From e90c23dd31fdd97e3e2d0e198ef477816132f5bb Mon Sep 17 00:00:00 2001
From: dongjiang1989 <dongjiang1989@126.com>
Date: Wed, 10 Jul 2024 18:20:09 +0800
Subject: [PATCH 1/5] fix tls bug

Signed-off-by: dongjiang1989 <dongjiang1989@126.com>
---
 cmd/metrics-server/app/options/kubelet_client.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cmd/metrics-server/app/options/kubelet_client.go b/cmd/metrics-server/app/options/kubelet_client.go
index 7ffd7baa1..f98ff70cc 100644
--- a/cmd/metrics-server/app/options/kubelet_client.go
+++ b/cmd/metrics-server/app/options/kubelet_client.go
@@ -112,9 +112,9 @@ func (o KubeletClientOptions) Config(restConfig *rest.Config) *client.KubeletCli
 		config.Client.TLSClientConfig = rest.TLSClientConfig{}      // empty TLS config --> no TLS
 	}
 	if o.InsecureKubeletTLS {
+		config.Client.TLSClientConfig = rest.TLSClientConfig{}
 		config.Client.TLSClientConfig.Insecure = true
-		config.Client.TLSClientConfig.CAData = nil
-		config.Client.TLSClientConfig.CAFile = ""
+		config.Client.TLSClientConfig.NextProtos = []string{"http/1.1", "h2"}
 	}
 	if len(o.KubeletCAFile) > 0 {
 		config.Client.TLSClientConfig.CAFile = o.KubeletCAFile

From 3aecde08e3104e546ab515e71a670f9f0bd6aff4 Mon Sep 17 00:00:00 2001
From: dongjiang1989 <dongjiang1989@126.com>
Date: Mon, 9 Sep 2024 16:49:05 +0800
Subject: [PATCH 2/5] update by codereview

Signed-off-by: dongjiang1989 <dongjiang1989@126.com>
---
 cmd/metrics-server/app/options/kubelet_client.go      | 1 -
 cmd/metrics-server/app/options/kubelet_client_test.go | 9 +++++++--
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/cmd/metrics-server/app/options/kubelet_client.go b/cmd/metrics-server/app/options/kubelet_client.go
index f98ff70cc..faf673046 100644
--- a/cmd/metrics-server/app/options/kubelet_client.go
+++ b/cmd/metrics-server/app/options/kubelet_client.go
@@ -112,7 +112,6 @@ func (o KubeletClientOptions) Config(restConfig *rest.Config) *client.KubeletCli
 		config.Client.TLSClientConfig = rest.TLSClientConfig{}      // empty TLS config --> no TLS
 	}
 	if o.InsecureKubeletTLS {
-		config.Client.TLSClientConfig = rest.TLSClientConfig{}
 		config.Client.TLSClientConfig.Insecure = true
 		config.Client.TLSClientConfig.NextProtos = []string{"http/1.1", "h2"}
 	}
diff --git a/cmd/metrics-server/app/options/kubelet_client_test.go b/cmd/metrics-server/app/options/kubelet_client_test.go
index 63c0b6a95..4d7b17d18 100644
--- a/cmd/metrics-server/app/options/kubelet_client_test.go
+++ b/cmd/metrics-server/app/options/kubelet_client_test.go
@@ -75,8 +75,13 @@ func TestConfig(t *testing.T) {
 			expectFunc: func() client.KubeletClientConfig {
 				e := expected
 				e.Client.Insecure = true
-				e.Client.CAFile = ""
-				e.Client.CAData = nil
+				e.Client.KeyFile = "KeyFile"
+				e.Client.KeyData = []byte("KeyData")
+				e.Client.CAFile = "CAFile"
+				e.Client.CAData = []byte("CAData")
+				e.Client.CertFile = "CertFile"
+				e.Client.CertData = []byte("CertData")
+				e.Client.NextProtos = []string{"http/1.1", "h2"}
 				return e
 			},
 		},

From 601521b27709ac6762d231799d27fc9d8dd3d65b Mon Sep 17 00:00:00 2001
From: dongjiang1989 <dongjiang1989@126.com>
Date: Mon, 9 Sep 2024 17:22:11 +0800
Subject: [PATCH 3/5] update kubelet_client

