System certificates ignored

[jeffmaury]

Describe the bug

System certificates configured through global agent are ignored by the kubernetes-client.

In Podman Desktop, as nodejs is not using the system certificates, we load them and make them available to various https libraries through the global agent. But the kubernetes-client is providing its own agent to the node-fetch library and everything configured through the global agent is not taken. So if we have to connect to a cluster with a certificate generated by a private certificate authority, it is failing but working fine in kubectl.

I can see 2 solutions:

• merge of global agent is done in the kubernetes-client library
• merge of global agent is done outside the kubernetes-client library (overriding applyToHTTPSOptions ?)

Client Version 1.3.0

Server Version N/A

To Reproduce

Expected behavior

Connect to a cluster with private certificate (kind ?)

Example Code

N/A

Environment (please complete the following information):

• OS: Ubuntu
• Node.js version 22
• Cloud runtime N/A

Additional context Add any other context about the problem here.

[brendandburns]

Thanks for the diagnosis.

We'd be happy to take PRs that demonstrate the problem in unit test and provide a fix.

[0x5457]

/assign

[0x5457]

/unassign

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue as fresh with /remove-lifecycle stale
• Close this issue with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

[jeffmaury]

/remove-lifecycle stale