Use TLS in Client by default, add --insecure flag

cmd/account.go

@@ -30,7 +30,7 @@ var accountCmd = &cobra.Command{
 	Use:   "account",
 	Short: "Manage accounts, prints info about current by default",
 	RunE: func(cmd *cobra.Command, args []string) error {
-		ctx, client := account.MakeAccountsServiceClientOrFail()
+		ctx, client := account.MakeAccountsServiceClientOrFail(cmd)
 
 		res, err := client.Get(ctx, &accountspb.GetRequest{
 			Id: "me",

cmd/account/create.go

@@ -32,7 +32,7 @@ var CreateCmd = &cobra.Command{
 	Long: "Authorization data flags must be given('auth-type', 'auth-data')",
 	Args: cobra.MinimumNArgs(2),
 	RunE: func(cmd *cobra.Command, args []string) error {
-		ctx, client := MakeAccountsServiceClientOrFail()
+		ctx, client := MakeAccountsServiceClientOrFail(cmd)
 
 		authType, _ := cmd.Flags().GetString("auth-type")
 		authData, _ := cmd.Flags().GetStringSlice("auth-data")

cmd/account/delete.go

@@ -29,7 +29,7 @@ var DeleteCmd = &cobra.Command{
 	Short: "Delete NoCloud Account",
 	Args: cobra.MinimumNArgs(1),
 	RunE: func(cmd *cobra.Command, args []string) error {
-		ctx, client := MakeAccountsServiceClientOrFail()
+		ctx, client := MakeAccountsServiceClientOrFail(cmd)
 		res, err := client.Delete(ctx, &accountspb.DeleteRequest{
 			Id: args[0],
 		})

cmd/account/get.go

@@ -29,7 +29,7 @@ var GetCmd = &cobra.Command{
 	Short: "Get NoCloud Account Data",
 	Args: cobra.MinimumNArgs(1),
 	RunE: func(cmd *cobra.Command, args []string) error {
-		ctx, client := MakeAccountsServiceClientOrFail()
+		ctx, client := MakeAccountsServiceClientOrFail(cmd)
 		res, err := client.Get(ctx, &accountspb.GetRequest{
 			Id: args[0],
 		})

cmd/account/list.go

@@ -29,7 +29,7 @@ var ListCmd = &cobra.Command{
 	Short: "List NoCloud Accounts",
 	Long: `Add namespace UUID after list command, to filter accounts by namespace`,
 	RunE: func(cmd *cobra.Command, args []string) error {
-		ctx, client := MakeAccountsServiceClientOrFail()
+		ctx, client := MakeAccountsServiceClientOrFail(cmd)
 		request := accountspb.ListRequest{}
 		if len(args) > 0 {
 			request.Namespace = &args[0]

cmd/account/main.go

@@ -17,25 +17,33 @@ package account
 
 import (
 	"context"
+	"crypto/tls"
 	"fmt"
 	"os"
 
 	"github.com/jedib0t/go-pretty/v6/table"
 	"github.com/slntopp/nocloud/pkg/accounting/accountspb"
 	pb "github.com/slntopp/nocloud/pkg/api/apipb"
+	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 	"google.golang.org/grpc"
+	"google.golang.org/grpc/credentials"
 	"google.golang.org/grpc/metadata"
 )
 
-func MakeAccountsServiceClientOrFail() (context.Context, pb.AccountsServiceClient){
+func MakeAccountsServiceClientOrFail(cmd *cobra.Command) (context.Context, pb.AccountsServiceClient){
 	host := viper.Get("nocloud")
 	if host == nil {
 		fmt.Fprintln(os.Stderr, "Error setting connection up")
 		panic("Host is unset")
 	}
 
-	conn, err := grpc.Dial(host.(string), grpc.WithInsecure())
+	creds := credentials.NewTLS(&tls.Config{InsecureSkipVerify: true})
+	opt := grpc.WithTransportCredentials(creds)
+	if r, _ := cmd.Flags().GetBool("insecure"); r {
+		opt = grpc.WithInsecure()
+	}
+	conn, err := grpc.Dial(host.(string), opt)
 	if err != nil {
 		fmt.Fprintln(os.Stderr, "Error setting connection up")
 		panic(err)

cmd/account/update.go

@@ -31,7 +31,7 @@ var UpdateCmd = &cobra.Command{
 	Long: "In order to execute request you must change at least one field.",
 	Args: cobra.MinimumNArgs(1),
 	RunE: func(cmd *cobra.Command, args []string) error {
-		ctx, client := MakeAccountsServiceClientOrFail()
+		ctx, client := MakeAccountsServiceClientOrFail(cmd)
 
 		updated := false
 		req := accountspb.Account{

cmd/health/main.go

@@ -17,23 +17,31 @@ package health
 
 import (
 	"context"
+	"crypto/tls"
 	"fmt"
 	"os"
 
 	pb "github.com/slntopp/nocloud/pkg/api/apipb"
+	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 	"google.golang.org/grpc"
+	"google.golang.org/grpc/credentials"
 	"google.golang.org/grpc/metadata"
 )
 
