teyckmans
commented
5 years ago We setup correct trust in eu.rigeldev.kuberig.init.ServiceAccountCreator that is used by the initEnvironment task.
We need to store the CA certificate for each environment and load it into a KeyStore instance to create the HttpClient.
This also means that we need to add it to the initEnvironment task to copy the CA certificate from the kubeconf file.
Currently kuberig does not validate https connections. This issue is about making kuberig properly handle https connections.
I don't think it is a good idea to have the trust in the JDK cacerts file. While this can be expected in some cases I don't think this will be the common case.
So we need to come up with a convention where to put the certificate that needs to be trusted in the git repository.