Open sai-sandeep-1 opened 2 months ago
Are you trying to import velero's package in your code? Please feel free to fork the repo to add such support, but it may not be merged into upstream, because at the moment velero doesn't have a use case to skip cert when executing hooks.
Yes, I am using velero as a package in the code. Got it
https://github.com/vmware-tanzu/velero/blob/4d48273a24969b748b6c2c68f376928053188102/pkg/podexec/pod_command_executor.go#L57
I have a use case where the server certificate is self-signed and doesn't have a hostname in the SAN
How can I make it so that the hostname validation is skipped but the certificate verification still happens when using the PodCommandExecutor?
Most kubernetes clients support constructors that allow passing the HTTP client
func NewForConfigAndClient(c *rest.Config, h *http.Client)
this helps in configuring the TLS in the HTTP client to skip the hostname validation if needed.Is there something that can be done for the pod command executor?