search

Granulate / gprofiler

gProfiler is a system-wide profiler, combining multiple sampling profilers to produce unified visualization of what your CPU is spending time on.
https://profiler.granulate.io
Apache License 2.0
743 stars 54 forks source link

Add --no-verify option to disable server certificate verification #765

Closed Jongy closed 1 year ago

Jongy commented 1 year ago

In certain non-SaaS deployments we'd like to run the server in HTTPS but with (possibly) dummy or self-signed certificates. This PR adds a simle option like curl's --insecure, wget's --no-check-certificate etc.

Tested by -

  1. running a "simple HTTPS server" with self signed certificate per this link
  2. Testing with curl - without -k I get curl: (60) SSL certificate problem: self-signed certificate, with -k the connection is established.
  3. Testing with gprofiler w/o this PR - getting SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1131)') for the get_health check.
  4. Testing with gprofiler with this PR without --no-verify - same error as the above ^^
  5. Testing with gprofiler with this PR with --no-verify - connection is established (and then gProfiler whines on "unexpected response").
  6. Did the same tests for the glogger - with --no-verify I get Unsupported method ('POST') for url (because my dummy server is GET only), without --no-verify I get requests.exceptions.SSLError: HTTPSConnectionPool(host='127.0.0.1', port=3333): Max retries exceeded with url: /api/v1/logs (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1131)'))).
Jongy commented 1 year ago

Upgraded utils @netaneld122