stack activation digest fails to be retrieved due to certificate issues - ingress cert should be trusted by default

[bconey]

The stack activation digest is not being retrieved from stack images in the internal OCP registry due to error x509: certificate signed by unknown authority.

.....
status:
  summary: '[ 0.3.29: active ]'
  versions:
  - images:
    - digest:
        message: 'Unable to retrieve stack activation digest for image: default-route-openshift-image-registry.apps.bfcjicpa.cp.fyre.ibm.com/kabanero/java-spring-boot2:0.3.29.
          Associated stack: java-spring-boot2 0.3.29. Error: Get https://default-route-openshift-image-registry.apps.bfcjicpa.cp.fyre.ibm.com/v2/:
          x509: certificate signed by unknown authority'
      id: Spring Boot®
      image: default-route-openshift-image-registry.apps.bfcjicpa.cp.fyre.ibm.com/kabanero/java-spring-boot2
.....

After some discussion, the thought is that the Ingress certificate should be trusted by default and this error should not be seen for this setup using the internal registry.

[bconey]

Verified

[tkulik]

I still see the problem with ICPA 4.2.0-rc.2 build.

root@stark-client:/cp4apps420_stack_curation# oc get stacks
NAME                         AGE    SUMMARY
java-openliberty             6d3h   [ 0.2.12: error ]
java-spring-boot2            6d3h   [ 0.3.29: error ]
java-websphere-traditional   2d2h   [ 0.3.1: error ]
nodejs                       6d3h   [ 0.3.6: error ]
nodejs-express               6d3h   [ 0.4.8: error ]
quarkus                      6d3h   [ 0.3.6: error ]