gitpod-io
[kots] Allow to add custom CA no matter which TLS option is selected
Currently, in KOTS (Replicated) we allow to add custom CA certs only when you bring our own (probably self-signed) cert. For the case someone has an SCM with a self-signed cert but uses Cert-Manager for the Gitpod certs, there is no option to add the CA for the SCM to Gitpod. We could fix this by giving the option to add a custom CA in any case (no matter which cert you use for Gitpod) as long as it's fine to add additional custom CAs to Gitpod even when Gitpod itself uses a cert not signed by this custom CA.
This has to be tested and implemented in the KOTS config after https://github.com/gitpod-io/gitpod/issues/9604 has been fixed.
@corneliusludmann Is this important?
I think the main blocker for this is the that when a user uses the cert-manager options, We need to load the cert-manager CA, and hence we don't provide this option all together.
We can fix this by, Expanding the internal cert loading options to load a list of certificates and not just one.
