", Value: "simple", Usage: "output response in the given format (`simple` or `json`)"},
 		cli.StringFlag{Name: "peers, C", Value: "", Usage: "a comma-delimited list of machine addresses in the cluster (default: \"127.0.0.1:4001\")"},
+		cli.StringFlag{Name: "cert-file", Value: "", Usage: "identify HTTPS client using this SSL certificate file"},
+		cli.StringFlag{Name: "key-file", Value: "", Usage: "identify HTTPS client using this SSL key file"},
+		cli.StringFlag{Name: "ca-file", Value: "", Usage: "verify certificates of HTTPS-enabled servers using this CA bundle"},
 	}
 	app.Commands = []cli.Command{
 		command.NewMakeCommand(),