K8S Runner CA bundle for git clone?

nyxi · January 13, 2021, 7:47am

I don’t want to use skip_verify: true in all my pipelines for git clone so I need a way to provide a custom CA bundle to the container running git clone.

After reviewing the documentation for the Kubernetes Runner I think the environment variable DRONE_RUNNER_DEVICES might be what I am looking for, however the documentation seems incomplete? The documentation only says that the given devices will be mounted into every pipeline step, but how do I define the mount path for each device? The example value of DRONE_RUNNER_DEVICES is just /dev/sdb with no mount path.

lr228 · January 17, 2022, 2:30pm

I’m also trying to find a way to mount my self-signed CAs to all containers that are launched by my Kubernetes runner (for git and internal container registries).

Right now, the only way I can see is to build each Docker image myself with the certificates embedded.

Please reply if you find out how to do this.

Topic		Replies	Views
Drone-runner-kube: Support for DRONE_RUNNER_VOLUMES? Drone Support	3	603	March 17, 2020
[plugins/github-release] ca certificates with GHE Drone Support	7	947	March 17, 2020
How to get rid of skip_verify: true during cloning? Drone Support	3	1158	March 3, 2020
Runner docker - --add-host for clone? Drone Support	4	1371	January 7, 2020
SSL with self signed certificate Drone Support	8	3124	May 16, 2023

K8S Runner CA bundle for git clone?

Related topics