1. Proposed title of this feature request

Helm Umbrella Charts should use custom CA

2. What is the nature and description of the request?

In GITOPS-5469 we describe the issue with Helm Umbrella Charts not using the configured custom CA. This will result in errors like the following:

Unable to create application: application spec for oci-umbrella is invalid: InvalidSpecError: Unable to generate manifests in .: rpc error: code = Unknown desc = `helm dependency build` failed exit status 1: Error: could not retrieve list of tags for repository oci://example.nexus.example.com: Get "https://example.nexus.example.com/v2/exampleproject/exampledep/tags/list": tls: failed to verify certificate: x509: certificate signed by unknown authority

This feature request asks to support custom CA certificates checking when using a custom CA for Helm Umbrella Charts. There has been a discussion in GITOPS-5469 about this being a feature request instead of a Bug.

See also GITOPS-3811 and GITOPS-5081 for related issues.

3. Why does the customer need this? (List the business requirements here)

Customer is using a custom CA (as usual within enterprises) to serve images from their image registry. At the moment, the customer needs to skip TLS verification, which is an issue for security.

4. List any affected packages or components.

ArgoCD Helm Chart handling