diff --git a/Documentation/api.md b/Documentation/api.md
index 87d06ecc6..d2cd78b58 100644
--- a/Documentation/api.md
+++ b/Documentation/api.md
@@ -13345,6 +13345,7 @@ string
|
+(Optional)
Used to verify the hostname for the targets.
|
@@ -13356,6 +13357,7 @@ bool
+(Optional)
Disable target certificate validation.
|
@@ -14034,6 +14036,7 @@ string
+(Optional)
Used to verify the hostname for the targets.
|
@@ -14045,6 +14048,7 @@ bool
+(Optional)
Disable target certificate validation.
|
diff --git a/pkg/alertmanager/amcfg.go b/pkg/alertmanager/amcfg.go
index 05f384e25..1d939f9f4 100644
--- a/pkg/alertmanager/amcfg.go
+++ b/pkg/alertmanager/amcfg.go
@@ -1542,9 +1542,14 @@ func (cb *configBuilder) convertHTTPConfig(ctx context.Context, in *monitoringv1
}
func (cb *configBuilder) convertTLSConfig(in *monitoringv1.SafeTLSConfig, crKey types.NamespacedName) *tlsConfig {
- out := tlsConfig{
- ServerName: in.ServerName,
- InsecureSkipVerify: in.InsecureSkipVerify,
+ out := tlsConfig{}
+
+ if in.ServerName != nil {
+ out.ServerName = *in.ServerName
+ }
+
+ if in.InsecureSkipVerify != nil {
+ out.InsecureSkipVerify = *in.InsecureSkipVerify
}
if in.CA != (monitoringv1.SecretOrConfigMap{}) {
diff --git a/pkg/apis/monitoring/v1/types.go b/pkg/apis/monitoring/v1/types.go
index 1de8596ba..327088f03 100644
--- a/pkg/apis/monitoring/v1/types.go
+++ b/pkg/apis/monitoring/v1/types.go
@@ -656,14 +656,20 @@ func (c *SecretOrConfigMap) String() string {
type SafeTLSConfig struct {
// Certificate authority used when verifying server certificates.
CA SecretOrConfigMap `json:"ca,omitempty"`
+
// Client certificate to present when doing client-authentication.
Cert SecretOrConfigMap `json:"cert,omitempty"`
+
// Secret containing the client key file for the targets.
KeySecret *v1.SecretKeySelector `json:"keySecret,omitempty"`
+
// Used to verify the hostname for the targets.
- ServerName string `json:"serverName,omitempty"`
+ //+optional
+ ServerName *string `json:"serverName,omitempty"`
+
// Disable target certificate validation.
- InsecureSkipVerify bool `json:"insecureSkipVerify,omitempty"`
+ //+optional
+ InsecureSkipVerify *bool `json:"insecureSkipVerify,omitempty"`
}
// Validate semantically validates the given SafeTLSConfig.
diff --git a/pkg/apis/monitoring/v1/zz_generated.deepcopy.go b/pkg/apis/monitoring/v1/zz_generated.deepcopy.go
index e499791bf..e0ab562eb 100644
--- a/pkg/apis/monitoring/v1/zz_generated.deepcopy.go
+++ b/pkg/apis/monitoring/v1/zz_generated.deepcopy.go
@@ -2603,6 +2603,16 @@ func (in *SafeTLSConfig) DeepCopyInto(out *SafeTLSConfig) {
*out = new(corev1.SecretKeySelector)
(*in).DeepCopyInto(*out)
}
+ if in.ServerName != nil {
+ in, out := &in.ServerName, &out.ServerName
+ *out = new(string)
+ **out = **in
+ }
+ if in.InsecureSkipVerify != nil {
+ in, out := &in.InsecureSkipVerify, &out.InsecureSkipVerify
+ *out = new(bool)
+ **out = **in
+ }
}
// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SafeTLSConfig.
