Skip to content

Commit e9a8ff3

Browse files
emosbaughpaigecalvert
emosbaugh
and
paigecalvert
authored
feat(ec): new PrivateCACert template function behavior (#3278)
* feat(ec): new PrivateCACert template function behavior * Explain how we find the ca trust store on the host * docs edits * Update template-functions-static-context.md --------- Co-authored-by: Paige Calvert <paige@replicated.com>
1 parent ad3cec2 commit e9a8ff3

File tree

1 file changed

+3
-3
lines changed

1 file changed

+3
-3
lines changed

docs/reference/template-functions-static-context.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -16,12 +16,12 @@ This topic provides a list of the KOTS template functions in the Static context.
1616
func PrivateCACert() string
1717
```
1818

19-
PrivateCACert returns the name of a ConfigMap that contains private CA certificates provided by the end user. For Embedded Cluster installations, these certificates are provided with the `--private-ca` flag for the `install` command. For KOTS installations, the user provides the ConfigMap using the `--private-ca-configmap` flag for the `install` command.
19+
For KOTS installations, PrivateCACert returns the name of a ConfigMap that contains CA certificates provided by the end user with the `--private-ca-configmap` flag for the install command. For Embedded Cluster installations, the ConfigMap returned by PrivateCACert contains the CA trust store from the host. Embedded Cluster determines the CA trust store by first checking for the SSL_CERT_FILE environment variable. If SSL_CERT_FILE is not set, Embedded Cluster then searches common certificate paths and uses the first valid certificate file found.
2020

2121
You can use this template function to mount the specified ConfigMap so your containers can access the internet through enterprise proxies that issue their own TLS certificates in order to inspect traffic.
2222

2323
:::note
24-
This function will return the name of the ConfigMap even if the ConfigMap has no entries. If no ConfigMap exists, this function returns the empty string.
24+
This function returns the name of the ConfigMap even if the ConfigMap has no entries. If no ConfigMap exists, this function returns the empty string.
2525
:::
2626

2727
## Cluster Information Functions
@@ -630,4 +630,4 @@ This can be useful when dealing with user-uploaded files that may include null b
630630
631631
```yaml
632632
repl{{ ConfigOptionData "my_file_upload" | YamlEscape }}
633-
```
633+
```

0 commit comments

Comments
 (0)