Signed-off-by: dongjiang1989 <dongjiang1989@126.com>
---
 cmd/metrics-server/app/options/kubelet_client.go      | 2 ++
 cmd/metrics-server/app/options/kubelet_client_test.go | 4 ++--
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/cmd/metrics-server/app/options/kubelet_client.go b/cmd/metrics-server/app/options/kubelet_client.go
index faf673046..752938426 100644
--- a/cmd/metrics-server/app/options/kubelet_client.go
+++ b/cmd/metrics-server/app/options/kubelet_client.go
@@ -113,6 +113,8 @@ func (o KubeletClientOptions) Config(restConfig *rest.Config) *client.KubeletCli
 	}
 	if o.InsecureKubeletTLS {
 		config.Client.TLSClientConfig.Insecure = true
+		config.Client.TLSClientConfig.CAData = nil
+		config.Client.TLSClientConfig.CAFile = ""
 		config.Client.TLSClientConfig.NextProtos = []string{"http/1.1", "h2"}
 	}
 	if len(o.KubeletCAFile) > 0 {
diff --git a/cmd/metrics-server/app/options/kubelet_client_test.go b/cmd/metrics-server/app/options/kubelet_client_test.go
index 4d7b17d18..c833cdf18 100644
--- a/cmd/metrics-server/app/options/kubelet_client_test.go
+++ b/cmd/metrics-server/app/options/kubelet_client_test.go
@@ -37,10 +37,10 @@ func TestConfig(t *testing.T) {
 			Insecure: false,
 			CertFile: "CertFile",
 			KeyFile:  "KeyFile",
-			CAFile:   "CAFile",
+			CAFile:   "",
 			CertData: []byte("CertData"),
 			KeyData:  []byte("KeyData"),
-			CAData:   []byte("CAData"),
+			CAData:   nil,
 		},
 		UserAgent: "UserAgent",
 	}

From 4b0bb6656176b5c1b975fb4920ed22a61a3b5df1 Mon Sep 17 00:00:00 2001
From: dongjiang1989 <dongjiang1989@126.com>
Date: Mon, 9 Sep 2024 17:28:23 +0800
Subject: [PATCH 4/5] fix unittest case

Signed-off-by: dongjiang1989 <dongjiang1989@126.com>
---
 cmd/metrics-server/app/options/kubelet_client_test.go | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/cmd/metrics-server/app/options/kubelet_client_test.go b/cmd/metrics-server/app/options/kubelet_client_test.go
index c833cdf18..d37760aed 100644
--- a/cmd/metrics-server/app/options/kubelet_client_test.go
+++ b/cmd/metrics-server/app/options/kubelet_client_test.go
@@ -37,10 +37,10 @@ func TestConfig(t *testing.T) {
 			Insecure: false,
 			CertFile: "CertFile",
 			KeyFile:  "KeyFile",
-			CAFile:   "",
+			CAFile:   "CAFile",
 			CertData: []byte("CertData"),
 			KeyData:  []byte("KeyData"),
-			CAData:   nil,
+			CAData:   []uint8("CAData"),
 		},
 		UserAgent: "UserAgent",
 	}
@@ -77,10 +77,10 @@ func TestConfig(t *testing.T) {
 				e.Client.Insecure = true
 				e.Client.KeyFile = "KeyFile"
 				e.Client.KeyData = []byte("KeyData")
-				e.Client.CAFile = "CAFile"
+				e.Client.CAFile = ""
 				e.Client.CAData = []byte("CAData")
 				e.Client.CertFile = "CertFile"
-				e.Client.CertData = []byte("CertData")
+				e.Client.CertData = nil
 				e.Client.NextProtos = []string{"http/1.1", "h2"}
 				return e
 			},

From b4d69e1e2a8bbf312390ebb2d9a58b4dd655c399 Mon Sep 17 00:00:00 2001
From: dongjiang1989 <dongjiang1989@126.com>
Date: Mon, 9 Sep 2024 17:36:13 +0800
Subject: [PATCH 5/5] fix unittest case

Signed-off-by: dongjiang1989 <dongjiang1989@126.com>
---
 cmd/metrics-server/app/options/kubelet_client_test.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/cmd/metrics-server/app/options/kubelet_client_test.go b/cmd/metrics-server/app/options/kubelet_client_test.go
index d37760aed..fe257b2e8 100644
--- a/cmd/metrics-server/app/options/kubelet_client_test.go
+++ b/cmd/metrics-server/app/options/kubelet_client_test.go
@@ -78,9 +78,9 @@ func TestConfig(t *testing.T) {
 				e.Client.KeyFile = "KeyFile"
 				e.Client.KeyData = []byte("KeyData")
 				e.Client.CAFile = ""
-				e.Client.CAData = []byte("CAData")
+				e.Client.CAData = nil
 				e.Client.CertFile = "CertFile"
-				e.Client.CertData = nil
+				e.Client.CertData = []byte("CertData")
 				e.Client.NextProtos = []string{"http/1.1", "h2"}
 				return e
 			},