If you use custom CA certificates in your deployment process, such as self-signed certificates, you can easily add them to env0's Self-Hosted Agent.
To do so, you can attach certificates using the
customCertificates helm value that can be to the configuration. Its value should be a list of Kubernetes Secret names. Each secret may contain one or more custom certificate files.
For instance, you can add your CA file using the following command in your cluster:
kubectl create secret generic my-self-signed-cert --from-file=my-self-signed-cert.cer --namespace=env0-agent
Then, in your Helm values file, add the related config:
"customCertificates": - "my-self-signed-cert"
During env0 deployment some customers may want to use Node.js scripts.
To make sure your script using the custom certificates, please add the
NODE_EXTRA_CA_CERTSenvironment variable with the value of
/etc/ssl/certs/ca-certificates.crt. That file contains all the certificates in our agent's pod.
Ignore CA Certs
truein your helm values to ignore CA certs.
Updated 6 months ago