insecureSkipVerify can be passed as env variable and set to true; by …

…default, it is set to false
interTwin-eu · Jan 9, 2025 · ea0b30e · ea0b30e
1 parent a943c71
commit ea0b30e
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/pkg/interlink/config.go b/pkg/interlink/config.go
@@ -95,6 +95,11 @@ func SetupTelemetry(ctx context.Context, serviceName string) (*sdktrace.TracerPr
 			return nil, fmt.Errorf("client certificate file path not provided. Since a CA certificate is provided, a client certificate is required for mutual TLS")
 		}
 
+		insecureSkipVerify := false
+		if os.Getenv("TELEMETRY_INSECURE_SKIP_VERIFY") == "true" {
+			insecureSkipVerify = true
+		}
+
 		certPool := x509.NewCertPool()
 		if !certPool.AppendCertsFromPEM(caCert) {
 			return nil, fmt.Errorf("failed to append CA certificate")
@@ -109,7 +114,7 @@ func SetupTelemetry(ctx context.Context, serviceName string) (*sdktrace.TracerPr
 			Certificates:       []tls.Certificate{cert},
 			RootCAs:            certPool,
 			MinVersion:         tls.VersionTLS12,
-			InsecureSkipVerify: true, // #nosec
+			InsecureSkipVerify: insecureSkipVerify,
 		}
 
 		creds := credentials.NewTLS(tlsConfig)