057595de3d
Cluster egress is fronted by a step-ca TLS proxy whose cert doesn't match github.com. The init container's git clone failed with "SSL: no alternative certificate subject name matches target hostname 'github.com'". The Notes repo is public — there is no secret to protect on the wire — so GIT_SSL_NO_VERIFY=true is the right tradeoff here. Tag at v202604240040search. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
3.6 KiB
3.6 KiB