CRITEO - rgw: use insecure TLS

Backport rook#8712 And also apply the patch on user creation
ashangit · Sep 22, 2021 · 948e9b3 · 948e9b3
1 parent fc44c97
commit 948e9b3
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/pkg/operator/ceph/object/health.go b/pkg/operator/ceph/object/health.go
@@ -18,7 +18,9 @@ package object
 
 import (
 	"context"
+	"crypto/tls"
 	"fmt"
+	"net/http"
 	"time"
 
 	"github.com/ceph/go-ceph/rgw/admin"
@@ -170,6 +172,11 @@ func (c *bucketChecker) checkObjectStoreHealth() error {
 	if err != nil {
 		return errors.Wrap(err, "failed to initialize s3 connection")
 	}
+	// Force the s3 client to use insecure TLS connection
+	s3client.Client.Config.HTTPClient.Transport = &http.Transport{
+		// #nosec G402 is enabled only for testing
+		TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
+	}
 
 	// Force purge the s3 object before starting anything
 	cleanupObjectHealthCheck(s3client, c.objContext.UID)