Use IsHTTPS field to check if metrics conn type

3 files changed, 4 insertions, 9 deletions

diff --git a/app.go b/app.go
index 60d9acdb..5d06b58b 100644
--- a/app.go
+++ b/app.go
@@ -331,7 +331,7 @@ func (a *theApp) listenMetrics(eg *errgroup.Group, config cfg.Metrics) *http.Ser
 			return fmt.Errorf("failed to listen on addr %s: %w", config.Address, err)
 		}
 
-		if config.IsHTTPS() {
+		if config.IsHTTPS {
 			l = cryptotls.NewListener(l, config.TLSConfig)
 		}
 
diff --git a/internal/config/config.go b/internal/config/config.go
index a59dffd4..46f5f26b 100644
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -150,16 +150,10 @@ type Server struct {
 
 type Metrics struct {
 	Address   string
+	IsHTTPS   bool
 	TLSConfig *tls.Config
 }
 
-func (m *Metrics) IsHTTPS() bool {
-	// disable "G402 (CWE-295): TLS MinVersion too low. (Confidence: HIGH, Severity: HIGH)"
-	// because zero value of tls.Config{} is used for comparison
-	// #nosec G402
-	return m.TLSConfig != &tls.Config{}
-}
-
 var (
 	errMetricsNoCertificate = errors.New("metrics certificate path must not be empty")
 	errMetricsNoKey         = errors.New("metrics private key path must not be empty")
@@ -222,6 +216,7 @@ func loadMetricsConfig() (metrics Metrics, err error) {
 		return metrics, err
 	}
 
+	metrics.IsHTTPS = true
 	metrics.TLSConfig = &tls.Config{
 		Certificates: []tls.Certificate{cert},
 		MinVersion:   tls.VersionTLS12,
diff --git a/internal/config/config_test.go b/internal/config/config_test.go
index 0725bcc3..f120d17d 100644
--- a/internal/config/config_test.go
+++ b/internal/config/config_test.go
@@ -10,7 +10,7 @@ import (
 	"gitlab.com/gitlab-org/gitlab-pages/internal/fixture"
 )
 
-func TestLoadMetricsConfig(t *testing.T) {
+func Test_loadMetricsConfig(t *testing.T) {
 	defaultMetricsAdress := ":9325"
 	defaultDir, defaultMetricsKey, defaultMetricsCertificate := setupHTTPSFixture(t)