diff --git a/changelogs/unreleased/1769-s12chung b/changelogs/unreleased/1769-s12chung deleted file mode 100644 index 5dd8dc65b..000000000 --- a/changelogs/unreleased/1769-s12chung +++ /dev/null @@ -1 +0,0 @@ -adds `insecureSkipTLSVerify` server config for AWS storage and `--insecure-skip-tls-verify` flag on client for self-signed certs diff --git a/pkg/cloudprovider/aws/object_store.go b/pkg/cloudprovider/aws/object_store.go index 0f4e3a36b..032eae07a 100644 --- a/pkg/cloudprovider/aws/object_store.go +++ b/pkg/cloudprovider/aws/object_store.go @@ -17,9 +17,7 @@ limitations under the License. package aws import ( - "crypto/tls" "io" - "net/http" "sort" "strconv" "time" @@ -38,14 +36,13 @@ import ( ) const ( - s3URLKey = "s3Url" - publicURLKey = "publicUrl" - kmsKeyIDKey = "kmsKeyId" - s3ForcePathStyleKey = "s3ForcePathStyle" - bucketKey = "bucket" - signatureVersionKey = "signatureVersion" - credentialProfileKey = "profile" - insecureSkipTLSVerifyKey = "insecureSkipTLSVerify" + s3URLKey = "s3Url" + publicURLKey = "publicUrl" + kmsKeyIDKey = "kmsKeyId" + s3ForcePathStyleKey = "s3ForcePathStyle" + bucketKey = "bucket" + signatureVersionKey = "signatureVersion" + credentialProfileKey = "profile" ) type s3Interface interface { @@ -86,29 +83,26 @@ func (o *ObjectStore) Init(config map[string]string) error { s3ForcePathStyleKey, signatureVersionKey, credentialProfileKey, - insecureSkipTLSVerifyKey, ); err != nil { return err } var ( - region = config[regionKey] - s3URL = config[s3URLKey] - publicURL = config[publicURLKey] - kmsKeyID = config[kmsKeyIDKey] - s3ForcePathStyleVal = config[s3ForcePathStyleKey] - signatureVersion = config[signatureVersionKey] - credentialProfile = config[credentialProfileKey] - insecureSkipTLSVerifyVal = config[insecureSkipTLSVerifyKey] + region = config[regionKey] + s3URL = config[s3URLKey] + publicURL = config[publicURLKey] + kmsKeyID = config[kmsKeyIDKey] + s3ForcePathStyleVal = config[s3ForcePathStyleKey] + signatureVersion = config[signatureVersionKey] + credentialProfile = config[credentialProfileKey] // note that bucket is automatically added to the config map // by the server from the ObjectStorageProviderConfig so // doesn't need to be explicitly set by the user within // config. - bucket = config[bucketKey] - s3ForcePathStyle bool - insecureSkipTLSVerify bool - err error + bucket = config[bucketKey] + s3ForcePathStyle bool + err error ) if s3ForcePathStyleVal != "" { @@ -133,20 +127,6 @@ func (o *ObjectStore) Init(config map[string]string) error { return err } - if insecureSkipTLSVerifyVal != "" { - if insecureSkipTLSVerify, err = strconv.ParseBool(insecureSkipTLSVerifyVal); err != nil { - return errors.Wrapf(err, "could not parse %s (expected bool)", insecureSkipTLSVerifyKey) - } - } - - if insecureSkipTLSVerify { - serverConfig.HTTPClient = &http.Client{ - Transport: &http.Transport{ - TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, - }, - } - } - serverSession, err := getSession(serverConfig, credentialProfile) if err != nil { return err diff --git a/pkg/cmd/cli/backup/describe.go b/pkg/cmd/cli/backup/describe.go index a12254960..ecc040d45 100644 --- a/pkg/cmd/cli/backup/describe.go +++ b/pkg/cmd/cli/backup/describe.go @@ -33,9 +33,8 @@ import ( func NewDescribeCommand(f client.Factory, use string) *cobra.Command { var ( - listOptions metav1.ListOptions - details bool - insecureSkipTLSVerify bool + listOptions metav1.ListOptions + details bool ) c := &cobra.Command{ @@ -72,7 +71,7 @@ func NewDescribeCommand(f client.Factory, use string) *cobra.Command { fmt.Fprintf(os.Stderr, "error getting PodVolumeBackups for backup %s: %v\n", backup.Name, err) } - s := output.DescribeBackup(&backup, deleteRequestList.Items, podVolumeBackupList.Items, details, veleroClient, insecureSkipTLSVerify) + s := output.DescribeBackup(&backup, deleteRequestList.Items, podVolumeBackupList.Items, details, veleroClient) if first { first = false fmt.Print(s) @@ -86,7 +85,6 @@ func NewDescribeCommand(f client.Factory, use string) *cobra.Command { c.Flags().StringVarP(&listOptions.LabelSelector, "selector", "l", listOptions.LabelSelector, "only show items matching this label selector") c.Flags().BoolVar(&details, "details", details, "display additional detail in the command output") - c.Flags().BoolVar(&insecureSkipTLSVerify, "insecure-skip-tls-verify", insecureSkipTLSVerify, "do not verify the TLS certificate for storage requests only. This is susceptible to man-in-the-middle attacks.") return c } diff --git a/pkg/cmd/cli/backup/download.go b/pkg/cmd/cli/backup/download.go index e0b8d9b64..e1d99e50b 100644 --- a/pkg/cmd/cli/backup/download.go +++ b/pkg/cmd/cli/backup/download.go @@ -52,12 +52,11 @@ func NewDownloadCommand(f client.Factory) *cobra.Command { } type DownloadOptions struct { - Name string - Output string - Force bool - Timeout time.Duration - InsecureSkipTLSVerify bool - writeOptions int + Name string + Output string + Force bool + Timeout time.Duration + writeOptions int } func NewDownloadOptions() *DownloadOptions { @@ -70,7 +69,6 @@ func (o *DownloadOptions) BindFlags(flags *pflag.FlagSet) { flags.StringVarP(&o.Output, "output", "o", o.Output, "path to output file. Defaults to -data.tar.gz in the current directory") flags.BoolVar(&o.Force, "force", o.Force, "forces the download and will overwrite file if it exists already") flags.DurationVar(&o.Timeout, "timeout", o.Timeout, "maximum time to wait to process download request") - flags.BoolVar(&o.InsecureSkipTLSVerify, "insecure-skip-tls-verify", o.InsecureSkipTLSVerify, "do not verify the TLS certificate for storage requests only. This is susceptible to man-in-the-middle attacks.") } func (o *DownloadOptions) Validate(c *cobra.Command, args []string, f client.Factory) error { @@ -113,7 +111,7 @@ func (o *DownloadOptions) Run(c *cobra.Command, f client.Factory) error { } defer backupDest.Close() - err = downloadrequest.Stream(veleroClient.VeleroV1(), f.Namespace(), o.Name, v1.DownloadTargetKindBackupContents, backupDest, o.Timeout, o.InsecureSkipTLSVerify) + err = downloadrequest.Stream(veleroClient.VeleroV1(), f.Namespace(), o.Name, v1.DownloadTargetKindBackupContents, backupDest, o.Timeout) if err != nil { os.Remove(o.Output) cmd.CheckError(err) diff --git a/pkg/cmd/cli/backup/logs.go b/pkg/cmd/cli/backup/logs.go index 6d32849e3..16753536d 100644 --- a/pkg/cmd/cli/backup/logs.go +++ b/pkg/cmd/cli/backup/logs.go @@ -32,7 +32,6 @@ import ( func NewLogsCommand(f client.Factory) *cobra.Command { timeout := time.Minute - insecureSkipTLSVerify := false c := &cobra.Command{ Use: "logs BACKUP", @@ -59,13 +58,12 @@ func NewLogsCommand(f client.Factory) *cobra.Command { "until the backup has a phase of Completed or Failed and try again.", backupName) } - err = downloadrequest.Stream(veleroClient.VeleroV1(), f.Namespace(), backupName, v1.DownloadTargetKindBackupLog, os.Stdout, timeout, insecureSkipTLSVerify) + err = downloadrequest.Stream(veleroClient.VeleroV1(), f.Namespace(), backupName, v1.DownloadTargetKindBackupLog, os.Stdout, timeout) cmd.CheckError(err) }, } c.Flags().DurationVar(&timeout, "timeout", timeout, "how long to wait to receive logs") - c.Flags().BoolVar(&insecureSkipTLSVerify, "insecure-skip-tls-verify", insecureSkipTLSVerify, "do not verify the TLS certificate for storage requests only. This is susceptible to man-in-the-middle