diff --git a/pkg/prometheus/promcfg.go b/pkg/prometheus/promcfg.go
index a5e0ce253..c04de8145 100644
--- a/pkg/prometheus/promcfg.go
+++ b/pkg/prometheus/promcfg.go
@@ -345,23 +345,30 @@ func addSafeTLStoYaml(cfg yaml.MapSlice, namespace string, tls monitoringv1.Safe
pathForSelector := func(sel monitoringv1.SecretOrConfigMap) string {
return path.Join(tlsAssetsDir, assets.TLSAssetKeyFromSelector(namespace, sel).String())
}
- tlsConfig := yaml.MapSlice{
- {Key: "insecure_skip_verify", Value: tls.InsecureSkipVerify},
+
+ tlsConfig := yaml.MapSlice{}
+
+ if tls.InsecureSkipVerify != nil {
+ tlsConfig = append(tlsConfig, yaml.MapItem{Key: "insecure_skip_verify", Value: *tls.InsecureSkipVerify})
}
+
if tls.CA.Secret != nil || tls.CA.ConfigMap != nil {
tlsConfig = append(tlsConfig, yaml.MapItem{Key: "ca_file", Value: pathForSelector(tls.CA)})
}
+
if tls.Cert.Secret != nil || tls.Cert.ConfigMap != nil {
tlsConfig = append(tlsConfig, yaml.MapItem{Key: "cert_file", Value: pathForSelector(tls.Cert)})
}
+
if tls.KeySecret != nil {
tlsConfig = append(tlsConfig, yaml.MapItem{Key: "key_file", Value: pathForSelector(monitoringv1.SecretOrConfigMap{Secret: tls.KeySecret})})
}
- if tls.ServerName != "" {
- tlsConfig = append(tlsConfig, yaml.MapItem{Key: "server_name", Value: tls.ServerName})
+
+ if ptr.Deref(tls.ServerName, "") != "" {
+ tlsConfig = append(tlsConfig, yaml.MapItem{Key: "server_name", Value: *tls.ServerName})
}
- cfg = append(cfg, yaml.MapItem{Key: "tls_config", Value: tlsConfig})
- return cfg
+
+ return append(cfg, yaml.MapItem{Key: "tls_config", Value: tlsConfig})
}
func addTLStoYaml(cfg yaml.MapSlice, namespace string, tls *monitoringv1.TLSConfig) yaml.MapSlice {
diff --git a/pkg/prometheus/promcfg_test.go b/pkg/prometheus/promcfg_test.go
index 8eaa6df24..8a9f51120 100644
--- a/pkg/prometheus/promcfg_test.go
+++ b/pkg/prometheus/promcfg_test.go
@@ -5520,7 +5520,7 @@ func TestScrapeConfigSpecConfig(t *testing.T) {
{
URL: "http://localhost:9100/sd.json",
TLSConfig: &monitoringv1.SafeTLSConfig{
- InsecureSkipVerify: true,
+ InsecureSkipVerify: ptr.To(true),
CA: monitoringv1.SecretOrConfigMap{
Secret: &v1.SecretKeySelector{
LocalObjectReference: v1.LocalObjectReference{
diff --git a/pkg/prometheus/testdata/ConsulScrapeConfigTLSConfig.golden b/pkg/prometheus/testdata/ConsulScrapeConfigTLSConfig.golden
index 5080565eb..3cdf44b78 100644
--- a/pkg/prometheus/testdata/ConsulScrapeConfigTLSConfig.golden
+++ b/pkg/prometheus/testdata/ConsulScrapeConfigTLSConfig.golden
@@ -8,7 +8,6 @@ scrape_configs:
- job_name: scrapeConfig/default/testscrapeconfig1
consul_sd_configs:
- tls_config:
- insecure_skip_verify: false
ca_file: /etc/prometheus/certs/secret_default_secret-ca-global_
cert_file: /etc/prometheus/certs/secret_default_secret-cert_
key_file: /etc/prometheus/certs/secret_default_secret_key
diff --git a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_DigitalOceanSD_with_TLSConfig.golden b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_DigitalOceanSD_with_TLSConfig.golden
index 524c482da..c9813cc91 100644
--- a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_DigitalOceanSD_with_TLSConfig.golden
+++ b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_DigitalOceanSD_with_TLSConfig.golden
@@ -10,7 +10,6 @@ scrape_configs:
- authorization:
type: Bearer
tls_config:
- insecure_skip_verify: false
ca_file: /etc/prometheus/certs/secret_default_secret-ca_
