fix: Switch InsecureSkipVerify to true (#5575)

Signed-off-by: Simon Behar <simbeh7@gmail.com>

cmd/argo/commands/server.go

@@ -100,7 +100,7 @@ See %s`, help.ArgoSever),
 				}
 				tlsConfig = &tls.Config{
 					Certificates:       []tls.Certificate{cer},
-					InsecureSkipVerify: false, // InsecureSkipVerify will not impact the TLS listener. It is needed for the server to speak to itself for GRPC.
+					InsecureSkipVerify: true,
 					MinVersion:         uint16(tlsMinVersion),
 				}
 			} else {

server/apiserver/argoserver.go

@@ -16,6 +16,7 @@ import (
 	"github.com/soheilhy/cmux"
 	"golang.org/x/net/context"
 	"google.golang.org/grpc"
+	"google.golang.org/grpc/credentials"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/client-go/rest"
 
@@ -271,8 +272,13 @@ func (as *argoServer) newHTTPServer(ctx context.Context, port int, artifactServe
 	}
 	dialOpts := []grpc.DialOption{
 		grpc.WithDefaultCallOptions(grpc.MaxCallRecvMsgSize(MaxGRPCMessageSize)),
-		grpc.WithInsecure(),
 	}
+	if as.tlsConfig != nil {
+		dialOpts = append(dialOpts, grpc.WithTransportCredentials(credentials.NewTLS(as.tlsConfig)))
+	} else {
+		dialOpts = append(dialOpts, grpc.WithInsecure())
+	}
+
 	webhookInterceptor := webhook.Interceptor(as.clients.Kubernetes)
 
 	// HTTP 1.1+JSON Server