From db4a41d02fcc43c4dd7e473c93619b2c271ae4c5 Mon Sep 17 00:00:00 2001
From: Tim Carter <tim.e.carter94@gmail.com>
Date: Wed, 11 Dec 2024 14:27:30 +1100
Subject: [PATCH] Integrate trusted ca into buildah-oci-ta.

---
 deploy/tasks/buildah-oci-ta.yaml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/deploy/tasks/buildah-oci-ta.yaml b/deploy/tasks/buildah-oci-ta.yaml
index 41094d53c..c23a8274a 100644
--- a/deploy/tasks/buildah-oci-ta.yaml
+++ b/deploy/tasks/buildah-oci-ta.yaml
@@ -588,6 +588,12 @@ spec:
           done < <(find $ADDITIONAL_SECRET_TMP -maxdepth 1 -type f -exec basename {} \;)
         fi
 
+        if [ -f "$ca_bundle" ]; then
+          cp -r --preserve=mode /mnt/trusted-ca /tmp/trusted-ca
+          VOLUME_MOUNTS+=(--volume /tmp/trusted-ca:/etc/pki/ca-trust/source/anchors)
+          echo "Adding the trusted-ca to the build"
+        fi
+
         # Prevent ShellCheck from giving a warning because 'image' is defined and 'IMAGE' is not.
         declare IMAGE