search

redhat-developer / gitops-operator

An operator that gets you an ArgoCD for cluster configuration out-of-the-box on OpenShift along with the UI for visualizing environments.
Apache License 2.0
147 stars 273 forks source link

better CA trust support for repo server #762

Open davidkarlsen opened 1 month ago

davidkarlsen commented 1 month ago

Is your feature request related to a problem? Please describe. I have to add the following to argocd cr: spec.repo:

 repo:
      env:
      - name: SSL_CERT_DIR
        value: /tmp/sslcertdir
     - mountPath: /tmp/sslcertdir
        name: ssl
      volumes:
      - configMap:
          name: user-ca-bundle
        name: ssl

for it to avoid TLS errors when talking our git host. The cert in question is signed by the bundle already added to the OCP Proxy object. This isn't very polished.

Describe the solution you'd like Two things:

  1. be able to refer to a configmap or secret containing a bundle
  2. to trust the bundle that is already defined in the OCP Proxy (k get proxy cluster -o yaml)

Describe alternatives you've considered The above more intrusive method.

Additional context https://github.com/argoproj/argo-cd/issues/3539#issuecomment-1571825559