-func MakeHealthServiceClientOrFail() (context.Context, pb.HealthServiceClient){
+func MakeHealthServiceClientOrFail(cmd *cobra.Command) (context.Context, pb.HealthServiceClient){
 	host := viper.Get("nocloud")
 	if host == nil {
 		fmt.Fprintln(os.Stderr, "Error setting connection up")
 		panic("Host is unset")
 	}
 
-	conn, err := grpc.Dial(host.(string), grpc.WithInsecure())
+	creds := credentials.NewTLS(&tls.Config{InsecureSkipVerify: true})
+	opt := grpc.WithTransportCredentials(creds)
+	if r, _ := cmd.Flags().GetBool("insecure"); r {
+		opt = grpc.WithInsecure()
+	}
+	conn, err := grpc.Dial(host.(string), opt)
 	if err != nil {
 		fmt.Fprintln(os.Stderr, "Error setting connection up")
 		panic(err)

cmd/health/probe.go

@@ -29,7 +29,7 @@ var ProbeCmd = &cobra.Command{
 	Short: "Do health probe",
 	Args: cobra.MinimumNArgs(1),
 	RunE: func(cmd *cobra.Command, args []string) error {
-		ctx, client := MakeHealthServiceClientOrFail()
+		ctx, client := MakeHealthServiceClientOrFail(cmd)
 		var res *pb.ProbeResponse
 		var err error
 		switch args[0] {

cmd/login.go

@@ -17,13 +17,15 @@ package cmd
 
 import (
 	"context"
+	"crypto/tls"
 	"fmt"
 
 	"github.com/slntopp/nocloud/pkg/accounting/accountspb"
 	pb "github.com/slntopp/nocloud/pkg/api/apipb"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 	"google.golang.org/grpc"
+	"google.golang.org/grpc/credentials"
 )
 
 // loginCmd represents the login command
@@ -33,7 +35,12 @@ var loginCmd = &cobra.Command{
 	Long: `Generate Auth Token in NoCloud API and store it in CLI config.`,
 	Args: cobra.MinimumNArgs(3),
 	RunE: func(cmd *cobra.Command, args []string) error {
-		conn, err := grpc.Dial(args[0], grpc.WithInsecure())
+		creds := credentials.NewTLS(&tls.Config{InsecureSkipVerify: true})
+		opt := grpc.WithTransportCredentials(creds)
+		if r, _ := cmd.Flags().GetBool("insecure"); r {
+			opt = grpc.WithInsecure()
+		}
+		conn, err := grpc.Dial(args[0], opt)
 		if err != nil {
 			return err
 		}

cmd/namespace/create.go

@@ -29,7 +29,7 @@ var CreateCmd = &cobra.Command{
 	Short: "Create NoCloud Namespace",
 	Args: cobra.MinimumNArgs(1),
 	RunE: func(cmd *cobra.Command, args []string) error {
-		ctx, client := MakeNamespacesServiceClientOrFail()
+		ctx, client := MakeNamespacesServiceClientOrFail(cmd)
 
 		req := namespacespb.CreateRequest{
 			Title: args[0],

cmd/namespace/delete.go

@@ -29,7 +29,7 @@ var DeleteCmd = &cobra.Command{
 	Short: "Delete NoCloud Namespace",
 	Args: cobra.MinimumNArgs(1),
 	RunE: func(cmd *cobra.Command, args []string) error {
-		ctx, client := MakeNamespacesServiceClientOrFail()
+		ctx, client := MakeNamespacesServiceClientOrFail(cmd)
 		res, err := client.Delete(ctx, &namespacespb.DeleteRequest{
 			Id: args[0],
 		})

cmd/namespace/list.go

@@ -28,7 +28,7 @@ var ListCmd = &cobra.Command{
 	Use:   "list [[flags]]",
 	Short: "List NoCloud Namespaces",
 	RunE: func(cmd *cobra.Command, args []string) error {
-		ctx, client := MakeNamespacesServiceClientOrFail()
+		ctx, client := MakeNamespacesServiceClientOrFail(cmd)
 		request := namespacespb.ListRequest{}
 
 		d, _ := cmd.Flags().GetInt32("depth")

cmd/namespace/main.go

@@ -17,25 +17,33 @@ package namespace
 
 import (
 	"context"
+	"crypto/tls"
 	"fmt"
 	"os"
 
