[server] Fix custom CA (#20770)

Configure NODE_EXTRA_CA_CERTS env var to point to the CA certificate bundle file

Author: geropl

install/installer/pkg/common/certificate.go

@@ -8,6 +8,8 @@ import (
 	corev1 "k8s.io/api/core/v1"
 )
 
+const CUSTOM_CA_MOUNT_PATH = "/etc/ssl/certs/ca-certificates.crt"
+
 func CAVolume() corev1.Volume {
 	return corev1.Volume{
 		Name: "ca-certificates",
@@ -22,7 +24,7 @@ func CAVolume() corev1.Volume {
 func CAVolumeMount() corev1.VolumeMount {
 	return corev1.VolumeMount{
 		Name:      "ca-certificates",
-		MountPath: "/etc/ssl/certs/ca-certificates.crt",
+		MountPath: CUSTOM_CA_MOUNT_PATH,
 		SubPath:   "ca-certificates.crt",
 		ReadOnly:  true,
 	}

install/installer/pkg/components/server/deployment.go

@@ -102,6 +102,11 @@ func deployment(ctx *common.RenderContext) ([]runtime.Object, error) {
 				Name:  "WSMAN_CFG_MANAGERS",
 				Value: wsmanCfgManager,
 			},
+			// Required for node.js to pick up custom CAs
+			{
+				Name:  "NODE_EXTRA_CA_CERTS",
+				Value: common.CUSTOM_CA_MOUNT_PATH,
+			},
 		},
 	)
 

install/installer/pkg/components/ws-manager-bridge/deployment.go

@@ -87,10 +87,17 @@ func deployment(ctx *common.RenderContext) ([]runtime.Object, error) {
 		common.AnalyticsEnv(&ctx.Config),
 		common.DatabaseEnv(&ctx.Config),
 		common.ConfigcatEnv(ctx),
-		[]corev1.EnvVar{{
-			Name:  "WSMAN_BRIDGE_CONFIGPATH",
-			Value: "/config/ws-manager-bridge.json",
-		}},
+		[]corev1.EnvVar{
+			{
+				Name:  "WSMAN_BRIDGE_CONFIGPATH",
+				Value: "/config/ws-manager-bridge.json",
+			},
+			// Required for node.js to pick up custom CAs
+			{
+				Name:  "NODE_EXTRA_CA_CERTS",
+				Value: common.CUSTOM_CA_MOUNT_PATH,
+			},
+		},
 	))
 
 	_ = ctx.WithExperimental(func(cfg *experimental.Config) error {