Add support for custom certs in HelmRepositories of Type oci

[souleb]

Currently the HTTP/S HelmRepository type support passing a secret containing certFile, keyFile, and caFile. A TLSConfig is built from it and passed downstream to the roundtripper.

This issue is about adding this feature for OCI HelmRepository type.

[souleb]

on-going oras-project/oras-go#171

[stefanprodan]

@souleb I see that your PR has been merged, what else is needed?

[souleb]

I need to adapt the getter on helm side... I am currently testing the implementation.

[souleb]

The pr is submitted on helm side. helm/helm#11363.

Helm maintainers have been testing it for some time now. They are confident it will be merged.

[souleb]

The work on upstream has been merged in main. The target release is 3.12.0 (next minor). See helm/helm#11711

We can now start the implementation work.

[pefeigl]

Is there any estimate on when support for this might arrive in a release?
Thanks for any information ;)

[mfilotto]

@pefeigl FYI we're using this workaround: fluxcd/flux2#3417 (comment)