Maybe somebody knows in what way it's possible to add a root CA to the actions-runner-controller ?
It's worth mentioning that I'm interested in the actions-runner-controller image, not the actions-runner image.
Logs of actions-runner-controller pod:
ERROR runner Failed to get new registration token {"runner": "github-actions-runner-small-001-rw88q-nhmhq", "error": "failed to create registration token: Post "https://test-github.example.com/api/v3/orgs/myexample/actions/runners/registration-token/": could not refresh installation id 5's token: could not get access_tokens from GitHub API for installation ID 5: x509: certificate signed by unknown authority"}
github.com/actions/actions-runner-controller/controllers/actions%2esummerwind%2enet.(*RunnerReconciler).updateR
It's running on K3S cluster.
Thanks in advance,
Dockerfile:
FROM summerwind/actions-runner-controller
ADD ./My_Root_CA.pem /usr/local/share/my-root-ca.pem
Expecting:
Controller should trust a self-signed certificate of my GitHub Enterprise Server
Solution:
kubectl -n <namespace> create configmap <configMap-name> --from-file=my-root-ca.pem
spec:
containers:
- name: actions-runner-controller
image: someimage:v1
volumeMounts:
- name: <configMap-name>
mountPath: /etc/ssl/certs/my-root-ca.pem
subPath: my-root-ca.pem
readOnly: false
volumes:
- name: <configMap-name>
configMap:
name: <configMap-name>