cert_file: /etc/prometheus/certs/secret_default_secret-cert_
key_file: /etc/prometheus/certs/secret_default_secret_key
diff --git a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_DockerSDConfig.golden b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_DockerSDConfig.golden
index 0bfc6fe6c..9c6c0a7bf 100644
--- a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_DockerSDConfig.golden
+++ b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_DockerSDConfig.golden
@@ -16,7 +16,6 @@ scrape_configs:
header: value
host: hostAddress
tls_config:
- insecure_skip_verify: false
ca_file: /etc/prometheus/certs/secret_default_secret-ca_
cert_file: /etc/prometheus/certs/secret_default_secret-cert_
key_file: /etc/prometheus/certs/secret_default_secret_key
diff --git a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_DockerSD_with_BasicAuth.golden b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_DockerSD_with_BasicAuth.golden
index a371846a7..cfe6522c9 100644
--- a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_DockerSD_with_BasicAuth.golden
+++ b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_DockerSD_with_BasicAuth.golden
@@ -12,7 +12,6 @@ scrape_configs:
password: ""
host: hostAddress
tls_config:
- insecure_skip_verify: false
ca_file: /etc/prometheus/certs/secret_default_secret-ca_
cert_file: /etc/prometheus/certs/secret_default_secret-cert_
key_file: /etc/prometheus/certs/secret_default_secret_key
diff --git a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_DockerSD_with_OAuth.golden b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_DockerSD_with_OAuth.golden
index afae4b396..a93a79bd8 100644
--- a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_DockerSD_with_OAuth.golden
+++ b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_DockerSD_with_OAuth.golden
@@ -19,7 +19,6 @@ scrape_configs:
param2: value2
host: hostAddress
tls_config:
- insecure_skip_verify: false
ca_file: /etc/prometheus/certs/secret_default_secret-ca_
cert_file: /etc/prometheus/certs/secret_default_secret-cert_
key_file: /etc/prometheus/certs/secret_default_secret_key
diff --git a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_EurekaSD_with_TLSConfig.golden b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_EurekaSD_with_TLSConfig.golden
index 606fb0db0..f17b09e2b 100644
--- a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_EurekaSD_with_TLSConfig.golden
+++ b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_EurekaSD_with_TLSConfig.golden
@@ -10,7 +10,6 @@ scrape_configs:
- authorization:
type: Bearer
tls_config:
- insecure_skip_verify: false
ca_file: /etc/prometheus/certs/secret_default_secret-ca_
cert_file: /etc/prometheus/certs/secret_default_secret-cert_
key_file: /etc/prometheus/certs/secret_default_secret_key
diff --git a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_HetznerSD_with_TLSConfig.golden b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_HetznerSD_with_TLSConfig.golden
index f3c0752c7..6cc43e37e 100644
--- a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_HetznerSD_with_TLSConfig.golden
+++ b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_HetznerSD_with_TLSConfig.golden
@@ -9,7 +9,6 @@ scrape_configs:
hetzner_sd_configs:
- role: hcloud
tls_config:
- insecure_skip_verify: false
ca_file: /etc/prometheus/certs/secret_default_secret-ca_
cert_file: /etc/prometheus/certs/secret_default_secret-cert_
key_file: /etc/prometheus/certs/secret_default_secret_key
