Attempt to add SkipTLSVerify to provider:

[spanktar]

#228

This PR attempts to add a SkipTLSVerify option to the Zitadel Terraform provider. This allows users (like me!) to use the Terraform provider with a self-hosted Zitadel instance where the certificates generated are staging certs from LetsEncrypt or self-signed certs for development.

Acceptance:
A user can set SkipTLSVerify to true in the provider config, and the provider will skip TLS verification when talking to the Zitadel endpoint.

I don't really know GoLang and I've never contributed to Zitadel before. I don't know how to run the tests (when I do everything fails, but I think it's because I'm not setup with access). I just want to help push this feature forward!

Definition of Ready

• Short description of the feature/issue is added in the pr description
• PR is linked to the corresponding user story
• Acceptance criteria are met
• All open todos and follow ups are defined in a new ticket and justified
• Deviations from the acceptance criteria and design are agreed with the PO and documented.
• No debug or dead code
• My code has no repetitions
• All non-functional requirements are met
• The generic lifecycle acceptance test passes for affected resources.
• Examples are up-to-date and meaningful. The provider version is incremented.
• Docs are generated.
• Code is generated where possible.

[spanktar]

@mridang After the CI tests ran, I see the error:

zitadel/helper/client.go:74:37: undefined: zitadel.WithInsecureSkipVerifyTLS

I checked the Zitadel repo and this doesn't exist, so Codex completely made it up 😒 The closest I could find was insecureSkipVerify and that's just an option for HTTP connections it seems. I guess there will need to be changes made on the server side to support this.

EDIT: Oh, I see it in the Go client

[mridang]

I can take a stab at this. 🙏

[spanktar]

I can take a stab at this. 🙏

I see the option in the Go Client, so maybe it wasn't a complete hallucination!
https://github.com/zitadel/zitadel-go/blob/main/pkg/zitadel/zitadel.go#L45

[spanktar]

@mridang Anything I can do to help? I'm happy to do anything I can 😄

[spanktar]

SEE: #312

[mridang]

Hi @spanktar it needs a few changes to the zitadel-go library. I've now gone ahead made the fix which in turn allowed shipping #333 This is now be implemented and released.

Thank you for the efforts.