attacks.") return c } diff --git a/pkg/cmd/cli/restore/describe.go b/pkg/cmd/cli/restore/describe.go index a4b47d447..e58f1e146 100644 --- a/pkg/cmd/cli/restore/describe.go +++ b/pkg/cmd/cli/restore/describe.go @@ -32,9 +32,8 @@ import ( func NewDescribeCommand(f client.Factory, use string) *cobra.Command { var ( - listOptions metav1.ListOptions - details bool - insecureSkipTLSVerify bool + listOptions metav1.ListOptions + details bool ) c := &cobra.Command{ @@ -65,7 +64,7 @@ func NewDescribeCommand(f client.Factory, use string) *cobra.Command { fmt.Fprintf(os.Stderr, "error getting PodVolumeRestores for restore %s: %v\n", restore.Name, err) } - s := output.DescribeRestore(&restore, podvolumeRestoreList.Items, details, veleroClient, insecureSkipTLSVerify) + s := output.DescribeRestore(&restore, podvolumeRestoreList.Items, details, veleroClient) if first { first = false fmt.Print(s) @@ -79,7 +78,6 @@ func NewDescribeCommand(f client.Factory, use string) *cobra.Command { c.Flags().StringVarP(&listOptions.LabelSelector, "selector", "l", listOptions.LabelSelector, "only show items matching this label selector") c.Flags().BoolVar(&details, "details", details, "display additional detail in the command output") - c.Flags().BoolVar(&insecureSkipTLSVerify, "insecure-skip-tls-verify", insecureSkipTLSVerify, "do not verify the TLS certificate for storage requests only. This is susceptible to man-in-the-middle attacks.") return c } diff --git a/pkg/cmd/cli/restore/logs.go b/pkg/cmd/cli/restore/logs.go index 0eebf26a1..2b6f6a14e 100644 --- a/pkg/cmd/cli/restore/logs.go +++ b/pkg/cmd/cli/restore/logs.go @@ -32,7 +32,6 @@ import ( func NewLogsCommand(f client.Factory) *cobra.Command { timeout := time.Minute - insecureSkipTLSVerify := false c := &cobra.Command{ Use: "logs RESTORE", @@ -59,13 +58,12 @@ func NewLogsCommand(f client.Factory) *cobra.Command { "until the restore has a phase of Completed or Failed and try again.", restoreName) } - err = downloadrequest.Stream(veleroClient.VeleroV1(), f.Namespace(), restoreName, v1.DownloadTargetKindRestoreLog, os.Stdout, timeout, insecureSkipTLSVerify) + err = downloadrequest.Stream(veleroClient.VeleroV1(), f.Namespace(), restoreName, v1.DownloadTargetKindRestoreLog, os.Stdout, timeout) cmd.CheckError(err) }, } c.Flags().DurationVar(&timeout, "timeout", timeout, "how long to wait to receive logs") - c.Flags().BoolVar(&insecureSkipTLSVerify, "insecure-skip-tls-verify", insecureSkipTLSVerify, "do not verify the TLS certificate for storage requests only. This is susceptible to man-in-the-middle attacks.") return c } diff --git a/pkg/cmd/util/downloadrequest/downloadrequest.go b/pkg/cmd/util/downloadrequest/downloadrequest.go index eff9f2dd6..2cf129e83 100644 --- a/pkg/cmd/util/downloadrequest/downloadrequest.go +++ b/pkg/cmd/util/downloadrequest/downloadrequest.go @@ -18,13 +18,10 @@ package downloadrequest import ( "compress/gzip" - "crypto/tls" - "crypto/x509" "fmt" "io" "io/ioutil" "net/http" - "net/url" "time" "github.com/pkg/errors" @@ -39,7 +36,7 @@ import ( // not found var ErrNotFound = errors.New("file not found") -func Stream(client velerov1client.DownloadRequestsGetter, namespace, name string, kind v1.DownloadTargetKind, w io.Writer, timeout time.Duration, insecureSkipTLSVerify bool) error { +func Stream(client velerov1client.DownloadRequestsGetter, namespace, name string, kind v1.DownloadTargetKind, w io.Writer, timeout time.Duration) error { req := &v1.DownloadRequest{ ObjectMeta: metav1.ObjectMeta{ Namespace: namespace, @@ -108,11 +105,6 @@ Loop: } httpClient := new(http.Client) - if insecureSkipTLSVerify { - httpClient.Transport = &http.Transport{ - TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, - } - } httpReq, err := http.NewRequest("GET", req.Status.DownloadURL, nil) if err != nil { @@ -126,11 +118,6 @@ Loop: resp, err := httpClient.Do(httpReq) if err != nil { - if urlErr, ok := err.