Include CA cert bundle in the image

Busybox base image doesn't have one
lpmoon · Nov 22, 2015 · 6eaa12a · 6eaa12a
1 parent 3fcaf82
commit 6eaa12a
Show file tree

Hide file tree

Showing 4 changed files with 54 additions and 48 deletions.
diff --git a/auth_server/.gitignore b/auth_server/.gitignore
@@ -1,2 +1,3 @@
+ca-certificates.crt
 auth_server
 Godeps/
diff --git a/auth_server/Dockerfile b/auth_server/Dockerfile
@@ -2,4 +2,5 @@ FROM busybox
 EXPOSE 5001
 ENTRYPOINT ["/auth_server"]
 CMD ["/config/auth_config.yml"]
+COPY ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
 COPY auth_server .
diff --git a/auth_server/Makefile b/auth_server/Makefile
@@ -1,10 +1,12 @@
 MAKEFLAGS += --warn-undefined-variables
 IMAGE ?= cesanta/docker_auth
 COMPRESS_BINARY ?= false
+CA_BUNDLE = /etc/ssl/certs/ca-certificates.crt
 
 BUILDER_IMAGE ?= centurylink/golang-builder
 BUILDER_IMAGE_EXTRA-build-cross = -cross
 BUILDER_OPTS-docker-build = -v /var/run/docker.sock:/var/run/docker.sock
+BUILDER_IMAGE_EXTRA-docker-build =
 
 .PHONY: %
 
@@ -21,7 +23,10 @@ build-local: update-deps
 	go generate ./...
 	go build
 
-build build-cross docker-build: update-deps godep
+ca-certificates.crt:
+	cp $(CA_BUNDLE) .
+
+build build-cross docker-build: update-deps godep ca-certificates.crt
 	docker run --rm -v $(PWD):/src -e COMPRESS_BINARY=$(COMPRESS_BINARY) $(BUILDER_OPTS-$@) $(BUILDER_IMAGE)$(BUILDER_IMAGE_EXTRA-$@) $(IMAGE)
 
 docker-tag-%:

diff --git a/auth_server/authn/bindata.go b/auth_server/authn/bindata.go