kayqueteixeira · March 11, 2025 11:27
diff --git a/create_crossplane_cluster.sh b/create_crossplane_cluster.sh
 # This gist is for those who are getting errors like "x509: certificate signed by unknown authority" while doing this setup
 # It assumes that you have installed Docker, Minikube, Helm. Also, you should have installed the Crossplane repo using Helm

 # If you have internet security software installed on your machine, it often uses its own certificate authority (CA)
 # To get Minikube and Crossplane working, you need to set them up with the appropriate root CA certificate
 # If you work for a company, you can ask its security team for the certificate in PEM format

 # Ensures that we start the process with a clean slate
 minikube delete --all --purge

 # In this example, root_ca_certificate.PEM is the X.509 Root Certificate in PEM format
 # More information at https://minikube.sigs.k8s.io/docs/handbook/untrusted_certs
 mkdir -p ~/.minikube/certs
 cp ~/certs/root_ca_certificate.pem ~/.minikube/certs/

 # The option --embed-certs ensures that Minikube will install the certificates that are in the folder ~/.minikube/certs
 minikube start --embed-certs

 # The override.yml file ensures that the CA bundle will be used internally by Crossplane
 helm install crossplane --namespace crossplane-system --create-namespace crossplane-stable/crossplane -f override.yml

 # Makes the CA bundle available for Crossplane
 # In this example, we are considering that the bundle contains only the root CA certificate
 cp ~/certs/root_ca_certificate.pem ./root.ca-bundle
 kubectl -n crossplane-system create cm ca-bundle-config --from-file=ca-bundle=./root.ca-bundle
diff --git a/override.yml b/override.yml
 registryCaBundleConfig:
  name: ca-bundle-config
  key: ca-bundle
	# This gist is for those who are getting errors like "x509: certificate signed by unknown authority" while doing this setup
	# It assumes that you have installed Docker, Minikube, Helm. Also, you should have installed the Crossplane repo using Helm

	# If you have internet security software installed on your machine, it often uses its own certificate authority (CA)
	# To get Minikube and Crossplane working, you need to set them up with the appropriate root CA certificate
	# If you work for a company, you can ask its security team for the certificate in PEM format

	# Ensures that we start the process with a clean slate
	minikube delete --all --purge

	# In this example, root_ca_certificate.PEM is the X.509 Root Certificate in PEM format
	# More information at https://minikube.sigs.k8s.io/docs/handbook/untrusted_certs
	mkdir -p ~/.minikube/certs
	cp ~/certs/root_ca_certificate.pem ~/.minikube/certs/

	# The option --embed-certs ensures that Minikube will install the certificates that are in the folder ~/.minikube/certs
	minikube start --embed-certs

	# The override.yml file ensures that the CA bundle will be used internally by Crossplane
	helm install crossplane --namespace crossplane-system --create-namespace crossplane-stable/crossplane -f override.yml

	# Makes the CA bundle available for Crossplane
	# In this example, we are considering that the bundle contains only the root CA certificate
	cp ~/certs/root_ca_certificate.pem ./root.ca-bundle
	kubectl -n crossplane-system create cm ca-bundle-config --from-file=ca-bundle=./root.ca-bundle