warjiang
warjiang
sounds feasible 👍
/assign @yuin
> Just to throw out what I put in slack. > > It is considered good security practice. It forces the container runtime to validate that the cached image on...
> > we need to set SENTRY_AUTH_TOKEN but lack of permission > > I think we can talk about it at today's meeting. ok~
> Hi @warjiang does PR ready for moving forward? Need an extra switch to enable or disable monitor.
yes, the problem is setting wrong host, which caused by `socks-proxy-agent` package, it will omit the `host` when create tls connection. and the server in my kubeconfig is that: ...
It seems not the problem of invoking, when send request to apiserver, the request lib(aka node-fetch) will set host according to server field in the kubeconfig:  the opts param...
> It seems like this is a bug in the `socks-proxy-agent` library? Yes, i'm trying to prepare more snippet to prove that. BTW, is anyone tested the `proxy-url` feature? I...
@brendandburns already confirm the problem, it seems that `socks-proxy-agent` doesn't take bilateral tls verification into consideraion(because I've tested the http/https version, it doesn't works for scenario of bilateral tls verification)
it seems that the upstream of `socks-proxy-agent` no reply recently, should we maintain another copy of `socks-proxy-agent` in the `kubernetes-client/javascript` source code, it doesn't cost much, and will be easy...