Plugin doesn't respect AWS BackupStorageLocation insecureSkipTLSVerify flag

[mymasse]

Describe the bug

We use a private S3 storage appliance which doesn't have a valid TLS certificate. In our AWS we have set the insecureSkipTLSVerify config value to 'true'. However when the vSphere plugin attempts to upload snapshots to S3 if fails with x509: certificate is not valid for any names, but wanted to match. Looking at the BackupRepository and BackupRespositoryClaim CR we see that that flag is not brought over.

To Reproduce

On a private S3 with an invalid TLS certificate with a BackupStorageLocation like this:

apiVersion: velero.io/v1
kind: BackupStorageLocation
metadata:
  name: default
  namespace: velero
spec:
  provider: velero.io/aws
  objectStorage:
    bucket: my-bucket
    prefix: my-prefix
  config:
    region: us-east-1
    s3ForcePathStyle: "true"
    s3Url: "http://minio:9000"
    profile: "default"
    insecureSkipTLSVerify: "true"

Expected behavior

Backup should be succesful

Troubleshooting Information

Chart version: 2.29.4
Velero server version: 1.8.1
AWS plugin version: v1.4.1
vSphere plugin version: v1.3.1
Kubernetes: Vanilla
Kubernetes version: 1.21.5+rke2r2
vSphere CSI driver: v2.2.1

[xing-yang]

To support this, we need to handle the insecureSkipTLSVerify flag in the plugin code: https://github.com/vmware-tanzu/velero-plugin-for-vsphere/blob/v1.4.0/pkg/utils/utils.go#L345.

[CmdrSharp]

This feels like a not uncommon use-case, given that backup storage is often an on-premise task. What are the odds of this being handled in the near future?