diff --git a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_K8SSD_with_TLSConfig.golden b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_K8SSD_with_TLSConfig.golden
index 9bca276fd..46f27969b 100644
--- a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_K8SSD_with_TLSConfig.golden
+++ b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_K8SSD_with_TLSConfig.golden
@@ -9,7 +9,6 @@ scrape_configs:
kubernetes_sd_configs:
- role: node
tls_config:
- insecure_skip_verify: false
ca_file: /etc/prometheus/certs/secret_default_secret-ca_
cert_file: /etc/prometheus/certs/secret_default_secret-cert_
key_file: /etc/prometheus/certs/secret_default_secret_key
diff --git a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_KumaSD_with_TLSConfig.golden b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_KumaSD_with_TLSConfig.golden
index 94ca04de0..6e51eb290 100644
--- a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_KumaSD_with_TLSConfig.golden
+++ b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_KumaSD_with_TLSConfig.golden
@@ -11,7 +11,6 @@ scrape_configs:
type: Bearer
server: ""
tls_config:
- insecure_skip_verify: false
ca_file: /etc/prometheus/certs/secret_default_secret-ca_
cert_file: /etc/prometheus/certs/secret_default_secret-cert_
key_file: /etc/prometheus/certs/secret_default_secret_key
diff --git a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_NomadSD_with_TLSConfig.golden b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_NomadSD_with_TLSConfig.golden
index f79826578..4416ea52a 100644
--- a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_NomadSD_with_TLSConfig.golden
+++ b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_NomadSD_with_TLSConfig.golden
@@ -11,7 +11,6 @@ scrape_configs:
type: Bearer
server: ""
tls_config:
- insecure_skip_verify: false
ca_file: /etc/prometheus/certs/secret_default_secret-ca_
cert_file: /etc/prometheus/certs/secret_default_secret-cert_
key_file: /etc/prometheus/certs/secret_default_secret_key
diff --git a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_TLSConfig.golden b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_TLSConfig.golden
index 26a8eded4..1b5f54108 100644
--- a/pkg/prometheus/testdata/ScrapeConfigSpecConfig_TLSConfig.golden
+++ b/pkg/prometheus/testdata/ScrapeConfigSpecConfig_TLSConfig.golden
@@ -7,7 +7,6 @@ global:
scrape_configs:
- job_name: scrapeConfig/default/testscrapeconfig1
tls_config:
- insecure_skip_verify: false
ca_file: /etc/prometheus/certs/secret_default_secret-ca-global_
cert_file: /etc/prometheus/certs/secret_default_secret-cert_
key_file: /etc/prometheus/certs/secret_default_secret_key
diff --git a/pkg/prometheus/testdata/monitorObjectWithDefaultScrapeClassAndTLSConfig.golden b/pkg/prometheus/testdata/monitorObjectWithDefaultScrapeClassAndTLSConfig.golden
index 12f99476c..69ca0c3cc 100644
--- a/pkg/prometheus/testdata/monitorObjectWithDefaultScrapeClassAndTLSConfig.golden
+++ b/pkg/prometheus/testdata/monitorObjectWithDefaultScrapeClassAndTLSConfig.golden
@@ -14,7 +14,6 @@ scrape_configs:
- default
scrape_interval: 30s
tls_config:
- insecure_skip_verify: false
ca_file: /etc/prometheus/secrets/default/ca.crt
cert_file: /etc/prometheus/secrets/default/tls.crt
key_file: /etc/prometheus/secrets/default/tls.key
diff --git a/pkg/prometheus/testdata/monitorObjectWithNonDefaultScrapeClassAndTLSConfig.golden b/pkg/prometheus/testdata/monitorObjectWithNonDefaultScrapeClassAndTLSConfig.golden
