add support for custom tls config

rogerwelin · May 28, 2020 · dab6a69 · dab6a69
1 parent 3661474
commit dab6a69
Show file tree

Hide file tree

Showing 3 changed files with 52 additions and 0 deletions.
diff --git a/cmd/cassowary/cli.go b/cmd/cassowary/cli.go
@@ -1,9 +1,12 @@
 package main
 
 import (
+	"crypto/tls"
+	"crypto/x509"
 	"encoding/json"
 	"errors"
 	"fmt"
+	"io/ioutil"
 	"os"
 	"strconv"
 
@@ -151,6 +154,27 @@ func validateCLI(c *cli.Context) error {
 		httpMethod = "GET"
 	}
 
+	tlsConfig := new(tls.Config)
+	if c.String("ca") != "" {
+		pemCerts, err := ioutil.ReadFile(c.String("ca"))
+		if err != nil {
+			return err
+		}
+		ca := x509.NewCertPool()
+		if !ca.AppendCertsFromPEM(pemCerts) {
+			return fmt.Errorf("failed to read CA from PEM")
+		}
+		tlsConfig.RootCAs = ca
+	}
+
+	if c.String("cert") != "" && c.String("key") != "" {
+		cert, err := tls.LoadX509KeyPair(c.String("cert"), c.String("key"))
+		if err != nil {
+			return err
+		}
+		tlsConfig.Certificates = []tls.Certificate{cert}
+	}
+
 	cass := &client.Cassowary{
 		FileMode:          false,
 		BaseURL:           c.String("url"),
@@ -159,6 +183,7 @@ func validateCLI(c *cli.Context) error {
 		RequestHeader:     header,
 		Duration:          duration,
 		PromExport:        prometheusEnabled,
+		TLSConfig:         tlsConfig,
 		PromURL:           c.String("prompushgwurl"),
 		Cloudwatch:        c.Bool("cloudwatch"),
 		ExportMetrics:     c.Bool("json-metrics"),
@@ -282,6 +307,18 @@ func runCLI(args []string) {
 					Name:  "disable-keep-alive",
 					Usage: "use this flag to disable http keep-alive",
 				},
+				cli.StringFlag{
+					Name:  "ca",
+					Usage: "certificate authority",
+				},
+				cli.StringFlag{
+					Name:  "cert",
+					Usage: "authentication certificate",
+				},
+				cli.StringFlag{
+					Name:  "key",
+					Usage: "authentication key",
+				},
 			},
 			Action: validateCLIFile,
 		},
@@ -345,6 +382,18 @@ func runCLI(args []string) {
 					Name:  "disable-keep-alive",
 					Usage: "use this flag to disable http keep-alive",
 				},
+				cli.StringFlag{
+					Name:  "ca",
+					Usage: "certificate authority",
+				},
+				cli.StringFlag{
+					Name:  "cert",
+					Usage: "authentication certificate",
+				},
+				cli.StringFlag{
+					Name:  "key",
+					Usage: "authentication key",
+				},
 			},
 			Action: validateCLI,
 		},

diff --git a/pkg/client/load.go b/pkg/client/load.go
@@ -148,6 +148,7 @@ func (c *Cassowary) Coordinate() (ResultMetrics, error) {
 	c.Client = &http.Client{
 		Timeout: time.Second * time.Duration(c.Timeout),
 		Transport: &http.Transport{
+			TLSClientConfig:     c.TLSConfig,
 			MaxIdleConnsPerHost: 10000,
 			DisableCompression:  false,
 			DisableKeepAlives:   c.DisableKeepAlive,

diff --git a/pkg/client/types.go b/pkg/client/types.go
@@ -1,6 +1,7 @@
 package client
 
 import (
+	"crypto/tls"
 	"net/http"
 
 	"github.com/schollz/progressbar"
@@ -18,6 +19,7 @@ type Cassowary struct {
 	ExportMetricsFile     string
 	PromExport            bool
 	Cloudwatch            bool
+	TLSConfig             *tls.Config
 	PromURL               string
 	RequestHeader         []string
 	URLPaths              []string