mirrors/terraform-provider-proxmox
0
0
Fork 0
mirror of https://github.com/bpg/terraform-provider-proxmox.git synced 2025-08-23 03:48:35 +00:00
Code

fix(api): set min TLS version 1.3, secure HTTP-only cookie (#596)

Browse Source 
* fix(api): set min TLS version 1.3, secure HTTP-only cookie
* remove `all-tests-passed` job

---------

Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
This commit is contained in:
Pavel Boldyrev 2023-10-01 14:19:51 -04:00 committed by GitHub
parent bd09fd3d6e
commit 16ebf30a79
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 10 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/golangci-lint.yml vendored
View File

@ -18,9 +18,9 @@ jobs:
steps: steps:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
with: with:
fetch-depth: 1 fetch-depth: 0
- uses: dorny/paths-filter@v2.2.1 - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 #v2.2.1
id: filter id: filter
with: with:
filters: | filters: |

11
.github/workflows/test.yml vendored
View File

@ -18,7 +18,7 @@ jobs:
with: with:
fetch-depth: 1 fetch-depth: 1
- uses: dorny/paths-filter@v2.2.1 - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 #v2.2.1
id: filter id: filter
with: with:
filters: | filters: |
@ -49,7 +49,7 @@ jobs:
with: with:
fetch-depth: 1 fetch-depth: 1
- uses: dorny/paths-filter@v2.2.1 - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 #v2.2.1
id: filter id: filter
with: with:
filters: | filters: |
@ -70,10 +70,3 @@ jobs:
if: steps.filter.outputs.go == 'true' if: steps.filter.outputs.go == 'true'
timeout-minutes: 10 timeout-minutes: 10
run: go test -v -cover ./... run: go test -v -cover ./...
all-tests-passed:
name: All Tests Passed
needs: test
runs-on: ubuntu-latest
steps:
- run: echo "PASS"

1
proxmox/api/client.go
View File

@ -75,6 +75,7 @@ func NewConnection(endpoint string, insecure bool) (*Connection, error) {
var transport http.RoundTripper = &http.Transport{ var transport http.RoundTripper = &http.Transport{
TLSClientConfig: &tls.Config{ TLSClientConfig: &tls.Config{
MinVersion: tls.VersionTLS13,
InsecureSkipVerify: insecure, //nolint:gosec InsecureSkipVerify: insecure, //nolint:gosec
}, },
} }

6
proxmox/api/ticket_auth.go
View File

@ -125,8 +125,10 @@ func (t *ticketAuthenticator) AuthenticateRequest(ctx context.Context, req *http
} }
req.AddCookie(&http.Cookie{ req.AddCookie(&http.Cookie{
Name: "PVEAuthCookie", HttpOnly: true,
Value: *a.Ticket, Name: "PVEAuthCookie",
Secure: true,
Value: *a.Ticket,
}) })
if req.Method != http.MethodGet { if req.Method != http.MethodGet {

1
proxmoxtf/resource/file.go
View File

@ -382,6 +382,7 @@ func fileCreate(ctx context.Context, d *schema.ResourceData, m interface{}) diag
httpClient := http.Client{ httpClient := http.Client{
Transport: &http.Transport{ Transport: &http.Transport{
TLSClientConfig: &tls.Config{ TLSClientConfig: &tls.Config{
MaxVersion: tls.VersionTLS13,
InsecureSkipVerify: sourceFileInsecure, InsecureSkipVerify: sourceFileInsecure,
}, },
}, },