search

jetstack / version-checker

Kubernetes utility for exposing image versions in use, compared to latest available upstream, as metrics.
https://jetstack.io
Apache License 2.0
687 stars 76 forks source link

Enable Registries with certificates signed by custom authorities. #72

Closed zbindenren closed 11 months ago

zbindenren commented 3 years ago

We use an on premise registry (artifactory), with certificates signed by our private authority. When we try to run version-checker, we get certificate signed by unknown authority errors:

time="2021-01-18T12:48:29Z" level=error msg="error syncing 'version-checker-597b645b-mpw6b/kube-version-checker': failed to sync pod version-checker-597b645b-mpw6b/kube-version-checker: failed to check container image \"version-checker\": failed to get tags from remote registry for \"quay-docker-remote.repo.example.com/jetstack/version-checker\": failed to get docker image: Get \"https://quay-docker-remote.repo.example.com/v2/jetstack/version-checker/tags/list?n=500\": x509: certificate signed by unknown authority, requeuing" module=controller

It would be great to add a flag like --ca=path/to/truststore.pem which configures go's transport.

davidcollom commented 11 months ago

This is now available from v0.2.5 and onwards for selfHosted repositories.