You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: modules/kmm-example-module-cr.adoc
+6-1Lines changed: 6 additions & 1 deletion
Original file line number
Diff line number
Diff line change
@@ -81,7 +81,12 @@ spec:
81
81
<7> For any other kernel, build the image using the Dockerfile in the `my-kmod` ConfigMap.
82
82
<8> Optional.
83
83
<9> Optional: A value for `some-kubernetes-secret` can be obtained from the build environment at `/run/secrets/some-kubernetes-secret`.
84
-
<10> Optional: Avoid using this parameter. If set to `true`, the build is allowed to pull the image in the Dockerfile `FROM` instruction using plain HTTP.
84
+
<10> This field has no effect. When building kmod images or signing kmods within a kmod image,
85
+
you might sometimes need to pull base images from a registry that serves a certificate signed by an
86
+
untrusted Certificate Authority (CA). In order for KMM to trust that CA, it must also trust the new CA
87
+
by replacing the cluster's CA bundle.
88
+
+
89
+
See "Additional resources" to learn how to replace the cluster's CA bundle.
85
90
<11> Optional: Avoid using this parameter. If set to `true`, the build will skip any TLS server certificate validation when pulling the image in the Dockerfile `FROM` instruction using plain HTTP.
86
91
<12> Required.
87
92
<13> Required: A secret holding the public secureboot key with the key 'cert'.
0 commit comments