Closed shayangz closed 7 years ago
Hi @shayangz,
Thank you for the contribution! Adding SSL options to consul_acl
is a good idea. But since ssl
hash is passing through Diplomat directly to Faraday HTTP lib, may be it would be better an easier just to add a single attribute ssl
to allow users to pass the desired hash?
# @!attribute ssl
# @return [Hash]
attribute(:ssl, kind_of: Hash, default: {})
Then it should be possible to pass a hash with custom SSL settings:
consul_acl 'token' do
# ... other params
ssl({
client_cert: '...',
client_key: '...',
ca_file: '...',
ca_path: '...',
cert_store: '...'
})
end
as well as this one (to disable peer verification):
consul_acl 'token' do
# ... other params
ssl({ verify: false })
end
Consolidating the options into a single Hash sounds great. Updated the PR.
@shayangz Thank you!
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
Currently the
consul_acl
resource breaks with an SSL only Consul cluster. This PR adds ability to pass optional SSL attributes to enable using the resource in such situations.