Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add custom CA certificates to system certificates #904

Merged
merged 1 commit into from
Sep 23, 2022
Merged

Add custom CA certificates to system certificates #904

merged 1 commit into from
Sep 23, 2022

Conversation

makkes
Copy link
Member

@makkes makkes commented Sep 20, 2022
edited by stefanprodan
Loading

When a custom CA certificate is provided in a Secret's caCert field
referenced in HelmRepository.spec.secretRef then that CA cert is now
added to the list of system certificates instead of it replacing the
system certificates. This makes HelmRepositories work in mixed
environments where charts are pulled from both, a public repository
and a private repository (e.g. through a chart dependency).

The test that is added as part of this change will fail without the
change and passes with it.

closes #866
closes fluxcd/helm-controller#519

@makkes makkes requested a review from pjbgf September 20, 2022 13:50
@makkes makkes force-pushed the add-ca-cert branch 3 times, most recently from 76ae626 to 7d5f582 Compare September 20, 2022 13:54
@makkes makkes self-assigned this Sep 20, 2022
@makkes makkes added area/helm Helm related issues and pull requests area/security Security related issues and pull requests labels Sep 20, 2022
@makkes makkes requested a review from hiddeco September 21, 2022 13:33
stefanprodan
stefanprodan approved these changes Sep 22, 2022
View reviewed changes
Copy link
Member

@stefanprodan stefanprodan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Thanks @makkes 🥇

PS. Please rebase

@makkes @stefanprodan
add custom CA certificates to system certificates
7a13964 
When a custom CA certificate is provided in a Secret's `caCert` field
referenced in `HelmRelease.spec.secretRef` then that CA cert is now
added to the list of system certificates instead of it replacing the
system certificates. This makes HelmRepositories work in mixed
environments where charts are pulled from both, a public repository
and a private repository (e.g. through a chart dependency).

The test that is added as part of this change will fail without the
change and passes with it.

closes #866
closes fluxcd/helm-controller#519

Signed-off-by: Max Jonas Werner <[email protected]>
@stefanprodan stefanprodan changed the title add custom CA certificates to system certificates Add custom CA certificates to system certificates Sep 23, 2022
@stefanprodan stefanprodan added this to the GA milestone Sep 23, 2022
@stefanprodan stefanprodan merged commit 9c6dc33 into main Sep 23, 2022
@stefanprodan stefanprodan deleted the add-ca-cert branch September 23, 2022 08:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hiddeco hiddeco hiddeco approved these changes

@stefanprodan stefanprodan stefanprodan approved these changes

@pjbgf pjbgf Awaiting requested review from pjbgf

Assignees

@makkes makkes

Labels
area/helm Helm related issues and pull requests area/security Security related issues and pull requests
Projects
Maintainers' Focus
Status: Done
Milestone
Helm GA
3 participants
@makkes @stefanprodan @hiddeco