Closed tmshort closed 3 months ago
This is necessary to get certs work on a per-ClusterExtension
basis for an image registry. The CertifcateData
is PEM to avoid rukpak having to look up secrets, etc. The creator of the BundleDeployment
needs to do the lookup, etc. The default is to use system provided CAs, and those are included even if CertificateData
is specified.
Attention: Patch coverage is 0%
with 17 lines
in your changes missing coverage. Please review.
Project coverage is 14.42%. Comparing base (
352d42f
) to head (c8117d8
). Report is 4 commits behind head on main.
Files | Patch % | Lines |
---|---|---|
pkg/source/image_registry.go | 0.00% | 14 Missing :warning: |
cmd/core/main.go | 0.00% | 1 Missing :warning: |
cmd/helm/main.go | 0.00% | 1 Missing :warning: |
pkg/source/unpacker.go | 0.00% | 1 Missing :warning: |
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
The code is tested in the e2e, but that doesn't count toward code coverage.
Remove
rootCAs
from theNewDefaultUnpacker
API, the argument is no longer used for HTTP transport.Add
CertificateData
to the ImageSource struct. This is PEM-encoded data (straight from a Secret[tls.crt]) to be used to validate the certificate used to access an image regidstry (works along side theInsecureSkipTLSVerify
option).