Merge pull request #20 from golemcloud/allow_insecure_ws

allow insecyre ws
golemcloud · Sep 6, 2023 · 8904c8e · 8904c8e
2 parents 61ca4c5 + 9b0472c
commit 8904c8e
Show file tree

Hide file tree

Showing 4 changed files with 20 additions and 2 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -22,6 +22,7 @@ golem-examples = "0.1.5"
 http = "0.2.9"
 indoc = "2.0.3"
 itertools = "0.11.0"
+native-tls = "0.2.11"
 reqwest = "0.11.20"
 serde = { version = "1.0.188", features = ["derive"] }
 serde_json = "1.0.105"

diff --git a/src/clients/worker.rs b/src/clients/worker.rs
@@ -6,13 +6,15 @@ use futures_util::{future, pin_mut, SinkExt, StreamExt};
 use golem_client::model::{
     ComponentInstance, InstanceMetadata, InvokeParameters, InvokeResult, WorkerCreationRequest,
 };
+use native_tls::TlsConnector;
 use reqwest::Url;
 use serde::Deserialize;
 use std::fmt::{Display, Formatter};
 use std::time::Duration;
 use tokio::{task, time};
 use tokio_tungstenite::{
-    connect_async, tungstenite::client::IntoClientRequest, tungstenite::protocol::Message,
+    connect_async_tls_with_config, tungstenite::client::IntoClientRequest,
+    tungstenite::protocol::Message, Connector,
 };
 use tracing::{debug, info};
 
@@ -89,6 +91,7 @@ pub trait WorkerClient {
 pub struct WorkerClientLive<C: golem_client::instance::Instance + Send + Sync> {
     pub client: C,
     pub base_url: Url,
+    pub allow_insecure: bool,
 }
 
 #[async_trait]
@@ -279,7 +282,19 @@ impl<C: golem_client::instance::Instance + Send + Sync> WorkerClient for WorkerC
         let headers = request.headers_mut();
         headers.insert("Authorization", auth.header().parse().unwrap());
 
-        let (ws_stream, _) = connect_async(request)
+        let connector = if self.allow_insecure {
+            Some(Connector::NativeTls(
+                TlsConnector::builder()
+                    .danger_accept_invalid_certs(true)
+                    .danger_accept_invalid_hostnames(true)
+                    .build()
+                    .unwrap(),
+            ))
+        } else {
+            None
+        };
+
+        let (ws_stream, _) = connect_async_tls_with_config(request, None, false, connector)
             .await
             .map_err(|e| GolemError(format!("Failed websocket: {e}")))?;
 

diff --git a/src/main.rs b/src/main.rs
@@ -324,6 +324,7 @@ async fn async_main(cmd: GolemCommand) -> Result<(), Box<dyn std::error::Error>>
             allow_insecure,
         },
         base_url: url.clone(),
+        allow_insecure,
     };
     let worker_srv = WorkerHandlerLive {
         client: worker_client.clone(),