feat: add TLS skip for custom https minio endpoint

Signed-off-by: Aris Boutselis <arisboutselis08@gmail.com>

README.md

@@ -431,7 +431,8 @@ _Adding a remote cache_
  * AWS S3
    *  _As a prerequisite `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` are required as environmental variables._
    * Configuration, ``` k8sgpt cache add s3 --region <aws region> --bucket <name> ```
-   * Minio Configuration ``` k8sgpt cache add s3 --bucket <name> --endpoint <http://localhost:9000> ```
+   * Minio Configuration with HTTP endpoint ``` k8sgpt cache add s3 --bucket <name> --endpoint <http://localhost:9000>```
+   * Minio Configuration with HTTPs endpoint, skipping TLS verification ``` k8sgpt cache add s3 --bucket <name> --endpoint <https://localhost:9000> --insecure```
      * K8sGPT will create the bucket if it does not exist
  * Azure Storage
    * We support a number of [techniques](https://learn.microsoft.com/en-us/azure/developer/go/azure-sdk-authentication?tabs=bash#2-authenticate-with-azure) to authenticate against Azure

cmd/cache/add.go

@@ -31,6 +31,7 @@ var (
 	containerName  string
 	projectId      string
 	endpoint       string
+	insecure       bool
 )
 
 // addCmd represents the add command
@@ -49,7 +50,7 @@ var addCmd = &cobra.Command{
 		}
 		fmt.Println(color.YellowString("Adding remote based cache"))
 		cacheType := args[0]
-		remoteCache, err := cache.NewCacheProvider(cacheType, bucketName, region, endpoint, storageAccount, containerName, projectId)
+		remoteCache, err := cache.NewCacheProvider(cacheType, bucketName, region, endpoint, storageAccount, containerName, projectId, insecure)
 		if err != nil {
 			color.Red("Error: %v", err)
 			os.Exit(1)
@@ -66,6 +67,7 @@ func init() {
 	CacheCmd.AddCommand(addCmd)
 	addCmd.Flags().StringVarP(&region, "region", "r", "us-east-1", "The region to use for the AWS S3 or GCS cache")
 	addCmd.Flags().StringVarP(&endpoint, "endpoint", "e", "", "The S3 or minio endpoint")
+	addCmd.Flags().BoolVarP(&insecure, "insecure", "i", false, "Skip TLS verification for S3/Minio custom endpoint")
 	addCmd.Flags().StringVarP(&bucketName, "bucket", "b", "", "The name of the AWS S3 bucket to use for the cache")
 	addCmd.Flags().StringVarP(&projectId, "projectid", "p", "", "The GCP project ID")
 	addCmd.Flags().StringVarP(&storageAccount, "storageacc", "s", "", "The Azure storage account name of the container")

cmd/serve/serve.go

@@ -79,13 +79,13 @@ var ServeCmd = &cobra.Command{
 			envIsSet := backend != "" || password != "" || model != ""
 			if envIsSet {
 				aiProvider = &ai.AIProvider{
-					Name:        backend,
-					Password:    password,
-					Model:       model,
-					BaseURL:     baseURL,
-					Engine:      engine,
+					Name:          backend,
+					Password:      password,
+					Model:         model,
+					BaseURL:       baseURL,
+					Engine:        engine,
 					ProxyEndpoint: proxyEndpoint,
-					Temperature: temperature(),
+					Temperature:   temperature(),
 				}
 
 				configAI.Providers = append(configAI.Providers, *aiProvider)

pkg/ai/azureopenai.go

@@ -34,7 +34,7 @@ func (c *AzureAIClient) Configure(config IAIConfig) error {
 		return azureModelMapping[model]
 
 	}
-	
+
 	if proxyEndpoint != "" {
 		proxyUrl, err := url.Parse(proxyEndpoint)
 		if err != nil {

pkg/ai/openai.go

@@ -63,7 +63,7 @@ func (c *OpenAIClient) Configure(config IAIConfig) error {
 			Transport: transport,
 		}
 	}
-	
+
 	client := openai.NewClientWithConfig(defaultConfig)
 	if client == nil {
 		return errors.New("error creating OpenAI client")

pkg/cache/cache.go

@@ -47,7 +47,7 @@ func ParseCacheConfiguration() (CacheProvider, error) {
 	return cacheInfo, nil
 }
 
