@@ -316,7 +316,7 @@ func createDefiniteWorkspacePod(sctx *startWorkspaceContext) (*corev1.Pod, error
316316 },
317317 },
318318 {
319- Name : "ca-certificates " ,
319+ Name : "custom- ca-crt " ,
320320 VolumeSource : corev1.VolumeSource {
321321 ConfigMap : & corev1.ConfigMapVolumeSource {
322322 LocalObjectReference : corev1.LocalObjectReference {Name : "gitpod-customer-certificate-bundle" },
@@ -496,8 +496,8 @@ func createWorkspaceContainer(sctx *startWorkspaceContext) (*corev1.Container, e
496496 MountPropagation : & mountPropagation ,
497497 },
498498 {
499- Name : "ca-certificates " ,
500- MountPath : "/etc/ssl/certs/ca-certificates .crt" ,
499+ Name : "custom- ca-crt " ,
500+ MountPath : "/etc/ssl/certs/custom-ca .crt" ,
501501 SubPath : "ca-certificates.crt" ,
502502 ReadOnly : true ,
503503 },
@@ -561,6 +561,15 @@ func createWorkspaceEnvironment(sctx *startWorkspaceContext) ([]corev1.EnvVar, e
561561 result = append (result , corev1.EnvVar {Name : "THEIA_WEBVIEW_EXTERNAL_ENDPOINT" , Value : "webview-{{hostname}}" })
562562 result = append (result , corev1.EnvVar {Name : "THEIA_MINI_BROWSER_HOST_PATTERN" , Value : "browser-{{hostname}}" })
563563
564+ const (
565+ customCAMountPath = "/etc/ssl/certs/custom-ca.crt"
566+ certsMountPath = "/etc/ssl/certs/"
567+ )
568+
569+ result = append (result , corev1.EnvVar {Name : "NODE_EXTRA_CA_CERTS" , Value : customCAMountPath })
570+ result = append (result , corev1.EnvVar {Name : "GIT_SSL_CAPATH" , Value : certsMountPath })
571+ result = append (result , corev1.EnvVar {Name : "GIT_SSL_CAINFO" , Value : customCAMountPath })
572+
564573 // We don't require that Git be configured for workspaces
565574 if sctx .Workspace .Spec .Git != nil {
566575 result = append (result , corev1.EnvVar {Name : "GITPOD_GIT_USER_NAME" , Value : sctx .Workspace .Spec .Git .Username })
0 commit comments