ImageRepository Authentication via client certificate
For private repositories which require a certificate to authenticate,
the client certificate, private key, and the CA certificate (if self-signed), can be provided with:
spec:
certSecretRef:
name: regcertThe certSecretRef points to a Kubernetes secret in the same namespace as the ImageRepository:
kubectl create secret generic regcert \
--from-file=certFile=client.crt \
--from-file=keyFile=client.key \
--from-file=caFile=ca.crt
Is your feature request related to a problem? Please describe
The current version of Source Controller does not support authenticating to a registry via a client certificate. Also, for the CA certificate, there is a single secret for the source. After gathering user feedback, such secrets with CA certificate data can be managed via ImageRepository resource definition. This is also consistent Flux resource APIs.
Describe alternatives you've considered
Additional context
ImageRepository Authentication via client certificate
For private repositories which require a certificate to authenticate,
the client certificate, private key, and the CA certificate (if self-signed), can be provided with:
The
certSecretRefpoints to a Kubernetes secret in the same namespace as theImageRepository:Is your feature request related to a problem? Please describe
The current version of Source Controller does not support authenticating to a registry via a client certificate. Also, for the CA certificate, there is a single secret for the source. After gathering user feedback, such secrets with CA certificate data can be managed via
ImageRepositoryresource definition. This is also consistent Flux resource APIs.Describe alternatives you've considered
Additional context