index dae37ae5a..ff15e1054 100644
--- a/pkg/prometheus/testdata/monitorObjectWithNonDefaultScrapeClassAndTLSConfig.golden
+++ b/pkg/prometheus/testdata/monitorObjectWithNonDefaultScrapeClassAndTLSConfig.golden
@@ -14,7 +14,6 @@ scrape_configs:
- default
scrape_interval: 30s
tls_config:
- insecure_skip_verify: false
ca_file: /etc/prometheus/secrets/ca.crt
cert_file: /etc/prometheus/secrets/tls.crt
key_file: /etc/prometheus/secrets/tls.key
diff --git a/pkg/prometheus/testdata/podMonitorObjectWithNonDefaultScrapeClassAndExistingTLSConfig.golden b/pkg/prometheus/testdata/podMonitorObjectWithNonDefaultScrapeClassAndExistingTLSConfig.golden
index 3535b99b0..337de9944 100644
--- a/pkg/prometheus/testdata/podMonitorObjectWithNonDefaultScrapeClassAndExistingTLSConfig.golden
+++ b/pkg/prometheus/testdata/podMonitorObjectWithNonDefaultScrapeClassAndExistingTLSConfig.golden
@@ -14,7 +14,6 @@ scrape_configs:
- default
scrape_interval: 30s
tls_config:
- insecure_skip_verify: false
ca_file: /etc/prometheus/certs/secret_default_secret-ca-global_
cert_file: /etc/prometheus/certs/secret_default_secret-cert_
key_file: /etc/prometheus/certs/secret_default_secret_key
diff --git a/pkg/prometheus/testdata/podMonitorObjectWithNonDefaultScrapeClassAndExistingTLSConfigMissingCA.golden b/pkg/prometheus/testdata/podMonitorObjectWithNonDefaultScrapeClassAndExistingTLSConfigMissingCA.golden
index d2d94629c..2e804c93f 100644
--- a/pkg/prometheus/testdata/podMonitorObjectWithNonDefaultScrapeClassAndExistingTLSConfigMissingCA.golden
+++ b/pkg/prometheus/testdata/podMonitorObjectWithNonDefaultScrapeClassAndExistingTLSConfigMissingCA.golden
@@ -14,7 +14,6 @@ scrape_configs:
- default
scrape_interval: 30s
tls_config:
- insecure_skip_verify: false
cert_file: /etc/prometheus/certs/secret_default_secret-cert_
key_file: /etc/prometheus/certs/secret_default_secret_key
ca_file: /etc/prometheus/secrets/ca.crt
diff --git a/pkg/prometheus/testdata/serviceMonitorObjectWithNonDefaultScrapeClassAndExistingTLSConfig.golden b/pkg/prometheus/testdata/serviceMonitorObjectWithNonDefaultScrapeClassAndExistingTLSConfig.golden
index 9ff64b54b..4bfbdbb63 100644
--- a/pkg/prometheus/testdata/serviceMonitorObjectWithNonDefaultScrapeClassAndExistingTLSConfig.golden
+++ b/pkg/prometheus/testdata/serviceMonitorObjectWithNonDefaultScrapeClassAndExistingTLSConfig.golden
@@ -14,7 +14,6 @@ scrape_configs:
- default
scrape_interval: 30s
tls_config:
- insecure_skip_verify: false
ca_file: /etc/prometheus/certs/secret_default_secret-ca-global_
cert_file: /etc/prometheus/certs/secret_default_secret-cert_
key_file: /etc/prometheus/certs/secret_default_secret_key
diff --git a/pkg/prometheus/testdata/serviceMonitorObjectWithNonDefaultScrapeClassAndExistingTLSConfigMissingCA.golden b/pkg/prometheus/testdata/serviceMonitorObjectWithNonDefaultScrapeClassAndExistingTLSConfigMissingCA.golden
index 2fcab8852..20e410004 100644
--- a/pkg/prometheus/testdata/serviceMonitorObjectWithNonDefaultScrapeClassAndExistingTLSConfigMissingCA.golden
+++ b/pkg/prometheus/testdata/serviceMonitorObjectWithNonDefaultScrapeClassAndExistingTLSConfigMissingCA.golden
@@ -14,7 +14,6 @@ scrape_configs:
- default
scrape_interval: 30s
tls_config:
- insecure_skip_verify: false
cert_file: /etc/prometheus/certs/secret_default_secret-cert_
key_file: /etc/prometheus/certs/secret_default_secret_key
ca_file: /etc/prometheus/secrets/ca.crt
