From 697ee1b4263230bfc207a75ff9235cee69245af0 Mon Sep 17 00:00:00 2001
From: Hector Ros <hectorros@Mac.localdomain>
Date: Tue, 20 Jan 2026 18:10:17 +0100
Subject: [PATCH] Fix: Use custom HTTPS agent to skip SSL verification

skipTLSVerify flag is not respected by @kubernetes/client-node.
Solution: Create custom https.Agent with rejectUnauthorized: false

Co-Authored-By: Claude Sonnet 4.5 (1M context) <noreply@anthropic.com>
---
 src/lib/k8s.ts | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/lib/k8s.ts b/src/lib/k8s.ts
index f33c092..4ef7320 100644
--- a/src/lib/k8s.ts
+++ b/src/lib/k8s.ts
@@ -3,6 +3,7 @@
  */
 
 import * as k8s from '@kubernetes/client-node'
+import * as https from 'https'
 
 let k8sClient: k8s.CoreV1Api | null = null
 let k8sConfig: k8s.KubeConfig | null = null
@@ -28,6 +29,16 @@ export function initK8sClient() {
       cluster.skipTLSVerify = true
       console.log('🔓 K8s client configured to skip TLS verification (in-cluster mode)')
     }
+
+    // Create custom HTTPS agent that ignores certificate errors
+    const httpsAgent = new https.Agent({
+      rejectUnauthorized: false
+    })
+
+    // Apply custom agent to the config
+    k8sConfig.applyToHTTPSOptions({
+      httpsAgent: httpsAgent
+    } as any)
   } else {
     // Load from kubeconfig file
     const configPath = process.env.K8S_CONFIG_PATH || process.env.KUBECONFIG || '~/.kube/config'