export dashboards: add option to skip TLS verification (#468)

* export dashboards: add option to skip TLS verification * Address PR comments * Fix
elastic · Aug 10, 2021 · e65051d · e65051d
1 parent fffc3e3
commit e65051d
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 6 deletions.
diff --git a/cmd/export.go b/cmd/export.go
@@ -31,6 +31,7 @@ func setupExportCommand() *cobraext.Command {
 		RunE:  exportDashboardsCmd,
 	}
 	exportDashboardCmd.Flags().StringSliceP(cobraext.DashboardIDsFlagName, "d", nil, cobraext.DashboardIDsFlagDescription)
+	exportDashboardCmd.Flags().Bool(cobraext.TLSSkipVerifyFlagName, false, cobraext.TLSSkipVerifyFlagDescription)
 
 	cmd := &cobra.Command{
 		Use:   "export",
@@ -52,7 +53,13 @@ func exportDashboardsCmd(cmd *cobra.Command, args []string) error {
 
 	common.TrimStringSlice(dashboardIDs)
 
-	kibanaClient, err := kibana.NewClient()
+	var opts []kibana.ClientOption
+	tlsSkipVerify, _ := cmd.Flags().GetBool(cobraext.TLSSkipVerifyFlagName)
+	if tlsSkipVerify {
+		opts = append(opts, kibana.TLSSkipVerify())
+	}
+
+	kibanaClient, err := kibana.NewClient(opts...)
 	if err != nil {
 		return errors.Wrap(err, "can't create Kibana client")
 	}

diff --git a/internal/cobraext/const.go b/internal/cobraext/const.go
@@ -63,6 +63,9 @@ const (
 	SkipPullRequestFlagName        = "skip-pull-request"
 	SkipPullRequestFlagDescription = "skip opening a new pull request"
 
+	TLSSkipVerifyFlagName        = "tls-skip-verify"
+	TLSSkipVerifyFlagDescription = "skip TLS verify"
+
 	StackServicesFlagName        = "services"
 	StackServicesFlagDescription = "component services (comma-separated values: \"%s\")"
 

diff --git a/internal/kibana/client.go b/internal/kibana/client.go
@@ -6,15 +6,15 @@ package kibana
 
 import (
 	"bytes"
+	"crypto/tls"
 	"io"
 	"net/http"
 	"net/url"
 	"os"
 
-	"github.com/elastic/elastic-package/internal/install"
-
 	"github.com/pkg/errors"
 
+	"github.com/elastic/elastic-package/internal/install"
 	"github.com/elastic/elastic-package/internal/logger"
 	"github.com/elastic/elastic-package/internal/stack"
 )
@@ -24,10 +24,15 @@ type Client struct {
 	host     string
 	username string
 	password string
+
+	tlSkipVerify bool
 }
 
+// ClientOption is functional option modifying Kibana client.
+type ClientOption func(*Client)
+
 // NewClient creates a new instance of the client.
-func NewClient() (*Client, error) {
+func NewClient(opts ...ClientOption) (*Client, error) {
 	host := os.Getenv(stack.KibanaHostEnv)
 	if host == "" {
 		return nil, stack.UndefinedEnvError(stack.KibanaHostEnv)
@@ -36,11 +41,23 @@ func NewClient() (*Client, error) {
 	username := os.Getenv(stack.ElasticsearchUsernameEnv)
 	password := os.Getenv(stack.ElasticsearchPasswordEnv)
 
-	return &Client{
+	c := &Client{
 		host:     host,
 		username: username,
 		password: password,
-	}, nil
+	}
+
+	for _, opt := range opts {
+		opt(c)
+	}
+	return c, nil
+}
+
+// TLSSkipVerify option disables TLS verification.
+func TLSSkipVerify() ClientOption {
+	return func(c *Client) {
+		c.tlSkipVerify = true
+	}
 }
 
 func (c *Client) get(resourcePath string) (int, []byte, error) {
@@ -85,6 +102,12 @@ func (c *Client) sendRequest(method, resourcePath string, body []byte) (int, []b
 	req.Header.Add("kbn-xsrf", install.DefaultStackVersion)
 
 	client := http.Client{}
+	if c.tlSkipVerify {
+		client.Transport = &http.Transport{
+			TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+		}
+	}
+
 	resp, err := client.Do(req)
 	if err != nil {
 		return 0, nil, errors.Wrap(err, "could not send request to Kibana API")