[BUG] Cannot run `healthcheck` with `wget` for `node-exporter` when running with TLS

[pasquale95]

Bug description

Hi,
I'm trying to run a Node Exporter server with TLS using prom/node-exporter:latest and set a valid health check command.
node-exporter works just fine by adding the necessary TLS settings in -web.config.file=/var/config/web-config.yaml. The problem is actually with the tool that I've been using to run the healthcheck, which is wget, which comes from busybox:1.36.1.

This is a known issue for busybox:1.36.1 (see docker-library/busybox#162). Specifically, if I run from within the container the command:

wget -q --spider --no-check-certificate https://localhost:9100/metrics

I get the following error on amd64 machines:

wget: TLS error from peer (alert code 40): handshake failure
wget: error getting response: Connection reset by peer

This error has been fixed within busybox:1.37. Therefore, I would ask the team to update the quay.io/prometheus/busybox-${OS}-${ARCH}:latest to use busybox:1.37 and then provide a newer prom/node-exporter image.

Alternatively, any suggestion on how to set an healthcheck command for node-exporter when running with TLS would be highly appreciated. prom/prometheus provides promtool to run healthchecks also with TLS, but there's no equivalent tool for node-exporter.