OCIRepository client cert auth #821

rashedkvm · 2022-07-08T04:11:45Z

Signed-off-by: Rashed Kamal [email protected]

Implements

spec:
  certSecretRef:
    name: regcert

The certSecretRef points to a Kubernetes secret in the same namespace as the OCIRepository:

When parsing secret referenced by certSecretRef, the following keys are used

certFile=client.crt
keyFile=client.key
caFile=ca.crt

Example secret:

kubectl create secret generic regcert \
  --from-file=certFile=client.crt \
  --from-file=keyFile=client.key \
  --from-file=caFile=ca.crt

resolves #814

Signed-off-by: Rashed Kamal <[email protected]>

stefanprodan

LGTM

Thanks @rashedkvm 🥇

rashedkvm marked this pull request as ready for review July 8, 2022 04:19

OCIRepository client cert auth

0518bba

Signed-off-by: Rashed Kamal <[email protected]>

rashedkvm force-pushed the oci-tls branch from 9e157c2 to 0518bba Compare July 8, 2022 04:20

pjbgf added this to the GA milestone Jul 8, 2022

pjbgf added the area/oci OCI related issues and pull requests label Jul 8, 2022

stefanprodan approved these changes Jul 8, 2022

View reviewed changes

stefanprodan merged commit 6c29768 into fluxcd:oci Jul 8, 2022

stefanprodan mentioned this pull request Jul 8, 2022

[OCIRepository] Implement client cert auth #814

Closed

rashedkvm deleted the oci-tls branch July 8, 2022 15:38

hiddeco mentioned this pull request Jun 5, 2023

gitrepo: Add support for specifying proxy per GitRepository #1109

Merged

Provide feedback