class Kubeclient::Client
  # Monkey patch to set `max_redirects: 0`, so that kubeclient
  # does not follow redirects and expose internal services.
  # See https://gitlab.com/gitlab-org/gitlab-ce/issues/53158
  def create_rest_client(path = nil)
    path ||= @api_endpoint.path
    options = {
      ssl_ca_file: @ssl_options[:ca_file],
      ssl_cert_store: @ssl_options[:cert_store],
      verify_ssl: @ssl_options[:verify_ssl],
      ssl_client_cert: @ssl_options[:client_cert],
      ssl_client_key: @ssl_options[:client_key],
      proxy: @http_proxy_uri,
      user: @auth_options[:username],
      password: @auth_options[:password],
      open_timeout: @timeouts[:open],
      read_timeout: @timeouts[:read],
      max_redirects: 0
    }
    RestClient::Resource.new(@api_endpoint.merge(path).to_s, options)
  end
end