Skip to content

Commit

Permalink
fix: Fix spurious transport errors (v0.36.x) (#1637)
Browse files Browse the repository at this point in the history
  • Loading branch information
jonathan-innis authored Sep 5, 2024
1 parent 973c5dd commit db4221e
Showing 1 changed file with 8 additions and 1 deletion.
9 changes: 8 additions & 1 deletion pkg/webhooks/webhooks.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ package webhooks

import (
"context"
"crypto/tls"
"errors"
"fmt"
"io"
Expand Down Expand Up @@ -187,10 +188,16 @@ func Start(ctx context.Context, cfg *rest.Config, ctors ...knativeinjection.Cont
}

func HealthProbe(ctx context.Context) healthz.Checker {
// Create new transport that doesn't validate the TLS certificate
// This transport is just polling so validating the server certificate isn't necessary
transport := http.DefaultTransport.(*http.Transport).Clone()
transport.TLSClientConfig = &tls.Config{InsecureSkipVerify: true} // nolint:gosec
client := &http.Client{Transport: transport}

// TODO: Add knative health check port for webhooks when health port can be configured
// Issue: https://github.com/knative/pkg/issues/2765
return func(req *http.Request) (err error) {
res, err := http.Get(fmt.Sprintf("http://localhost:%d", options.FromContext(ctx).WebhookPort))
res, err := client.Get(fmt.Sprintf("https://localhost:%d", options.FromContext(ctx).WebhookPort))
// If the webhook connection errors out, liveness/readiness should fail
if err != nil {
return err
Expand Down

0 comments on commit db4221e

Please sign in to comment.