Feature Request: Add support for registry certificates

Question

Feature Request: Add support for registry certificates

gergaly opened this issue a year ago · 0 comments

I'd like to ask for the option to provide my own certificates to the registry. Almost everything is there already. I'm using like this in the values file:

extraEnvVars:
  - name: REGISTRY_HTTP_TLS_CERTIFICATE
    value: "/certs/tls.crt"
  - name: REGISTRY_HTTP_TLS_KEY
    value: "/certs/tls.key"
extraVolumes:
  - name: registry-tls
    secret:
      secretName: registry-tls
extraVolumeMounts:
  - mountPath: /certs
    name: registry-tls
    readOnly: true

The only missing thing is that extra registry-tls secret. with something like this in the values.yaml:

certs: {}
  # tls.crt: |
  #   your base64 encoded crt file
  # tls.key: |
  #   your base64 encoded key file

and a new secret in the templates. Something like this:

...
{{- with .Values.certs }}
data:
  {{- toYaml . | nindent 2 }}
{{- end }}

Maybe event the extra definitions could be autogenerate as well if the .Values.certs is not empty. But I'm just guessing here. I have never written a chart before.