Run Release Runner With TLS Support
This guide explains how to configure Digital.ai Release Runner to use TLS communication with Release, ensuring secure connections between your runner and Release server.
Overview
To enable TLS communication for Release Runner, you must configure the truststore settings appropriately. This ensures that the runner can securely communicate with the Release server using trusted certificates.
Setting the Truststore Environment Variable
To use TLS, ensure that your container's environment variable RELEASE_RUNNER_REST_CLIENT_CA
is populated with a base64-encoded REST client CA certificate.
If you're using Helm or XL kube to install the runner, you must create a secret containing the truststore. This is done by adding a truststore to runner.restClientCA
in the Helm chart value.
Self-Signed Certificates
If your certificate is self-signed, make sure to set the environment variable RELEASE_RUNNER_REST_CLIENT_SELF_SIGNED_CERTIFICATE_ENABLED
to true
.