Add skip tls flag (#260)

Author: OliverMKing

README.md

@@ -117,6 +117,10 @@ Following are the key capabilities of this action:
     <td>annotate-namespace</br></br>(Optional)</td>
     <td>Acceptable values: true/false</br>Default value: true</br>Switch whether to annotate the namespace resources object or not</td>
   </tr>
+  <tr>
+    <td>skip-tls-verify</br></br>(Optional)</td>
+    <td>Acceptable values: true/false</br>Default value: false</br>True if the insecure-skip-tls-verify option should be used</td>
+  </tr>
 </table>
 
 ## Usage Examples

action.yml

@@ -73,6 +73,9 @@ inputs:
    name:
       description: 'Resource group name - Only required if using private cluster'
       required: false
+   skip-tls-verify:
+      description: True if the insecure-skip-tls-verify option should be used. Input should be 'true' or 'false'.
+      default: false
 
 branding:
    color: 'green'

src/run.ts

@@ -35,16 +35,17 @@ export async function run() {
       core.getInput('private-cluster').toLowerCase() === 'true'
    const resourceGroup = core.getInput('resource-group') || ''
    const resourceName = core.getInput('name') || ''
+   const skipTlsVerify = core.getBooleanInput('skip-tls-verify')
 
    const kubectl = isPrivateCluster
       ? new PrivateKubectl(
            kubectlPath,
            namespace,
-           true,
+           skipTlsVerify,
            resourceGroup,
            resourceName
         )
-      : new Kubectl(kubectlPath, namespace, true)
+      : new Kubectl(kubectlPath, namespace, skipTlsVerify)
 
    // run action
    switch (action) {

src/types/kubectl.test.ts

@@ -353,4 +353,21 @@ describe('Kubectl class', () => {
       const result = await kubectl.getNewReplicaSet(deployment)
       expect(result).toBe(name)
    })
+
+   it('executes with constructor flags', async () => {
+      const skipTls = true
+      const kubectl = new Kubectl(kubectlPath, testNamespace, skipTls)
+
+      jest.spyOn(exec, 'getExecOutput').mockImplementation(async () => {
+         return {exitCode: 0, stderr: '', stdout: ''}
+      })
+
+      const command = 'command'
+      kubectl.executeCommand(command)
+      expect(exec.getExecOutput).toBeCalledWith(
+         kubectlPath,
+         [command, '--insecure-skip-tls-verify', '--namespace', testNamespace],
+         {silent: false}
+      )
+   })
 })

src/types/kubectl.ts

@@ -171,18 +171,25 @@ export class Kubectl {
    }
 
    protected async execute(args: string[], silent: boolean = false) {
-      if (this.ignoreSSLErrors) {
-         args.push('--insecure-skip-tls-verify')
-      }
-      if (this.namespace) {
-         args = args.concat(['--namespace', this.namespace])
-      }
+      args = args.concat(this.getExecuteFlags())
       core.debug(`Kubectl run with command: ${this.kubectlPath} ${args}`)
 
       return await getExecOutput(this.kubectlPath, args, {
          silent
       })
    }
+
+   protected getExecuteFlags(): string[] {
+      const flags = []
+      if (this.ignoreSSLErrors) {
+         flags.push('--insecure-skip-tls-verify')
+      }
+      if (this.namespace) {
+         flags.push('--namespace', this.namespace)
+      }
+
+      return flags
+   }
 }
 
 export async function getKubectlPath() {

src/types/privatekubectl.ts

@@ -8,9 +8,8 @@ import * as path from 'path'
 
 export class PrivateKubectl extends Kubectl {
    protected async execute(args: string[], silent: boolean = false) {
-      if (this.namespace) {
-         args = args.concat(['--namespace', this.namespace])
-      }
+      args = args.concat(this.getExecuteFlags())
+
       args.unshift('kubectl')
       let kubectlCmd = args.join(' ')
       let addFileFlag = false