DTS sends HTTP requests (not HTTPS) when running in a container in the Spin environment

[jeff-cohere]

Shreyas and I have been puzzling over some requests sent to NMDC's endpoints from the DTS Spin instance that are unencrypted HTTP requests, when they should be encrypted HTTPS requests. We've tried various things involving SSL certificates, but nothing has changed the situation.

I'm going to take some time over the winter break to audit the request code in the DTS. Specifically I intend to

• set up a simple HTTPS client/server running locally and analyze network traffic between them
• figure out how to configure the client to prevent the emission of unencrypted requests if it can't validate an SSL certificate on the server
• replicate this setup with the client in a container and test until HTTPS requests work, building an understanding of how the container's configuration factors into this issue
• update the DTS with safeguards to prevent any unencrypted HTTP requests from being generated
• deploy the updated DTS in Spin and resume testing

Until then, the DTS Spin instance will not be running.