don't require config.Version for IsConfigTransportTLS

cmd/kubecfg/kubecfg.go

@@ -212,7 +212,7 @@ func main() {
 		// TODO: don't specify http or https in Host, and infer that from auth options.
 		clientConfig.Host = "http://localhost:8080"
 	}
-	if client.IsConfigTransportTLS(clientConfig) {
+	if client.IsConfigTransportTLS(*clientConfig) {
 		auth, err := kubecfg.LoadClientAuthInfoOrPrompt(*authConfig, os.Stdin)
 		if err != nil {
 			glog.Fatalf("Error loading auth: %v", err)

pkg/client/clientcmd/client_config.go

@@ -76,7 +76,7 @@ func (config DirectClientConfig) ClientConfig() (*client.Config, error) {
 	clientConfig.Version = configClusterInfo.APIVersion
 
 	// only try to read the auth information if we are secure
-	if client.IsConfigTransportTLS(&clientConfig) {
+	if client.IsConfigTransportTLS(clientConfig) {
 		var authInfo *clientauth.Info
 		var err error
 		switch {

pkg/client/helper.go

@@ -272,8 +272,12 @@ func DefaultServerURL(host, prefix, version string, defaultTLS bool) (*url.URL,
 //
 // Note: the Insecure flag is ignored when testing for this value, so MITM attacks are
 // still possible.
-func IsConfigTransportTLS(config *Config) bool {
-	baseURL, err := defaultServerUrlFor(config)
+func IsConfigTransportTLS(config Config) bool {
+	// determination of TLS transport does not logically require a version to be specified
+	// modify the copy of the config we got to satisfy preconditions for defaultServerUrlFor
+	config.Version = defaultVersionFor(&config)
+
+	baseURL, err := defaultServerUrlFor(&config)
 	if err != nil {
 		return false
 	}

pkg/client/helper_test.go

@@ -89,7 +89,7 @@ func TestIsConfigTransportTLS(t *testing.T) {
 			t.Errorf("setting defaults failed for %#v: %v", testCase.Config, err)
 			continue
 		}
-		useTLS := IsConfigTransportTLS(testCase.Config)
+		useTLS := IsConfigTransportTLS(*testCase.Config)
 		if testCase.TransportTLS != useTLS {
 			t.Errorf("expected %v for %#v", testCase.TransportTLS, testCase.Config)
 		}