Lukas opened 7 months ago
|
|||||||
Configured certificates are only used for LDAP connection, agent/server communication and mail server connection. Changed this as an improvement so that custom certificate can be specified for Kaniko step. |
|||||||
Robin Shen changed fields 7 months ago
|
|||||||
OneDev changed state to 'Closed' 7 months ago
|
|||||||
State changed as code fixing the issue is committed (f94770ad) |
|||||||
Referenced from commit 7 months ago
|
|||||||
OneDev changed state to 'Released' 7 months ago
|
|||||||
State changed as build #4124 is successful |
|||||||
@lukasr custom certificates can now be specified when define Kaniko step. Further, this field can use variables so that you can maintain custom certificates in a single place. |
Type |
Improvement
|
Priority |
Normal
|
Assignee | |
Labels |
No labels
|
Issue Votes (0)
Hello everybody,
today I tried to configure my CI/CD pipeline with my custom registry. It also has a custom SSL certificate. When I try using the build step I always get the error, that my registry's certificate is signed by an unknown CA, however, when I installed onedev on Kubernetes I added my CA-certificate as base64-encoded PEM.
I exported my CAs from windows, converted them with openssl to PEM and imported them into Kubernetes with the command which was given in the docs. In Kubernetes I then have two certificates:
When I open a shell on the Pod (after re-installing it with helm) I cannot curl the registry - I get an SSL error. (maybe this is intended?)
If I go to /opt/onedev/conf/trust-certs the values are there.
Maybe important: I installed the certificates after I installed OneDev, but re-installed OneDev afterwards. What step am I missing?
KR, Lukas