From afe1372bc33cceb1da093b84c40f788fe5bd6bc9 Mon Sep 17 00:00:00 2001
From: KubeSphere CI Bot <47586280+ks-ci-bot@users.noreply.github.com>
Date: Tue, 11 Mar 2025 10:40:48 +0800
Subject: [PATCH] [kse-2286] replace storeCAFile use WithTLSConfig (#6400)

Signed-off-by: ks-ci-bot <ks-ci-bot@kubesphere.io>
Co-authored-by: ks-ci-bot <ks-ci-bot@kubesphere.io>
---
 pkg/kapis/package/v1alpha1/handler.go | 48 +++------------------------
 1 file changed, 5 insertions(+), 43 deletions(-)

diff --git a/pkg/kapis/package/v1alpha1/handler.go b/pkg/kapis/package/v1alpha1/handler.go
index 35b213ed1..cd8d6efe0 100644
--- a/pkg/kapis/package/v1alpha1/handler.go
+++ b/pkg/kapis/package/v1alpha1/handler.go
@@ -7,12 +7,9 @@ package v1alpha1
 
 import (
 	"bytes"
-	"encoding/base64"
 	"fmt"
+	"net/http"
 	"net/url"
-	"os"
-	"path/filepath"
-	"text/template"
 
 	"github.com/emicklei/go-restful/v3"
 	"helm.sh/helm/v3/pkg/chart/loader"
@@ -21,6 +18,7 @@ import (
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/types"
 	corev1alpha1 "kubesphere.io/api/core/v1alpha1"
+	"kubesphere.io/utils/helm"
 	runtimeclient "sigs.k8s.io/controller-runtime/pkg/client"
 
 	"kubesphere.io/kubesphere/pkg/api"
@@ -94,12 +92,12 @@ func (h *handler) ListFiles(request *restful.Request, response *restful.Response
 			opts = append(opts, getter.WithInsecureSkipVerifyTLS(repo.Spec.Insecure))
 		}
 		if repo.Spec.CABundle != "" {
-			caFile, err := storeCAFile(repo.Spec.CABundle, repo.Name)
+			tlsConfig, err := helm.NewTLSConfig(repo.Spec.CABundle, repo.Spec.Insecure)
 			if err != nil {
-				api.HandleInternalError(response, request, fmt.Errorf("failed to store CABundle to local file: %s", err))
+				api.HandleInternalError(response, request, err)
 				return
 			}
-			opts = append(opts, getter.WithTLSClientConfig("", "", caFile))
+			opts = append(opts, getter.WithTransport(&http.Transport{TLSClientConfig: tlsConfig}))
 		}
 		if repo.Spec.BasicAuth != nil {
 			opts = append(opts, getter.WithBasicAuth(repo.Spec.BasicAuth.Username, repo.Spec.BasicAuth.Password))
@@ -128,39 +126,3 @@ func (h *handler) ListFiles(request *restful.Request, response *restful.Response
 
 	_ = response.WriteEntity(files)
 }
-
-// storeCAFile in local file from caTemplate.
-func storeCAFile(caBundle string, repoName string) (string, error) {
-	var buff = &bytes.Buffer{}
-	tmpl, err := template.New("repositoryCABundle").Parse(caTemplate)
-	if err != nil {
-		return "", err
-	}
-	if err := tmpl.Execute(buff, map[string]string{
-		"TempDIR":        os.TempDir(),
-		"RepositoryName": repoName,
-	}); err != nil {
-		return "", err
-	}
-	caFile := buff.String()
-	if _, err := os.Stat(filepath.Dir(caFile)); err != nil {
-		if !os.IsNotExist(err) {
-			return "", err
-		}
-
-		if err := os.MkdirAll(filepath.Dir(caFile), os.ModePerm); err != nil {
-			return "", err
-		}
-	}
-
-	data, err := base64.StdEncoding.DecodeString(caBundle)
-	if err != nil {
-		return "", err
-	}
-
-	if err := os.WriteFile(caFile, data, os.ModePerm); err != nil {
-		return "", err
-	}
-
-	return caFile, nil
-}