-func NewCacheProvider(cacheType, bucketname, region, endpoint, storageAccount, containerName, projectId string) (CacheProvider, error) {
+func NewCacheProvider(cacheType, bucketname, region, endpoint, storageAccount, containerName, projectId string, insecure bool) (CacheProvider, error) {
 	cProvider := CacheProvider{}
 
 	switch {
@@ -62,6 +62,7 @@ func NewCacheProvider(cacheType, bucketname, region, endpoint, storageAccount, c
 		cProvider.S3.BucketName = bucketname
 		cProvider.S3.Region = region
 		cProvider.S3.Endpoint = endpoint
+		cProvider.S3.InsecureSkipVerify = insecure
 	default:
 		return CacheProvider{}, status.Error(codes.Internal, fmt.Sprintf("%s is not a valid option", cacheType))
 	}

pkg/cache/s3_based.go

@@ -2,7 +2,9 @@ package cache
 
 import (
 	"bytes"
+	"crypto/tls"
 	"log"
+	"net/http"
 
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/session"
@@ -17,9 +19,10 @@ type S3Cache struct {
 }
 
 type S3CacheConfiguration struct {
-	Region     string `mapstructure:"region" yaml:"region,omitempty"`
-	BucketName string `mapstructure:"bucketname" yaml:"bucketname,omitempty"`
-	Endpoint   string `mapstructure:"endpoint" yaml:"endpoint,omitempty"`
+	Region             string `mapstructure:"region" yaml:"region,omitempty"`
+	BucketName         string `mapstructure:"bucketname" yaml:"bucketname,omitempty"`
+	Endpoint           string `mapstructure:"endpoint" yaml:"endpoint,omitempty"`
+	InsecureSkipVerify bool   `mapstructure:"insecure" yaml:"insecure,omitempty"`
 }
 
 func (s *S3Cache) Configure(cacheInfo CacheProvider) error {
@@ -37,6 +40,11 @@ func (s *S3Cache) Configure(cacheInfo CacheProvider) error {
 	if cacheInfo.S3.Endpoint != "" {
 		sess.Config.Endpoint = &cacheInfo.S3.Endpoint
 		sess.Config.S3ForcePathStyle = aws.Bool(true)
+		transport := &http.Transport{
+			TLSClientConfig: &tls.Config{InsecureSkipVerify: cacheInfo.S3.InsecureSkipVerify},
+		}
+		customClient := &http.Client{Transport: transport}
+		sess.Config.HTTPClient = customClient
 	}
 
 	s3Client := s3.New(sess)

pkg/server/config.go

@@ -9,6 +9,16 @@ import (
 	"google.golang.org/grpc/status"
 )
 
+const (
+	notUsedBucket        = ""
+	notUsedRegion        = ""
+	notUsedEndpoint      = ""
+	notUsedStorageAcc    = ""
+	notUsedContainerName = ""
+	notUsedProjectId     = ""
+	notUsedInsecure      = false
+)
+
 func (h *handler) AddConfig(ctx context.Context, i *schemav1.AddConfigRequest) (*schemav1.AddConfigResponse, error,
 ) {
 
@@ -23,11 +33,12 @@ func (h *handler) AddConfig(ctx context.Context, i *schemav1.AddConfigRequest) (
 
 		switch i.Cache.GetCacheType().(type) {
 		case *schemav1.Cache_AzureCache:
-			remoteCache, err = cache.NewCacheProvider("azure", "", "", "", i.Cache.GetAzureCache().StorageAccount, i.Cache.GetAzureCache().ContainerName, "")
+			remoteCache, err = cache.NewCacheProvider("azure", notUsedBucket, notUsedRegion, notUsedEndpoint, i.Cache.GetAzureCache().StorageAccount, i.Cache.GetAzureCache().ContainerName, notUsedProjectId, notUsedInsecure)
 		case *schemav1.Cache_S3Cache:
-			remoteCache, err = cache.NewCacheProvider("s3", i.Cache.GetS3Cache().BucketName, i.Cache.GetS3Cache().Region, i.Cache.GetS3Cache().Endpoint, "", "", "")
+			//TODO: (Aris) add the protobuf's Getters
+			remoteCache, err = cache.NewCacheProvider("s3", i.Cache.GetS3Cache().BucketName, i.Cache.GetS3Cache().Region, notUsedEndpoint, notUsedStorageAcc, notUsedContainerName, notUsedProjectId, notUsedInsecure)
 		case *schemav1.Cache_GcsCache:
-			remoteCache, err = cache.NewCacheProvider("gcs", i.Cache.GetGcsCache().BucketName, i.Cache.GetGcsCache().Region, "", "", "", i.Cache.GetGcsCache().GetProjectId())
+			remoteCache, err = cache.NewCacheProvider("gcs", i.Cache.GetGcsCache().BucketName, i.Cache.GetGcsCache().Region, notUsedEndpoint, notUsedStorageAcc, notUsedContainerName, i.Cache.GetGcsCache().GetProjectId(), notUsedInsecure)
 		default:
 			return resp, status.Error(codes.InvalidArgument, "Invalid cache configuration")
 		}