 	"github.com/jedib0t/go-pretty/v6/table"
 	"github.com/slntopp/nocloud/pkg/accounting/namespacespb"
 	pb "github.com/slntopp/nocloud/pkg/api/apipb"
+	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 	"google.golang.org/grpc"
+	"google.golang.org/grpc/credentials"
 	"google.golang.org/grpc/metadata"
 )
 
-func MakeNamespacesServiceClientOrFail() (context.Context, pb.NamespacesServiceClient){
+func MakeNamespacesServiceClientOrFail(cmd *cobra.Command) (context.Context, pb.NamespacesServiceClient){
 	host := viper.Get("nocloud")
 	if host == nil {
 		fmt.Fprintln(os.Stderr, "Error setting connection up")
 		panic("Host is unset")
 	}
 
-	conn, err := grpc.Dial(host.(string), grpc.WithInsecure())
+	creds := credentials.NewTLS(&tls.Config{InsecureSkipVerify: true})
+	opt := grpc.WithTransportCredentials(creds)
+	if r, _ := cmd.Flags().GetBool("insecure"); r {
+		opt = grpc.WithInsecure()
+	}
+	conn, err := grpc.Dial(host.(string), opt)
 	if err != nil {
 		fmt.Fprintln(os.Stderr, "Error setting connection up")
 		panic(err)

cmd/root.go

@@ -44,6 +44,7 @@ func init() {
 
 	rootCmd.PersistentFlags().StringVar(&cfgFile, "config", "", "config file (default is $HOME/.default.nocloud.yaml)")
 	rootCmd.PersistentFlags().Bool("json", false, "Print output as json")
+	rootCmd.PersistentFlags().Bool("insecure", false, "Use WithInsecure instead of TLS")
 	rootCmd.PersistentFlags().Bool("verbose", false, "Print additional info related to the CLI itself")
 }
 

cmd/services/create.go

@@ -74,7 +74,7 @@ var CreateCmd = &cobra.Command{
 			return err
 		}
 
-		ctx, client := MakeServicesServiceClientOrFail()
+		ctx, client := MakeServicesServiceClientOrFail(cmd)
 		request := pb.CreateRequest{Service: &service, Namespace: namespace}
 		res, err := client.Create(ctx, &request)
 		if err != nil {

cmd/services/down.go

@@ -26,7 +26,7 @@ var DownCmd = &cobra.Command{
 	Short: "NoCloud Service Down",
 	Args: cobra.ExactArgs(1),
 	RunE: func(cmd *cobra.Command, args []string) error {
-		ctx, client := MakeServicesServiceClientOrFail()
+		ctx, client := MakeServicesServiceClientOrFail(cmd)
 		request := pb.DownRequest{Id: args[0]}
 		_, err := client.Down(ctx, &request)
 		return err

cmd/services/get.go

@@ -29,7 +29,7 @@ var GetCmd = &cobra.Command{
 	Short: "Get NoCloud Service",
 	Args: cobra.ExactArgs(1),
 	RunE: func(cmd *cobra.Command, args []string) error {
-		ctx, client := MakeServicesServiceClientOrFail()
+		ctx, client := MakeServicesServiceClientOrFail(cmd)
 		request := pb.GetRequest{Id: args[0]}
 		res, err := client.Get(ctx, &request)
 

cmd/services/list.go

@@ -29,7 +29,7 @@ var ListCmd = &cobra.Command{
 	Short: "List NoCloud Services",
 	Long: `Add namespace UUID after list command, to filter services by namespace`,
 	RunE: func(cmd *cobra.Command, args []string) error {
-		ctx, client := MakeServicesServiceClientOrFail()
+		ctx, client := MakeServicesServiceClientOrFail(cmd)
 		request := pb.ListRequest{}
 		if len(args) > 0 {
 			request.Namespace = &args[0]

cmd/services/main.go

@@ -17,6 +17,7 @@ package services
 
 import (
 	"context"
+	"crypto/tls"
 	"fmt"
 	"os"
 
@@ -25,19 +26,26 @@ import (
 	spb "github.com/slntopp/nocloud/pkg/services/proto"
 	"gopkg.in/yaml.v2"
 
+	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 	"google.golang.org/grpc"
+	"google.golang.org/grpc/credentials"
 	"google.golang.org/grpc/metadata"
 )
 
