How do I configure TLS on HttpTrigger

[kennethlong]

I'm getting an SSL error in the controller generated sensor pod. It looks like there is a tls section that I can specify in the sensor yaml, but I can't find any example syntax.

Error: "failed to execute trigger, failed after retries: Post "https://devbuilder.apps.dev.mydomain/api/argoEvents\": x509 certificate signed by unknown authority"

Is it possible to call an https endpoint from HttpTrigger? If so, what is the best way to configure the sensor container with my certs?

[kennethlong]

I did some digging and based on this older discussion of someone trying to do something similar with an EventSource, I tried a similar thing and it worked for Sensor as well!

I took a fresh alpine image and got the original /etc/ssl/certs/ca-certificates.crt, then I added my certs to the end of that file, then I created a ConfigMap with the new ca-certificates.crt file. I updated the Sensor definition like this and everything works:

apiVersion: argoproj.io/v1alpha1
kind: Sensor
metadata:
  name: devbuilder
spec:
  dependencies:
    - eventName: example
      eventSourceName: webhook
      name: test-dep
  triggers:
    - template:
        http:
          method: POST
          headers:
            'Content-Type': application/json
          payload:
            - src:
                dependencyName: test-dep
                dataKey: body.message
              dest: message
          url: 'https://devbuilder.apps.dev.mydomain/api/argoEvents'
        name: http-trigger
      retryStrategy:
        duration: 3s
        steps: 3
      policy:
        status:
          allow:
            - 200
            - 201
  template:
    container:
      volumeMounts:
        - name: certs-volume
          mountPath: /etc/ssl/certs
    volumes:
      - name: certs-volume
        configMap:
          name: ca-certificates

Many thanks to @whynowy and @mchebitou for their previous efforts.