@@ -49,7 +49,13 @@ class TokenAuthentication(Authentication):
49
49
cluster when the user has an API token and the API server address.
50
50
"""
51
51
52
- def __init__ (self , token : str = None , server : str = None , skip_tls : bool = False ):
52
+ def __init__ (
53
+ self ,
54
+ token : str = None ,
55
+ server : str = None ,
56
+ ca_cert_path : str = None ,
57
+ skip_tls : bool = False ,
58
+ ):
53
59
"""
54
60
Initialize a TokenAuthentication object that requires a value for `token`, the API Token
55
61
and `server`, the API server address for authenticating to an OpenShift cluster.
@@ -58,6 +64,7 @@ def __init__(self, token: str = None, server: str = None, skip_tls: bool = False
58
64
self .token = token
59
65
self .server = server
60
66
self .skip_tls = skip_tls
67
+ self .ca_cert_path = ca_cert_path
61
68
62
69
def login (self ) -> str :
63
70
"""
@@ -68,12 +75,14 @@ def login(self) -> str:
68
75
args = [f"--token={ self .token } " , f"--server={ self .server } " ]
69
76
if self .skip_tls :
70
77
args .append ("--insecure-skip-tls-verify" )
78
+ elif self .skip_tls == False :
79
+ args .append (f"--certificate-authority={ self .ca_cert_path } " )
71
80
try :
72
81
response = oc .invoke ("login" , args )
73
82
except OpenShiftPythonException as osp : # pragma: no cover
74
83
error_msg = osp .result .err ()
75
84
if "The server uses a certificate signed by unknown authority" in error_msg :
76
- return "Error: certificate auth failure, please set `skip_tls=True` in TokenAuthentication"
85
+ return "Error: certificate auth failure, please set `skip_tls=True` in TokenAuthentication or provide a trusted certificate using `ca_cert_path` "
77
86
elif "invalid" in error_msg :
78
87
raise PermissionError (error_msg )
79
88
else :
0 commit comments