(*url.Error); ok { - if _, ok := urlErr.Err.(x509.UnknownAuthorityError); ok { - return fmt.Errorf(err.Error() + "\n\nThe --insecure-skip-tls-verify flag can also be used to accept any TLS certificate for the download, but it is susceptible to man-in-the-middle attacks.") - } - } return err } defer resp.Body.Close() diff --git a/pkg/cmd/util/downloadrequest/downloadrequest_test.go b/pkg/cmd/util/downloadrequest/downloadrequest_test.go index 49094a5c2..278b54c69 100644 --- a/pkg/cmd/util/downloadrequest/downloadrequest_test.go +++ b/pkg/cmd/util/downloadrequest/downloadrequest_test.go @@ -151,7 +151,7 @@ func TestStream(t *testing.T) { output := new(bytes.Buffer) errCh := make(chan error) go func() { - err := Stream(client.VeleroV1(), "namespace", "name", test.kind, output, timeout, false) + err := Stream(client.VeleroV1(), "namespace", "name", test.kind, output, timeout) errCh <- err }() diff --git a/pkg/cmd/util/output/backup_describer.go b/pkg/cmd/util/output/backup_describer.go index 27aaf7698..c1fd8b1bf 100644 --- a/pkg/cmd/util/output/backup_describer.go +++ b/pkg/cmd/util/output/backup_describer.go @@ -38,7 +38,6 @@ func DescribeBackup( podVolumeBackups []velerov1api.PodVolumeBackup, details bool, veleroClient clientset.Interface, - insecureSkipTLSVerify bool, ) string { return Describe(func(d *Describer) { d.DescribeMetadata(backup.ObjectMeta) @@ -75,7 +74,7 @@ func DescribeBackup( DescribeBackupSpec(d, backup.Spec) d.Println() - DescribeBackupStatus(d, backup, details, veleroClient, insecureSkipTLSVerify) + DescribeBackupStatus(d, backup, details, veleroClient) if len(deleteRequests) > 0 { d.Println() @@ -212,7 +211,7 @@ func DescribeBackupSpec(d *Describer, spec velerov1api.BackupSpec) { } // DescribeBackupStatus describes a backup status in human-readable format. -func DescribeBackupStatus(d *Describer, backup *velerov1api.Backup, details bool, veleroClient clientset.Interface, insecureSkipTLSVerify bool) { +func DescribeBackupStatus(d *Describer, backup *velerov1api.Backup, details bool, veleroClient clientset.Interface) { status := backup.Status d.Printf("Backup Format Version:\t%d\n", status.Version) @@ -235,7 +234,7 @@ func DescribeBackupStatus(d *Describer, backup *velerov1api.Backup, details bool d.Println() if details { - describeBackupResourceList(d, backup, veleroClient, insecureSkipTLSVerify) + describeBackupResourceList(d, backup, veleroClient) d.Println() } @@ -246,7 +245,7 @@ func DescribeBackupStatus(d *Describer, backup *velerov1api.Backup, details bool } buf := new(bytes.Buffer) - if err := downloadrequest.Stream(veleroClient.VeleroV1(), backup.Namespace, backup.Name, velerov1api.DownloadTargetKindBackupVolumeSnapshots, buf, downloadRequestTimeout, insecureSkipTLSVerify); err != nil { + if err := downloadrequest.Stream(veleroClient.VeleroV1(), backup.Namespace, backup.Name, velerov1api.DownloadTargetKindBackupVolumeSnapshots, buf, downloadRequestTimeout); err != nil { d.Printf("Persistent Volumes:\t\n", err) return } @@ -267,9 +266,9 @@ func DescribeBackupStatus(d *Describer, backup *velerov1api.Backup, details bool d.Printf("Persistent Volumes: \n") } -func describeBackupResourceList(d *Describer, backup *velerov1api.Backup, veleroClient clientset.Interface, insecureSkipTLSVerify bool) { +func describeBackupResourceList(d *Describer, backup *velerov1api.Backup, veleroClient clientset.Interface) { buf := new(bytes.Buffer) - if err := downloadrequest.Stream(veleroClient.VeleroV1(), backup.Namespace, backup.Name, velerov1api.DownloadTargetKindBackupResourceList, buf, downloadRequestTimeout, insecureSkipTLSVerify); err != nil { + if err := downloadrequest.Stream(veleroClient.VeleroV1(), backup.Namespace, backup.Name, velerov1api.DownloadTargetKindBackupResourceList, buf, downloadRequestTimeout); err != nil { if err == downloadrequest.ErrNotFound { d.Println("Resource List:\t") } else { diff --git a/pkg/cmd/util/output/restore_describer.go b/pkg/cmd/util/output/restore_describer.go index 5182e219a..dada2aca4 100644 --- a/pkg/cmd/util/output/restore_describer.go +++ b/pkg/cmd/util/output/restore_describer.go @@ -31,7 +31,7 @@ import ( pkgrestore "github.com/heptio/velero/pkg/restore" ) -func DescribeRestore(restore *v1.Restore, podVolumeRestores []v1.PodVolumeRestore, details bool, veleroClient clientset.Interface, insecureSkipTLSVerify bool) string { +func DescribeRestore(restore *v1.Restore, podVolumeRestores []v1.PodVolumeRestore, details bool, veleroClient clientset.Interface) string { return Describe(func(d *Describer) { d.DescribeMetadata(restore.ObjectMeta) @@ -56,7 +56,7 @@ func DescribeRestore(restore *v1.Restore, podVolumeRestores []v1.PodVolumeRestor } } - describeRestoreResults(d, restore, veleroClient, insecureSkipTLSVerify) + describeRestoreResults(d, restore, veleroClient) d.Println() d.Printf("Backup:\t%s\n", restore.Spec.BackupName) @@ -114,7 +114,7 @@ func DescribeRestore(restore *v1.Restore, podVolumeRestores []v1.PodVolumeRestor }) } -func describeRestoreResults(d *Describer, restore *v1.Restore, veleroClient clientset.Interface, insecureSkipTLSVerify bool) { +func describeRestoreResults(d *Describer, restore *v1.Restore, veleroClient clientset.Interface) { if restore.Status.Warnings == 0 && restore.Status.Errors == 0 { return } @@ -122,7 +122,7 @@ func describeRestoreResults(d *Describer, restore *v1.Restore, veleroClient clie var buf bytes.Buffer var resultMap map[string]pkgrestore.Result - if err := downloadrequest.Stream(veleroClient.VeleroV1(), restore.Namespace, restore.Name, v1.DownloadTargetKindRestoreResults, &buf, downloadRequestTimeout, insecureSkipTLSVerify); err != nil { + if err := downloadrequest.Stream(veleroClient.VeleroV1(), restore.Namespace, restore.Name, v1.DownloadTargetKindRestoreResults, &buf, downloadRequestTimeout); err != nil { d.Printf("Warnings:\t\n\nErrors:\t\n", err, err) return } diff --git a/site/docs/master/api-types/backupstoragelocation.md b/site/docs/master/api-types/backupstoragelocation.md index 0cd4b4b80..07b65ccf5 100644 --- a/site/docs/master/api-types/backupstoragelocation.md +++ b/site/docs/master/api-types/backupstoragelocation.md @@ -53,7 +53,6 @@ The configurable parameters are as follows: | `kmsKeyId` | string | Empty | *Example*: "502b409c-4da1-419f-a16e-eif453b3i49f" or "alias/``"

Specify an [AWS KMS key][10] id or alias to enable encryption of the backups stored in S3. Only works with AWS S3 and may require explicitly granting key usage rights.| | `signatureVersion` | string | `"4"` | Version of the signature algorithm used to create signed URLs that are used by velero cli to download backups or fetch logs. Possible versions are "1" and "4". Usually the default version 4 is correct, but some S3-compatible providers like Quobyte only support version 1.| | `profile` | string | "default" | AWS profile within the credential file to use for given store | -| `insecureSkipTLSVerify` | bool | `false` | Set this to `true` if you do not want to verify the TLS certificate for storage requests only--like self-signed certs in Minio. This is susceptible to man-in-the-middle attacks and is not recommended for production. | #### Azure