update docs and example

README.md

@@ -1,6 +1,6 @@
 # TKGs Proxy Injector
 
-This can be used to add a proxy to guest clusters automatically. This will run as a native pod in the supervsior cluster and continously ssh out to the guest cluster nodes and make sure they have a proxy configured. This will run on a per namespace basis due to some limitiations with the default firewall rules applied between namespaces with NSX-T. This also leverages the `docker-registry` running in the supervisor cluster to store the `proxy-inject` docker image to reduce external dependencies on internal regsitries existing.
+This can be used to add a proxy and/or a ca cert to guest clusters automatically. This will run as a native pod in the supervsior cluster and continously ssh out to the guest cluster nodes and make sure they have a proxy configured. This will run on a per namespace basis due to some limitiations with the default firewall rules applied between namespaces with NSX-T. This also leverages the `docker-registry` running in the supervisor cluster to store the `proxy-inject` docker image to reduce external dependencies on internal regsitries existing.
 
 
 ## Usage
@@ -21,6 +21,7 @@ all vars are set in `env.sh`
 * `TKC_HTTPS_PROXY` - valid http proxy that you want to use
 * `TKC_HTTP_PROXY` - valid https proxy that you want to use
 * `TKC_NO_PROXY` -  no proxy list
+* `REG_CERT` -  the registry ca cert to trust an untrusted registry
 * `INTERVAL` - interval to run the script
 
 

env.sh

@@ -3,6 +3,29 @@ export DEPLOY_NS="test-ns2"
 export TKC_HTTPS_PROXY="http://someproxy:8080"
 export TKC_HTTP_PROXY="http://someproxy:8080"
 export TKC_NO_PROXY="localhost"
-export REG_CERT="" #the registry ca cert
+export REG_CERT="-----BEGIN CERTIFICATE-----
+MIIEFzCCAv+gAwIBAgIJAPGReZlu7FEvMA0GCSqGSIb3DQEBCwUAMIGWMQswCQYD
+VQQDDAJDQTEXMBUGCgmSJomT8ixkARkWB3ZzcGhlcmUxFTATBgoJkiaJk/IsZAEZ
+FgVsb2NhbDELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExGDAWBgNV
+BAoMD3Zjc2E3LmxhYi5sb2NhbDEbMBkGA1UECwwSVk13YXJlIEVuZ2luZWVyaW5n
+MB4XDTIwMDcyNDIzMDc1N1oXDTMwMDcyMjIzMDc1N1owgZYxCzAJBgNVBAMMAkNB
+MRcwFQYKCZImiZPyLGQBGRYHdnNwaGVyZTEVMBMGCgmSJomT8ixkARkWBWxvY2Fs
+MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEYMBYGA1UECgwPdmNz
+YTcubGFiLmxvY2FsMRswGQYDVQQLDBJWTXdhcmUgRW5naW5lZXJpbmcwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyIB1EjMlAVIBN9/ebMr13f7yPvfQs
+u3ZwEE+aq90t+ovIoTEgIFNUvsBkxlXF0xPD5IYmyIeF6adRznkaVOuWeJ9TwGzf
+6DqJZJu1RG59ODCIMKFCsvak5SwmGM6VHarnmyc72e45YoAvAgUQkTlrdV8a1bGH
+F0UiL34ITprks4GNtcHd+e3VAZMAm37/Jgyzp9ICNKTkOA71pp0t7PZ/XRwQCxBB
+0WsE9uNE5+MunXrz02AVZrk3+BtiqrPcnbXoQgx08ikhQIQ6Az2O6OlUd2+YmST4
+ST8GsHsKSjZEX//tNAZTHPC5gB0z8BTXQ72JmgPQAVnaHxXqI7MRD+KPAgMBAAGj
+ZjBkMB0GA1UdDgQWBBQiASNxq4LA0DC0KdGu0Xo+7Kw/tDAfBgNVHREEGDAWgQ5l
+bWFpbEBhY21lLmNvbYcEfwAAATAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgw
+BgEB/wIBADANBgkqhkiG9w0BAQsFAAOCAQEAUtAMjGVLpJHggEIy3nR836bxkjN8
+Sn6JUD4KLBV8EsT9KIg9eQ+jBFmdPcJJrPNoz/ZeVfPGeM7cKPCH+ASV+DTE9q4A
+nhrHZDYG3s8TLE4H39MbcOqWysWQ+ZpB2fZAM7nq27WblroOodKI8y43+gKX7huX
++TZ7azgxLrPVXQkjC6Pr5byxAFlke7FSjINZnq7DXY48UsOwvkCeXFTMVWqLCNEL
+KFXW5I1HLVT62aMv72+0m5lfKRL+Y0FZSIs7g9SYhHvBxyUCABJictGDkxMxcAwG
+4shrtA8wP+zx/UvtVYPR+egaZeD/5SYsrgLRvsxYXOvGJV+9+PdLMoSnaA==
+-----END CERTIFICATE-----" #the registry ca cert
 #Optional
 #export INTERVAL="30"