Emphasise insecurity of the option in docs

integrations · Aug 7, 2018 · 7ef6ad0 · 7ef6ad0
1 parent 3024cee
commit 7ef6ad0
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 2 deletions.
diff --git a/github/provider.go b/github/provider.go
@@ -74,7 +74,8 @@ func init() {
 
 		"base_url": "The GitHub Base API URL",
 
-		"insecure": "Set this to allow use with self-signed SSL certs",
+		"insecure": "Whether server should be accessed " +
+			"without verifying the TLS certificate.",
 	}
 }
 

diff --git a/website/docs/index.html.markdown b/website/docs/index.html.markdown
@@ -45,4 +45,9 @@ The following arguments are supported in the `provider` block:
   requirement when working with GitHub Enterprise.  It is optional to provide this value and
   it can also be sourced from the `GITHUB_BASE_URL` environment variable.  The value must end with a slash.
 
-* `insecure` - (Optional) This allows the plugin to be used against a Github enterprise installation with a self-signed certificate.
+* `insecure` - (Optional) Whether server should be accessed without verifying the TLS certificate.
+  As the name suggests **this is insecure** and should not be used beyond experiments,
+  accessing local (non-production) GHE instance etc.
+  There is a number of ways to obtain trusted certificate for free, e.g. from [Let's Encrypt](https://letsencrypt.org/).
+  Such trusted certificate *does not require* this option to be enabled.
+  Defaults to `false`.