diff --git a/test/e2e/prometheus_test.go b/test/e2e/prometheus_test.go
index 2d182361d..eea8a5b4f 100644
--- a/test/e2e/prometheus_test.go
+++ b/test/e2e/prometheus_test.go
@@ -141,7 +141,7 @@ func deployInstrumentedApplicationWithTLS(name, ns string) error {
Scheme: "https",
TLSConfig: &monitoringv1.TLSConfig{
SafeTLSConfig: monitoringv1.SafeTLSConfig{
- ServerName: "caandserver.com",
+ ServerName: ptr.To("caandserver.com"),
CA: monitoringv1.SecretOrConfigMap{
Secret: &v1.SecretKeySelector{
LocalObjectReference: v1.LocalObjectReference{
@@ -3039,7 +3039,7 @@ func testPromArbitraryFSAcc(t *testing.T) {
Port: "web",
TLSConfig: &monitoringv1.TLSConfig{
SafeTLSConfig: monitoringv1.SafeTLSConfig{
- InsecureSkipVerify: true,
+ InsecureSkipVerify: ptr.To(true),
CA: monitoringv1.SecretOrConfigMap{
Secret: &v1.SecretKeySelector{
LocalObjectReference: v1.LocalObjectReference{
@@ -3076,7 +3076,7 @@ func testPromArbitraryFSAcc(t *testing.T) {
Port: "web",
TLSConfig: &monitoringv1.TLSConfig{
SafeTLSConfig: monitoringv1.SafeTLSConfig{
- InsecureSkipVerify: true,
+ InsecureSkipVerify: ptr.To(true),
CA: monitoringv1.SecretOrConfigMap{
ConfigMap: &v1.ConfigMapKeySelector{
LocalObjectReference: v1.LocalObjectReference{
@@ -3333,7 +3333,7 @@ func testPromTLSConfigViaSecret(t *testing.T) {
Scheme: "https",
TLSConfig: &monitoringv1.TLSConfig{
SafeTLSConfig: monitoringv1.SafeTLSConfig{
- InsecureSkipVerify: true,
+ InsecureSkipVerify: ptr.To(true),
Cert: monitoringv1.SecretOrConfigMap{
Secret: &v1.SecretKeySelector{
LocalObjectReference: v1.LocalObjectReference{
@@ -3533,7 +3533,7 @@ func testPromSecurePodMonitor(t *testing.T) {
Port: "mtls",
Scheme: "https",
TLSConfig: &monitoringv1.SafeTLSConfig{
- InsecureSkipVerify: true,
+ InsecureSkipVerify: ptr.To(true),
CA: monitoringv1.SecretOrConfigMap{
Secret: &v1.SecretKeySelector{
LocalObjectReference: v1.LocalObjectReference{
@@ -3566,7 +3566,7 @@ func testPromSecurePodMonitor(t *testing.T) {
Port: "mtls",
Scheme: "https",
TLSConfig: &monitoringv1.SafeTLSConfig{
- InsecureSkipVerify: true,
+ InsecureSkipVerify: ptr.To(true),
CA: monitoringv1.SecretOrConfigMap{
ConfigMap: &v1.ConfigMapKeySelector{
LocalObjectReference: v1.LocalObjectReference{
diff --git a/test/e2e/scrapeconfig_test.go b/test/e2e/scrapeconfig_test.go
index 653d0d05d..0e9f72074 100644
--- a/test/e2e/scrapeconfig_test.go
+++ b/test/e2e/scrapeconfig_test.go
@@ -390,7 +390,7 @@ func testScrapeConfigKubernetesNodeRole(t *testing.T) {
}
sc.Spec.TLSConfig = &monitoringv1.SafeTLSConfig{
// since we cannot validate server name in cert
- InsecureSkipVerify: true,
+ InsecureSkipVerify: ptr.To(true),
CA: monitoringv1.SecretOrConfigMap{
Secret: &v1.SecretKeySelector{
LocalObjectReference: v1.LocalObjectReference{
diff --git a/test/framework/prometheus.go b/test/framework/prometheus.go
index dee9a436e..612582eec 100644
--- a/test/framework/prometheus.go
+++ b/test/framework/prometheus.go
@@ -229,7 +229,7 @@ func (prwtc PromRemoteWriteTestConfig) AddRemoteWriteWithTLSToPrometheus(p *moni
p.Spec.RemoteWrite[0].TLSConfig = &monitoringv1.TLSConfig{
SafeTLSConfig: monitoringv1.SafeTLSConfig{
- ServerName: "caandserver.com",
+ ServerName: ptr.To("caandserver.com"),
},
}
@@ -280,7 +280,7 @@ func (prwtc PromRemoteWriteTestConfig) AddRemoteWriteWithTLSToPrometheus(p *moni
}
case prwtc.InsecureSkipVerify:
- p.Spec.RemoteWrite[0].TLSConfig.InsecureSkipVerify = true
+ p.Spec.RemoteWrite[0].TLSConfig.InsecureSkipVerify = ptr.To(true)
}
}