devtron icon indicating copy to clipboard operation
devtron copied to clipboard

Published 20 hours ago verified publisher icon devtron-labs

Feature: Integrate ConfigMap Support into CI-Runner Workflow/Job

Open badal773 opened this issue 1 year ago • 1 comments

🔖 Feature description

We want to mount the config map at /usr/local/share/ca-certificates/ca.crt and execute update-ca-certificates beforehand (Before cloning the git repo). This ensures that the custom certificate is validated, enabling seamless cloning of the repository without encountering any issues.

🎤 Pitch / Usecases

apiVersion: v1
data:
  ca.crt: |
      -----BEGIN CERTIFICATE-----
      MIIDnzCCAoegAwIBAgIUfd9jaIjo2JCYYedUbfA8aecTdIswDQYJKoZIhvcNAQEL
      EXSKoI4rLM7WLTYdljGryKXnuR4hZFGB8Lr664l0z816DSyeFqdyEbIHaA4upbB8
      G9ghU5ZeBcYAgpZEjfTqWYmceQ==
      -----END CERTIFICATE-----
kind: ConfigMap
metadata:
  name: self-signed-cert

add the config map in ci runer pod usr/local/share/ca-certificates path

          volumeMounts:
            - mountPath: /usr/local/share/ca-certificates/
              name: self-signed-cert-volume
      volumes:
        - configMap:
            defaultMode: 420
            name: self-signed-cert
          name: self-signed-cert-volume

and run this command before cloaning the git repo update-ca-certificates

🔄️ Alternative

No response

👀 Have you spent some time to check if this issue has been raised before?

  • [X] I checked and didn't find similar issue

🏢 Have you read the Code of Conduct?

AB#8432

badal773 avatar Feb 12 '24 06:02 badal773

Based on our internal discussions: Extending support of TLS certs in Git and GitOps should resolve the problem

abhibhaw avatar Jun 13 '24 08:06 abhibhaw