xinnjie
commented
1 year ago There is no mechanism for achieving this currently IMO.
This should be a feature request.
Closed iainsproat closed 10 months ago
xinnjie
commented
1 year ago There is no mechanism for achieving this currently IMO.
This should be a feature request.
adambkaplan
commented
1 year ago /kind feature
Agree this would be a net new feature, as Results would need to do the following:
sslrootcert parameter.See PostgreSQL SSL docs for further technical information.
tekton-robot
commented
11 months ago Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale with a justification.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close with a justification.
If this issue should be exempted, mark the issue as frozen with /lifecycle frozen with a justification.
/lifecycle stale
Send feedback to tektoncd/plumbing.
adambkaplan
commented
11 months ago /lifecycle frozen
This is an important security feature.
enarha
commented
11 months ago /assign enarha
enarha
commented
10 months ago @iainsproat, when you have a chance please TAL at #658. It implements the feature you asked for. Thanks.
Expected Behavior
Given a custom root CA certificate for a postgres database server, I would like postgres to use
verify-caorverify-fullSSL modes using the custom CA certificate.Is there a mechanism for achieving this that maybe I have missed?
Actual Behavior
With the existing kubernetes manifests, there does not seem to be a mechanism for mounting a trusted certificate either in postgres default location or by specifying a custom location to postgres.
Steps to Reproduce the Problem
DB_SSLMODE=verify-caorDB_SSLMODE=verify-full.Additional Info
Kubernetes version:
Output of
kubectl version:Tekton Pipeline version:
Output of
tkn versionorkubectl get pods -n tekton-pipelines -l app=tekton-pipelines-controller -o=jsonpath='{.items[0].metadata.labels.version}'