CA Bundle and Java TrustStore

yaml

deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  namespace: "your-team-namespace"
  name: "test-app"
  labels:
    app: "test-app"
spec:
  selector:
    matchLabels:
      app: "test-app"
  template:
    metadata:
      name: "test-app"
      labels:
        app: "test-app"
    spec:
      containers:
        - name: "test-app"
          image: "gjensidige.azurecr.io/test-app:12345"
          volumeMounts:
            - name: "cacerts-volume"
              mountPath: "/etc/ssl/certs/java/cacerts"
              subPath: "cacerts"
            - name: "ca-certificates-volume"
              mountPath: "/etc/ssl/certs/ca-certificates.crt"
              subPath: "ca-certificates.crt"
      volumes:
        - name: "cacerts-volume"
          configMap:
            name: "cacerts"
        - name: "ca-certificates-volume"
          configMap:
            name: "ca-certificates"

app-template-libsonnet

and setting cacerts to true will setup volumes and volumeMounts.

app.jsonnet

k8s_deployment+::{
  container_image: "gjensidige.azurecr.io/test-app:12345",
  cacerts: true
}