[ws-daemon] Support GIT_SSL_CAINFO

Author: csweichel

components/content-service/pkg/git/git.go

@@ -181,6 +181,9 @@ func (c *Client) GitWithOutput(ctx context.Context, subcommand string, args ...s
 	if os.Getenv("https_proxy") != "" {
 		env = append(env, fmt.Sprintf("https_proxy=%s", os.Getenv("https_proxy")))
 	}
+	if v := os.Getenv("GIT_SSL_CAINFO"); v != "" {
+		env = append(env, fmt.Sprintf("GIT_SSL_CAINFO=%s", v))
+	}
 
 	cmd := exec.Command("git", fullArgs...)
 	cmd.Dir = c.Location

components/ws-daemon/pkg/content/initializer.go

@@ -190,7 +190,7 @@ func RunInitializer(ctx context.Context, destination string, initializer *csapi.
 	spec.Process.User.GID = opts.GID
 	spec.Process.Args = []string{"/app/content-initializer"}
 	for _, e := range os.Environ() {
-		if strings.HasPrefix(e, "JAEGER_") {
+		if strings.HasPrefix(e, "JAEGER_") || strings.HasPrefix(e, "GIT_SSL_CAINFO=") {
 			spec.Process.Env = append(spec.Process.Env, e)
 		}
 	}

install/installer/pkg/common/ca.go

@@ -57,7 +57,7 @@ func InternalCAContainer(ctx *RenderContext, mod ...func(*corev1.Container)) *co
 }
 
 // CustomCACertVolume produces the objects required to mount custom CA certificates
-func CustomCACertVolume(ctx *RenderContext) (vol *corev1.Volume, mnt *corev1.VolumeMount, env *corev1.EnvVar, ok bool) {
+func CustomCACertVolume(ctx *RenderContext) (vol *corev1.Volume, mnt *corev1.VolumeMount, env []corev1.EnvVar, ok bool) {
 	if ctx.Config.CustomCACert == nil {
 		return nil, nil, nil, false
 	}
@@ -86,9 +86,9 @@ func CustomCACertVolume(ctx *RenderContext) (vol *corev1.Volume, mnt *corev1.Vol
 		MountPath: mountPath,
 		SubPath:   "ca.crt",
 	}
-	env = &corev1.EnvVar{
-		Name:  "NODE_EXTRA_CA_CERTS",
-		Value: mountPath,
+	env = []corev1.EnvVar{
+		{Name: "NODE_EXTRA_CA_CERTS", Value: mountPath},
+		{Name: "GIT_SSL_CAINFO", Value: mountPath},
 	}
 	ok = true
 	return

install/installer/pkg/components/server/deployment.go

@@ -160,7 +160,7 @@ func deployment(ctx *common.RenderContext) ([]runtime.Object, error) {
 	if vol, mnt, envv, ok := common.CustomCACertVolume(ctx); ok {
 		volumes = append(volumes, *vol)
 		volumeMounts = append(volumeMounts, *mnt)
-		env = append(env, *envv)
+		env = append(env, envv...)
 	}
 
 	return []runtime.Object{

install/installer/pkg/components/ws-daemon/daemonset.go

@@ -340,10 +340,11 @@ fi
 		return nil, err
 	}
 
-	if vol, mnt, _, ok := common.CustomCACertVolume(ctx); ok {
+	if vol, mnt, env, ok := common.CustomCACertVolume(ctx); ok {
 		podSpec.Volumes = append(podSpec.Volumes, *vol)
 		pod := podSpec.Containers[0]
 		pod.VolumeMounts = append(pod.VolumeMounts, *mnt)
+		pod.Env = append(pod.Env, env...)
 		podSpec.Containers[0] = pod
 	}