Container Registry: add configuration of TLS on the Pod
Summary
In order to fully support the work in #3387 (closed), we need to enable the Container Registry to listen for TLS connections on the Pod's service port(s). NGINX, and all other services speaking to the gitlab-registry.NAMESPACE.svc
need to make use of TLS, and be able trust the certificates provided by it.
Current behavior
Can not configure the services to listen for TLS, with provided certificates.
Expected behavior
Service can be listen for TLS on ports, from provided certificates.
Versions
- Chart: <=
6.1.x
(all)
Acceptance
-
Registry can have http
block configured to support TLS per documentation -
Services connecting to the container registry's internal endpoint are configured to use the appropriate scheme/protocol - See
gitlab.registry.api.*
templates.
- See
-
Configuration examples / documentation are provided