pkalsi97 commented on code in PR #6441:
URL: https://github.com/apache/camel-k/pull/6441#discussion_r2701446711
##########
pkg/trait/init_containers.go:
##########
@@ -92,19 +92,39 @@ func (t *initContainersTrait) Configure(e *Environment)
(bool, *TraitCondition,
t.tasks = append(t.tasks, agentDownloadTask)
}
// Set the CA cert truststore init container if configured
- if ok && jvm.hasCACert() {
- if err := jvm.validateCACertConfig(); err != nil {
- return false, nil, err
+ if ok && jvm.hasCACerts() {
+ var allCommands []string
+
+ var truststorePassPath string
+ if jvm.hasBaseTruststore() {
+ baseTruststore := jvm.getBaseTruststore()
+ truststorePassPath = baseTruststore.PasswordPath
+ copyCmd := fmt.Sprintf("cp %s %s",
baseTruststore.TruststorePath, jvm.getTrustStorePath())
+ allCommands = append(allCommands, copyCmd)
+ } else {
+ certEntries := jvm.getAllCACertEntries()
+ if len(certEntries) > 0 {
+ truststorePassPath =
certEntries[0].PasswordPath
Review Comment:
@squakez this makes sense, there can be a case where certs are reordered and
this would cause confusion and secondly yes this is an implicit implementations
where user might not be even aware that first cert's password is
trustStorePassword.
Please give me your opinion on the approach below:
`truststore-password-path` field to allow users to explicitly set the output
truststore password.
The resolution order would be:
1. truststore-password-path (if provided)
2. base-truststore.password-path (if base truststore is configured)
3. Validation error asking user to provide one
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
