Open debMan opened 10 months ago
Thank you for the clear, detailed issue report and suggested approaches. I'm a bit swamped at the moment, but I'm always willing to review contributions if you'd like this functionality soon -- I'd be particularly amenable to a community contribution of "Provide an option to send request as HTTPS to the service-port
, with optionally pass CA" because I see it as a relatively small change with high impact.
cc @kwombach12 so you're aware.
In the environments with oauth-proxy as as reverse proxy to authenticate users (like OpenShift), the command fails. Neither with
--use-proxy
, not without it.Setup
quay.io/openshift/origin-oauth-proxy:4.10.0
as an oauth-proxy which listens on 8443, checks users authorization with kubernetes SAR and proxies tolocalhost:9090
clusterIP
type which maps port 443 on service to 8443 on podLogs
Command which failed with
--use-proxy
:Output
Command which failed without
--use-proxy
:Output
Suggestion
I think there are two solutions might resolve this:
service-port
, with optionally pass CA. This method is different from first one, and might have other use cases, and eliminates need to expose the cost API publicly.