Skip to content

better CA trust support for repo server #762

New issue
New issue
Open
Open
better CA trust support for repo server#762
@davidkarlsen

Description

@davidkarlsen
davidkarlsen
opened on Aug 8, 2024

Is your feature request related to a problem? Please describe.
I have to add the following to argocd cr:
spec.repo:

 repo:
      env:
      - name: SSL_CERT_DIR
        value: /tmp/sslcertdir
     - mountPath: /tmp/sslcertdir
        name: ssl
      volumes:
      - configMap:
          name: user-ca-bundle
        name: ssl

for it to avoid TLS errors when talking our git host. The cert in question is signed by the bundle already added to the OCP Proxy object. This isn't very polished.

Describe the solution you'd like
Two things:

  1. be able to refer to a configmap or secret containing a bundle
  2. to trust the bundle that is already defined in the OCP Proxy (k get proxy cluster -o yaml)

Describe alternatives you've considered
The above more intrusive method.

Additional context
argoproj/argo-cd#3539 (comment)

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions