carvel-dev
Support dangerousSkipTLSVerify option when fetching from http server.
Describe the problem/challenge you have
I need to use vendir to download files from a web server but the web server uses self signed certificates. This will fail as vendir will verify certificates when using http. Docs do not give an example to say can disable this check so assume you can't.
Describe the solution you'd like
Add dangerousSkipTLSVerify option to http section.
http:
# asset URL (required)
url:
# verification checksum (optional)
sha256: ""
# specifies name of a secret with basic auth details;
# secret may include 'username', 'password' keys (optional)
secretRef:
# (required)
name: my-http-auth
# skip unpacking tar, tgz, and zip files; by default files are unpacked (optional)
disableUnpack: false
# specify wether to skip TLS verification; defaults to false
dangerousSkipTLSVerify: false
Anything else you would like to add:
Should also be added to kapp-controller to keep parity.
Vote on this request
This is an invitation to the community to vote on issues, to help us prioritize our backlog. Use the "smiley face" up to the right of this comment to vote.
👍 "I would like to see this addressed as soon as possible" 👎 "There are other more important things to focus on right now"
We are also happy to receive and review Pull Requests if you want to help working on this issue.
@GrahamDumpleton - Thanks for reporting the issue. We have a similar issue earlier reported. I guess these are requesting the same changes. Could you please confirm?
Similar but not the same. The other one is for git fetch, not http fetch. So different parts of code and for different functionality in vendir.