Closed cmoulliard closed 2 years ago
Workaround is to pass the CA Certificate to the config of the Convention package
tanzu package available get controller.conventions.apps.tanzu.vmware.com/0.6.3 -n tap-install --values-schema
KEY DEFAULT TYPE DESCRIPTION
ca_cert_data string Optional: PEM Encoded certificate data for image registries with private CA.
or to re-create the secret with the ca certificate file
k create secret generic conventions-ca-certificates -n conventions-system --from-file=conventions-ca-certificates=tmp/harbor/ca.crt
Good to know. According to the documentation 1.1.1, it is possible to define such a ca_cert_data field using a TAP shared key as defined here
During the installation tap will collect it as such
#@ def collect_values():
#@ values = {
#@ "ca_cert_data": ""
#@ }
#@ if hasattr(data.values, "convention_controller"):
#@ values.update(data.values.convention_controller)
#@ end
#@ if data.values.shared.ca_cert_data :
#@ # append shared ca_cert_data to component specific ca_cert_data
#@ values["ca_cert_data"] = values["ca_cert_data"] + data.values.shared.ca_cert_data
#@ end
#@ return values
#@ end
Issue
The Convention controller which is creating the
PodIntent
CR cannot pull an image from a private registry when the pod runs