search

hashicorp / terraform-provider-rancher

Terraform Rancher provider
https://www.terraform.io/docs/providers/rancher/
Mozilla Public License 2.0
35 stars 33 forks source link

Add insecure to Rancher provider #83

Open bartwalczak1 opened 6 years ago

bartwalczak1 commented 6 years ago

Hi there,

This is a feature request to skip cert validation. It would be nice to have something similar to what's in OCP provider: https://www.terraform.io/docs/providers/opc/index.html#insecure

Terraform Version

Terraform v0.11.8

Affected Resource(s)

Please list the resources as a list, for example:

If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.

Terraform Configuration Files

provider "rancher" {
  api_url    = "${var.rancher_url}"
  access_key = "${var.rancher_access_key}"
  secret_key = "${var.rancher_secret_key}"
}

Expected Behavior

What should have happened?

Actual Behavior


Error: Error refreshing state: 1 error(s) occurred:

* module.customerA.module.rancher.provider.rancher: Get https://rancher.eng.cloud.xyz.com/v3: x509: certificate signed by unknown authority
raphink commented 5 years ago

The go-rancher library doesn't support this at the moment as far as I can tell, so it'd need to be implemented there first.

marceloonit commented 5 years ago

Does anybody has a workaround for that? Would a self signed certificate work?

raphink commented 5 years ago

Let's encrypt?

marceloonit commented 5 years ago

To use Let's encrypt I must have a valid domain (correct if I am wrong please) ... my deploy is just for testing purposes, I don't want to use a valid domain.

raphink commented 5 years ago

Yes, a valid domain is required for let's encrypt.

mihai-satmarean commented 5 years ago

same here, using rancher 2.1 and Terraform v0.11.11

jawadqur commented 4 years ago

You can add the insecure cert or the CA to your trusted certs and that should work.

Edit: Just use insecure=true in the provider.