-func MakeServicesServiceClientOrFail() (context.Context, pb.ServicesServiceClient){
+func MakeServicesServiceClientOrFail(cmd *cobra.Command) (context.Context, pb.ServicesServiceClient){
 	host := viper.Get("nocloud")
 	if host == nil {
 		fmt.Fprintln(os.Stderr, "Error setting connection up")
 		panic("Host is unset")
 	}
 
-	conn, err := grpc.Dial(host.(string), grpc.WithInsecure())
+	creds := credentials.NewTLS(&tls.Config{InsecureSkipVerify: true})
+	opt := grpc.WithTransportCredentials(creds)
+	if r, _ := cmd.Flags().GetBool("insecure"); r {
+		opt = grpc.WithInsecure()
+	}
+	conn, err := grpc.Dial(host.(string), opt)
 	if err != nil {
 		fmt.Fprintln(os.Stderr, "Error setting connection up")
 		panic(err)

cmd/services/test.go

@@ -74,7 +74,7 @@ var TestCmd = &cobra.Command{
 			return err
 		}
 
-		ctx, client := MakeServicesServiceClientOrFail()
+		ctx, client := MakeServicesServiceClientOrFail(cmd)
 		request := pb.CreateRequest{Service: &service, Namespace: namespace}
 		res, err := client.TestConfig(ctx, &request)
 		if err != nil {

cmd/services/up.go

@@ -30,12 +30,12 @@ import (
 	"github.com/spf13/cobra"
 )
 
-func SelectDeployPoliciesInteractive(ctx context.Context, client apipb.ServicesServiceClient, id string) (res map[string]string, err error) {
+func SelectDeployPoliciesInteractive(ctx context.Context, cmd *cobra.Command, client apipb.ServicesServiceClient, id string) (res map[string]string, err error) {
 	service, err := client.Get(ctx, &pb.GetRequest{Id: id})
 	if err != nil {
 		return nil, err
 	}
-	ctx, spClient := sp.MakeServicesProviderServiceClientOrFail()
+	ctx, spClient := sp.MakeServicesProviderServiceClientOrFail(cmd)
 	sps, err := spClient.List(ctx, &sppb.ListRequest{})
 	if err != nil {
 		return nil, err
@@ -72,7 +72,7 @@ var UpCmd = &cobra.Command{
 	Short: "NoCloud Service Up",
 	Args: cobra.ExactArgs(1),
 	RunE: func(cmd *cobra.Command, args []string) (err error) {
-		ctx, client := MakeServicesServiceClientOrFail()
+		ctx, client := MakeServicesServiceClientOrFail(cmd)
 
 		req := pb.UpRequest{Id: args[0]}
 		if rulesJson, _ := cmd.Flags().GetString("rules"); rulesJson != "" {
@@ -87,7 +87,7 @@ var UpCmd = &cobra.Command{
 			json.Unmarshal(rulesJson, &req.DeployPolicies)
 		} else {
 			fmt.Println("Nothing given, selecting in interactive mode")
-			r, err := SelectDeployPoliciesInteractive(ctx, client, args[0])
+			r, err := SelectDeployPoliciesInteractive(ctx, cmd, client, args[0])
 			if err != nil {
 				return err
 			}

cmd/sp/create.go

@@ -68,7 +68,7 @@ var CreateCmd = &cobra.Command{
 			return err
 		}
 
-		ctx, client := MakeServicesProviderServiceClientOrFail()
+		ctx, client := MakeServicesProviderServiceClientOrFail(cmd)
 		res, err := client.Create(ctx, &request)
 		if err != nil {
 			return err

cmd/sp/get.go

@@ -29,7 +29,7 @@ var GetCmd = &cobra.Command{
 	Short: "Get NoCloud Services Providers",
 	Args: cobra.ExactArgs(1),
 	RunE: func(cmd *cobra.Command, args []string) error {
-		ctx, client := MakeServicesProviderServiceClientOrFail()
+		ctx, client := MakeServicesProviderServiceClientOrFail(cmd)
 		request := pb.GetRequest{Id: args[0]}
 		res, err := client.Get(ctx, &request)
 

cmd/sp/list.go

@@ -29,7 +29,7 @@ var ListCmd = &cobra.Command{
 	Short: "List NoCloud Services Providers",
 	Long: `Add namespace UUID after list command, to filter services by namespace`,
 	RunE: func(cmd *cobra.Command, args []string) error {
-		ctx, client := MakeServicesProviderServiceClientOrFail()
+		ctx, client := MakeServicesProviderServiceClientOrFail(cmd)
 		request := pb.ListRequest{}
 		res, err := client.List(ctx, &request)