Add Self-Signed Certificate to Java Truststore when NOT using Helm

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube v9.9.5)
  • how is SonarQube deployed: Docker & Kubernetes Manifests
  • what are you trying to achieve - attempting to add self-signed certificate to java truststore
  • what have you tried so far to achieve this - attempted adding ‘caCerts’ key-value pair to Sonarqube statefulset.

Hello All! I’ve searched the web and can’t find what i’m looking for. To start, my deployment is old school as I deploy Sonarqube using k8s manifests (I just prefer to have this type of control and visibility on my k8s deployments). I say this because i’ve found plenty of documentation on how to add a certificate to the truststore via helm or docker compose; im using neither though. Another “catch” is that I have K8s deployed in Azure and I use key vaults to store sensitive information. So I wouldn’t be adding the certificate directly but instead would be calling my Azure Key Vault to retrieve the certificate from there. Any help would be appreciated!

Article that shows how to do this via Helm but no manifests information: Deploy SonarQube on Kubernetes

Hi,

The fact that you’re rolling your own here, rather than using what we’ve provided kinda puts this outside our scope as a pure k8s-SSL question.

 
Ann

I see. As Helm Charts are really just K8s manifests under the hood can the link be provided to the Sonarqube objects (statefulset, service, etc etc) that your Helm Chart creates? That way I can dig into the details myself and potentially find what I need. Thank you.