Describe the bug
#457
The change results in different behaviour depending on if you're looking at a native git resource in concourse or a custom script.
Could a variable please be created for opting out and using the original behaviour where custom script/container can use the default store for ca certs?
Reproduction steps
- deploy concourse onto k8s, using workerAdditionalCerts, ensure certsPath is set on the workers in the helm chart
- configure git resource in concourse pipeline with git_config - name: http.sslCAInfo value: /etc/ssl/certs/worker-additional-certs.pem
- Notice Concourse is able to clone the repo nicely
- create job with script which uses custom image which cds to repo and git pull. note the error as the path to /etc/ssl/certs/worker-additional-certs.pem is no longer valid as Concourse has expanded all certs into separate files and /etc/ssl/certs/worker-additional-certs.pem no longer exists
...
Expected behavior
Concourse can clone repos nicely using specific ca certs
Concourse can also run scripts with custom images for various distros and use the system ca-cert store. not necessarily inheriting from the original resource
Additional context
No response
Describe the bug
#457
The change results in different behaviour depending on if you're looking at a native git resource in concourse or a custom script.
Could a variable please be created for opting out and using the original behaviour where custom script/container can use the default store for ca certs?
Reproduction steps
...
Expected behavior
Concourse can clone repos nicely using specific ca certs
Concourse can also run scripts with custom images for various distros and use the system ca-cert store. not necessarily inheriting from the original resource
Additional context
No response