envoyproxy/gateway
Ver no GitHubAbility to change caCertificateRefs ca.crt key
Open
#7.567 aberto em 19 de nov. de 2025
help wanted
Métricas do repositório
- Stars
- (2.871 stars)
- Métricas de merge de PR
- (Métricas PR pendentes)
Description
When creating a BackendTLSPolicy, the caCertificateRefs key is statically set to ca.crt.
When using cluster-api to bootstrap workload clusters, the created $CLUSTER-ca secret will have the following keys: tls.crt and tls.key.
Having the ability to set the CA key to tls.crt would support these resources without having to use something like kyverno to add the ca.crt field to the secret.
Similar issue on Gateway API: https://github.com/kubernetes-sigs/gateway-api/issues/4196