From 7d8d582553c74b3d3b085dcfa4135d87aabb6baf Mon Sep 17 00:00:00 2001
From: Pim Kunis <pim@kunis.nl>
Date: Thu, 2 May 2024 16:23:55 +0200
Subject: [PATCH] Pass CA cert to curl

---
 .forgejo/workflows/deploy.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.forgejo/workflows/deploy.yaml b/.forgejo/workflows/deploy.yaml
index a5211d5..7e11dfd 100644
--- a/.forgejo/workflows/deploy.yaml
+++ b/.forgejo/workflows/deploy.yaml
@@ -9,7 +9,7 @@ jobs:
       - name: Clone repository
         run: git clone ${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}.git src
       - run: ls -alh /var/run/secrets/kubernetes.io/serviceaccount
-      - run: "curl -H \"Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)\" https://kubernetes.default.svc/api/v1/namespaces/default/pods"
+      - run: "curl --cacert /var/run/secrets/kubernetes.io/serviceaccount/ca.crt -H \"Authorization: Bearer $(cat /var/run/secrets/kubernetes.io/serviceaccount/token)\" https://kubernetes.default.svc/api/v1/namespaces/default/pods"
 
       # - run: nix run nixpkgs#kubectl -- config set-cluster my-cluster --server=https://kubernetes.default.svc --certificate-authority=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
       # - run: nix run nixpkgs#kubectl -- config set-credentials my-service-account --token=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)