Do not allow to use non-SSL connections in any way. Resolves #25

seqeralabs · Dec 13, 2021 · 890a986 · 890a986
1 parent f2229fa
commit 890a986
Showing 1 changed file with 1 addition and 8 deletions.
diff --git a/src/main/java/io/seqera/tower/agent/Agent.java b/src/main/java/io/seqera/tower/agent/Agent.java
@@ -72,9 +72,6 @@ public class Agent implements Runnable {
     @Option(names = {"-u", "--url"}, description = "Tower server API endpoint URL. Defaults to tower.nf (TOWER_API_ENDPOINT)", defaultValue = "${TOWER_API_ENDPOINT:-https://api.tower.nf}", required = true)
     String url;
 
-    @Option(names = {"--no-secure"}, description = "Explicitly allow to connect to a non-SSL secured Tower server (this is not recommended)")
-    boolean noSecure;
-
     private ApplicationContext ctx;
     private AgentClientSocket agentClient;
 
@@ -104,14 +101,10 @@ public void run() {
     private void connectTower() {
         try {
             final URI uri = new URI(url + "/agent/" + agentKey + "/connect");
-            if (!uri.getScheme().equals("https") && !noSecure) {
+            if (!uri.getScheme().equals("https")) {
                 logger.error("You are trying to connect to an insecure server: {}", url);
-                logger.error("if you want to force the connection use '--no-secure' option. NOT RECOMMENDED!");
                 System.exit(-1);
             }
-            if (!uri.getScheme().equals("https") && noSecure) {
-                logger.warn("You are connecting using an INSECURE CONNECTION: {}", url);
-            }
 
             final MutableHttpRequest<?> req = HttpRequest.GET(uri).bearerAuth(token);
             final RxWebSocketClient webSocketClient = ctx.getBean(RxWebSocketClient.class);