Elgato_dark/argo-cd
1
0
Fork 0
mirror of https://github.com/argoproj/argo-cd synced 2026-05-24 01:38:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7

Check that TLS is enabled when registering DEX Handlers (#1963)

Browse source 
This commit makes it so that `registerDexHandlers` in `server/server.go`
only attempts to modify `a.TLSConfig` if TLS is enabled.

Without this, deployments of ArgoCD that don't have a certificate
enabled (in the case where a LB/Ingress Controller is handling SSL
connections as a reverse proxy) end up having a nil pointer reference
panic on start.
This commit is contained in:
Devon Mizelle 2019-07-21 00:53:22 -04:00 committed by Alexander Matyushentsev
parent a657ceb59d
commit 4dc959f3e5
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
server/server.go
View file

@ -576,8 +576,10 @@ func (a *ArgoCDServer) registerDexHandlers(mux *http.ServeMux) {
// Run dex OpenID Connect Identity Provider behind a reverse proxy (served at /api/dex)
var err error
mux.HandleFunc(common.DexAPIEndpoint+"/", dexutil.NewDexHTTPReverseProxy(a.DexServerAddr))
tlsConfig := a.settings.TLSConfig()
tlsConfig.InsecureSkipVerify = true
if a.useTLS() {
tlsConfig := a.settings.TLSConfig()
tlsConfig.InsecureSkipVerify = true
}
a.ssoClientApp, err = oidc.NewClientApp(a.settings, a.Cache, a.DexServerAddr)
errors.CheckError(err)
mux.HandleFunc(common.LoginEndpoint, a.ssoClientApp.HandleLogin)