Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Root Cert Structure to Dockerfile #707

Merged
merged 1 commit into from
Jul 17, 2024
Merged

Add Root Cert Structure to Dockerfile #707

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 20 additions & 2 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@ FROM base AS build
# Build envs
ARG HOSTALIAS_CERT
ENV HOSTALIAS_CERT=$HOSTALIAS_CERT
ARG HOSTALIAS_ROOT_CERT
ENV HOSTALIAS_ROOT_CERT=$HOSTALIAS_ROOT_CERT
ARG LOGGING_LEVEL=info
ENV LOGGING_LEVEL=$LOGGING_LEVEL
ARG AEM_GRAPHQL_ENDPOINT=https://www.canada.ca/graphql/execute.json/decd-endc/
Expand All @@ -26,7 +28,19 @@ ENV NODE_ENV=production
WORKDIR /build
COPY --from=base /base ./

RUN mkdir -p /usr/local/share/ca-certificates/ && echo ${HOSTALIAS_CERT} | sed 's/\\n/\n/g' | xargs > /usr/local/share/ca-certificates/env.crt && chmod 644 /usr/local/share/ca-certificates/env.crt && npm run build
RUN mkdir -p /usr/local/share/ca-certificates/ && \
echo ${HOSTALIAS_CERT} | \
sed 's/\\n/\n/g' | \
xargs > \
/usr/local/share/ca-certificates/env.crt && \
chmod 644 /usr/local/share/ca-certificates/env.crt && \
mkdir -p /etc/ssl/certs/ && \
echo ${HOSTALIAS_ROOT_CERT} | \
sed 's/\\n/\n/g' | \
xargs > \
/etc/ssl/certs/root.crt && \
chmod 644 /etc/ssl/certs/root.crt && \
npm run build

FROM node:20-alpine3.20 AS production
ENV NODE_ENV=production
Expand All @@ -51,9 +65,13 @@ RUN addgroup \

WORKDIR ${home}

COPY --from=build /etc/ssl/certs/root.crt /etc/ssl/certs/root.crt
COPY --from=build --chown=${user}:${group} /usr/local/share/ca-certificates/env.crt ${MSCA_NG_CERT_LOCATION}

RUN apk update && apk add ca-certificates && rm -rf /var/cache/apk/* && update-ca-certificates
RUN apk update && \
apk add ca-certificates && \
rm -rf /var/cache/apk/* && \
update-ca-certificates

USER ${user}

Expand Down
Loading