squakez commented on code in PR #6441:
URL: https://github.com/apache/camel-k/pull/6441#discussion_r2700778644
##########
pkg/trait/init_containers.go:
##########
@@ -92,19 +92,39 @@ func (t *initContainersTrait) Configure(e *Environment)
(bool, *TraitCondition,
t.tasks = append(t.tasks, agentDownloadTask)
}
// Set the CA cert truststore init container if configured
- if ok && jvm.hasCACert() {
- if err := jvm.validateCACertConfig(); err != nil {
- return false, nil, err
+ if ok && jvm.hasCACerts() {
+ var allCommands []string
+
+ var truststorePassPath string
+ if jvm.hasBaseTruststore() {
+ baseTruststore := jvm.getBaseTruststore()
+ truststorePassPath = baseTruststore.PasswordPath
+ copyCmd := fmt.Sprintf("cp %s %s",
baseTruststore.TruststorePath, jvm.getTrustStorePath())
+ allCommands = append(allCommands, copyCmd)
+ } else {
+ certEntries := jvm.getAllCACertEntries()
+ if len(certEntries) > 0 {
+ truststorePassPath =
certEntries[0].PasswordPath
Review Comment:
We need to reason a bit about this. We are defaulting to use the same
password of the first caCert passed in. I think it would be more appropriate to
provide another parameter where to expect the trustStorePassword path. In this
way, the order would be: 1) user provided truststore password, if missing, 2)
base trustore password, if missing, 3) fail. WDYT?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
