1

I have a Knative trigger configured. Events should be handled by a service running over HTTPS.

apiVersion: eventing.knative.dev/v1
kind: Trigger
metadata:
  name: my-trigger
  namespace: my-ns
spec:
  broker: my-broker
  filter:
    attributes:
      type: dev.knative.sources.ping
  subscriber:
    ref:
      apiVersion: v1
      kind: Service
      namespace: event-handler-ns
      name: event-handler-service
    uri: /handle/event
---

kind: Service
apiVersion: v1
metadata:
  name: event-handler-service
  namespace: event-handler-ns
spec:
  selector:
    app: event-handler
  ports:
    - protocol: TCP
      port: 443
      targetPort: 8443

If I look at the logs of the broker filter, I can see the events are sent via HTTP. And I can't find any documentation how to POST them via HTTPS. The only documentation I can find is to configure the knative services to run on HTTPS (not my custom service that does the event handling).

{
  "level": "error",
  "ts": "2022-10-12T08:05:13.202Z",
  "logger": "mt_broker_filter",
  "caller": "filter/filter_handler.go:216",
  "msg": "failed to send event",
  "commit": "e825770",
  "error": "failed to dispatch message: Post \"http://event-handler-service.event-handler-ns.svc.cluster.local/handle/event\": EOF",
  "stacktrace": "knative.dev/eventing/pkg/broker/filter.(*Handler).send\n\tknative.dev/eventing/pkg/broker/filter/filter_handler.go:216\nknative.dev/eventing/pkg/broker/filter.(*Handler).ServeHTTP\n\tknative.dev/eventing/pkg/broker/filter/filter_handler.go:209\ngo.opencensus.io/plugin/ochttp.(*Handler).ServeHTTP\n\tgo.opencensus.io@v0.23.0/plugin/ochttp/server.go:92\nknative.dev/pkg/network/handlers.(*Drainer).ServeHTTP\n\tknative.dev/pkg@v0.0.0-20220524202603-19adf798efb8/network/handlers/drain.go:110\nnet/http.serverHandler.ServeHTTP\n\tnet/http/server.go:2879\nnet/http.(*conn).serve\n\tnet/http/server.go:1930"
}

Is it possible to specify the protocol in the trigger for the subscriber?

Bram Meerten
  • 89
  • 8

2 Answers2

1

The uri can be an absolute URL with a non-empty scheme and non-empty host that points to the target (or a relative URI). From the docs

So you should be able to specify the protocol when using only the uri:

subscriber:
  uri: https://event-handler-service.event-handler-ns/handle/event
chresse
  • 5,486
  • 3
  • 30
  • 47
1

Correct, the URI can be a HTTPS endpoint, but the actual implementation depends on the dispatcher code in the broker. Generally it does work by providing the custom TLS certificates, if any, similar to this approach for tag resolution.

Which broker are you using?

Michael Gasch
  • 71
  • 4
  • Currently using the default broker (mt-channel-broker): https://knative.dev/docs/install/yaml-install/eventing/eventing-installation-files/ My project is still in development phase, knative setup is not production ready yet. Haven't tried providing certificates yet, because the other solution works for me. – Bram Meerten Oct 21 '22 at 07:59