fix: Allow the Pact publish task to set insecure TLS flag #1817

core/pactbroker/src/main/kotlin/au/com/dius/pact/core/pactbroker/PactBrokerClient.kt

@@ -415,7 +415,7 @@ interface IPactBrokerClient {
 data class PactBrokerClientConfig @JvmOverloads constructor(
   val retryCountWhileUnknown: Int = 0,
   val retryWhileUnknownInterval: Int = 10,
-  val insecureTLS: Boolean = false
+  var insecureTLS: Boolean = false
 )
 
 /**

provider/gradle/README.md

@@ -913,6 +913,8 @@ pact {
 }
 ```
 
+If your broker uses self-signed certificates, set the property `pactBrokerInsecureTLS` to `true`. 
+
 ## Excluding pacts from being published
 
 You can exclude some of the pact files from being published by providing a list of regular expressions that match

provider/gradle/src/main/groovy/au/com/dius/pact/provider/gradle/PactPublishTask.groovy

@@ -70,7 +70,9 @@ abstract class PactPublishTask extends DefaultTask {
 
         def publishConfig = new PublishConfiguration(version.toString(), pactPublish.tags, pactPublish.consumerBranch,
           pactPublish.consumerBuildUrl)
-        def brokerClient = new PactBrokerClient(brokerConfig.pactBrokerUrl, options, new PactBrokerClientConfig())
+
+        PactBrokerClientConfig brokerClientConfig = configureBrokerClient(pactPublish, broker)
+        def brokerClient = new PactBrokerClient(brokerConfig.pactBrokerUrl, options, brokerClientConfig)
 
         File pactDirectory = pactPublish.pactDirectory as File
         boolean anyFailed = false
@@ -102,6 +104,16 @@ abstract class PactPublishTask extends DefaultTask {
         }
     }
 
+  private static PactBrokerClientConfig configureBrokerClient(PactPublish pactPublish, Broker broker) {
+    def brokerClientConfig = new PactBrokerClientConfig()
+    if (pactPublish.pactBrokerInsecureTLS != null) {
+      brokerClientConfig.insecureTLS = pactPublish.pactBrokerInsecureTLS
+    } else if (broker?.pactBrokerInsecureTLS != null) {
+      brokerClientConfig.insecureTLS = broker.pactBrokerInsecureTLS
+    }
+    brokerClientConfig
+  }
+
   static boolean pactFileIsExcluded(PactPublish pactPublish, File pactFile) {
     pactPublish.excludes.any {
       FilenameUtils.getBaseName(pactFile.name) ==~ it

provider/gradle/src/main/kotlin/au/com/dius/pact/provider/gradle/Broker.kt

@@ -13,14 +13,17 @@ data class Broker(
   var pactBrokerAuthenticationScheme: String? = null,
   var pactBrokerAuthenticationHeader: String = Auth.DEFAULT_AUTH_HEADER,
   var retryCountWhileUnknown: Int? = null,
-  var retryWhileUnknownInterval: Int? = null
+  var retryWhileUnknownInterval: Int? = null,
+  var pactBrokerInsecureTLS: Boolean? = null
 ) {
   override fun toString(): String {
     val password = if (pactBrokerPassword != null) "".padEnd(pactBrokerPassword!!.length, '*') else null
     return "Broker(pactBrokerUrl=$pactBrokerUrl, pactBrokerToken=$pactBrokerToken, " +
       "pactBrokerUsername=$pactBrokerUsername, pactBrokerPassword=$password, " +
       "pactBrokerAuthenticationScheme=$pactBrokerAuthenticationScheme, " +
       "pactBrokerAuthenticationHeader=$pactBrokerAuthenticationHeader, " +
-      "retryCountWhileUnknown=$retryCountWhileUnknown, retryWhileUnknownInterval=$retryWhileUnknownInterval)"
+      "pactBrokerInsecureTLS=$pactBrokerInsecureTLS, " +
+      "retryCountWhileUnknown=$retryCountWhileUnknown, " +
+      "retryWhileUnknownInterval=$retryWhileUnknownInterval)"
   }
 }

provider/gradle/src/main/kotlin/au/com/dius/pact/provider/gradle/PactPublish.kt

@@ -17,15 +17,19 @@ data class PactPublish @JvmOverloads constructor(
   var tags: List<String> = listOf(),
   var excludes: List<String> = listOf(),
   var consumerBranch: String? = null,
-  var consumerBuildUrl: String? = null
+  var consumerBuildUrl: String? = null,
+  var pactBrokerInsecureTLS: Boolean? = null
 ) {
   override fun toString(): String {
     val password = if (pactBrokerPassword != null) "".padEnd(pactBrokerPassword!!.length, '*') else null
     return "PactPublish(pactDirectory=$pactDirectory, pactBrokerUrl=$pactBrokerUrl, " +
       "consumerVersion=$consumerVersion, pactBrokerToken=$pactBrokerToken, " +
       "pactBrokerUsername=$pactBrokerUsername, pactBrokerPassword=$password, " +
       "pactBrokerAuthenticationScheme=$pactBrokerAuthenticationScheme, " +
-      "pactBrokerAuthenticationHeader=$pactBrokerAuthenticationHeader, tags=$tags, excludes=$excludes, " +
+      "pactBrokerAuthenticationHeader=$pactBrokerAuthenticationHeader, " +
+      "pactBrokerInsecureTLS=$pactBrokerInsecureTLS, " +
+      "tags=$tags, " +
+      "excludes=$excludes, " +
       "consumerBranch=$consumerBranch, consumerBuildUrl=$consumerBuildUrl)"
   }
 }

provider/gradle/src/test/groovy/au/com/dius/pact/provider/gradle/PactPublishTaskSpec.groovy

@@ -191,4 +191,44 @@ class PactPublishTaskSpec extends Specification {
     then:
     1 * brokerClient.uploadPactFile(_, new PublishConfiguration('1.2.3')) >> new Result.Ok(null)
   }
+
+  def 'allows insecure TLS to be set'() {
+    given:
+    project.pact {
+      publish {
+        pactBrokerToken = 'token1234'
+        pactBrokerUrl = 'pactBrokerUrl'
+        pactBrokerInsecureTLS = true
+      }
+    }
+    project.evaluate()
+
+    when:
+    project.tasks.pactPublish.publishPacts()
+
+    then:
+    1 * new PactBrokerClient(_, _, { it.insecureTLS == true }) >> brokerClient
+    1 * brokerClient.uploadPactFile(_, _) >> new Result.Ok(null)
+  }
+
+  def 'allows insecure TLS to be set on the broker block'() {
+    given:
+    project.pact {
+      broker {
+        pactBrokerInsecureTLS = true
+      }
+      publish {
+        pactBrokerToken = 'token1234'
+        pactBrokerUrl = 'pactBrokerUrl'
+      }
+    }
+    project.evaluate()
+
+    when:
+    project.tasks.pactPublish.publishPacts()
+
+    then:
+    1 * new PactBrokerClient(_, _, { it.insecureTLS == true }) >> brokerClient
+    1 * brokerClient.uploadPactFile(_, _) >> new Result.Ok(null)
+  }
 }