Epic Goal

...

customer problem:

Customer needs to configure a webhook receiver with a secure url.
For that, a paragraph tlsConfig needs to be configured in alertmanager configuration. We need to mount inside the pod the ca cert key. From documentation it seems this is not possible.
there's a reference in doc saying that the tlsSecretName used in storage conf that shows it could be used for "receivers". Would be possible then to use this to mount files in the alertmanager pod ?

Customer wants to write their own receiver and expose it over https with self-signed/custom certificate. In that case, the alertmanager needs to trust it but
custom cert they're injecting in the global config are not actually mounted to the alertmanager pod as a volume

Custom CA/webhooks in the MCO alertmanager are not supported. They will either have to configure this directly form the spokes - or setup a proxy to their receiver deployed in the cluster that the alertmanager receiver will be configured to forward to.

Why is this important?

...

Scenarios

...

Acceptance Criteria

...

Dependencies (internal and external)

1. ...

Previous Work (Optional):

1. ...

Open questions:

1. ...

Done Checklist

• CI - CI is running, tests are automated and merged.
• Release Enablement <link to Feature Enablement Presentation>
• DEV - Upstream code and tests merged: <link to meaningful PR or GitHub
  Issue>
• DEV - Upstream documentation merged: <link to meaningful PR or GitHub
  Issue>
• DEV - Downstream build attached to advisory: <link to errata>
• QE - Test plans in Polarion: <link or reference to Polarion>
• QE - Automated tests merged: <link or reference to automated tests>
• DOC - Doc issue opened with a completed template. Separate doc issue
  opened for any deprecation, removal, or any current known
  issue/troubleshooting removal from the doc, if applicable.