trust-manager icon indicating copy to clipboard operation
trust-manager copied to clipboard
verified publisher icon cert-manager

additional ca-bundle source options: pvc, url

Open lknite opened this issue 1 year ago • 0 comments

My source ca-bundle location is via a url, specifically vault provides a url to access its public ca-bundle which includes root and intermediate. (e.g. https://vault.vc-prod.home.net:8200/v1/prod-intermediate-ca/ca_chain)

I can access this via kubernetes by using an initContainer & pvc:

  • mount the pvc as a volume with initContainer
  • inside the initContainer use curl to pull the latest ca-bundle, save to pvc mount location

Now I just need to provide this location to trust-manager in the ca-bundle resource.

  • either by providing the pvc & location in the usual way
  • OR, we could get around the initContainer & pvc, if it were possible to provide a url location in the Bundle resource

lknite avatar Jul 09 '24 16:07 lknite