diff --git a/metricproviders/prometheus/prometheus.go b/metricproviders/prometheus/prometheus.go index 383e4e0a6b..f369187f9d 100644 --- a/metricproviders/prometheus/prometheus.go +++ b/metricproviders/prometheus/prometheus.go @@ -209,6 +209,21 @@ func NewPrometheusProvider(api v1.API, logCtx log.Entry, metric v1alpha1.Metric) return provider, nil } +func newHTTPTransport(insecureSkipVerify bool) *http.Transport { + return &http.Transport{ + Proxy: http.ProxyFromEnvironment, + DialContext: (&net.Dialer{ + Timeout: 30 * time.Second, + KeepAlive: 30 * time.Second, + }).DialContext, + TLSHandshakeTimeout: 10 * time.Second, + TLSClientConfig: &tls.Config{InsecureSkipVerify: insecureSkipVerify}, + } +} + +var secureTransport *http.Transport = newHTTPTransport(false) +var insecureTransport *http.Transport = newHTTPTransport(true) + // NewPrometheusAPI generates a prometheus API from the metric configuration func NewPrometheusAPI(metric v1alpha1.Metric) (v1.API, error) { envValuesByKey := make(map[string]string) @@ -232,15 +247,10 @@ func NewPrometheusAPI(metric v1alpha1.Metric) (v1.API, error) { } var roundTripper http.RoundTripper - - roundTripper = &http.Transport{ - Proxy: http.ProxyFromEnvironment, - DialContext: (&net.Dialer{ - Timeout: 30 * time.Second, - KeepAlive: 30 * time.Second, - }).DialContext, - TLSHandshakeTimeout: 10 * time.Second, - TLSClientConfig: &tls.Config{InsecureSkipVerify: metric.Provider.Prometheus.Insecure}, + if metric.Provider.Prometheus.Insecure { + roundTripper = insecureTransport + } else { + roundTripper = secureTransport } // attach custom headers to api requests, if specified diff --git a/metricproviders/webmetric/webmetric.go b/metricproviders/webmetric/webmetric.go index 6561e72290..6043885f72 100644 --- a/metricproviders/webmetric/webmetric.go +++ b/metricproviders/webmetric/webmetric.go @@ -176,6 +176,10 @@ func (p *Provider) GarbageCollect(run *v1alpha1.AnalysisRun, metric v1alpha1.Met return nil } +var insecureTransport *http.Transport = &http.Transport{ + TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, +} + func NewWebMetricHttpClient(metric v1alpha1.Metric) (*http.Client, error) { var timeout time.Duration var oauthCfg clientcredentials.Config @@ -191,10 +195,7 @@ func NewWebMetricHttpClient(metric v1alpha1.Metric) (*http.Client, error) { Timeout: timeout, } if metric.Provider.Web.Insecure { - tr := &http.Transport{ - TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, - } - c.Transport = tr + c.Transport = insecureTransport } if metric.Provider.Web.Authentication.OAuth2.TokenURL != "" { if metric.Provider.Web.Authentication.OAuth2.ClientID == "" || metric.Provider.Web.Authentication.OAuth2.ClientSecret == "" {