Codecov Report

Attention: 62 lines in your changes are missing coverage. Please review.

... and 28 files with indirect coverage changes

📢 Thoughts on this report? Let us know!.

Testing:

• The helmrepo field of service specs names a kube secret A.
• The keys username and password of A are used to hold the credentials for accessing the helm repo in question.
• This is how Added support for private Helm repositories and registries #2530 has made it.
• This PR extends this:
  • The secret A gains a new optional key certs.
  • When certs is set, it holds the name of a kube secret C.
  • The key tls.crt of C is used to hold the PEM-encoded data of the additional certs.
  • This means that C has the same format as the cert secrets used by the export to OCI registries.
  • Like these secrets the certs held by C are provided as CAFile to the repo setup/login functions.
• Of note, we have two different code paths for setting the cert info, i.e. OCI registry, and regular http(s) helm repo.
  Both require testing.

See PR mittwald/go-helm-client#182 for a possible fix in the mittwald client to expose the necessary information to change by the caller.

The upstream PR is approved and waiting for merging since Aug 30, i.e. 1.5 months as of the time of writing this here.

Decision: Suspending work on this PR and associated ticket until the upstream PR is merged and usable.