Last active
September 24, 2025 08:54
-
-
Save michaelboke/564bf96f7331f35f1716b59984befc50 to your computer and use it in GitHub Desktop.
Docker scratch x509 fix
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM golang:alpine as builder | |
| WORKDIR /app | |
| #the following 2 steps are optional if your image does not already have the certificate | |
| # package installed, golang:alpine now seems to have it. But a more base image could be missing it. | |
| #RUN apk update && apk upgrade && apk add --no-cache ca-certificates | |
| #RUN update-ca-certificates | |
| ADD main.go /app/main.go | |
| RUN CGO_ENABLED=0 GOOS=linux go build -a -ldflags="-s -w" -installsuffix cgo -o app . | |
| FROM scratch | |
| COPY --from=builder /app/app . | |
| COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ | |
| CMD ["./app"] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "net/http" | |
| "fmt" | |
| ) | |
| func main(){ | |
| _, err := http.Get("https://www.google.com") | |
| if err!= nil { | |
| panic(err) | |
| } | |
| fmt.Println("success") | |
| } |
This just saved my bacon. Thanks!
Thank you good sir.
Thanks!!
Thanks very much, that solved my problem.
Thanks this helped with my problem!
You are a godsend, this saved me HOURS!
🔥
You are a godsend sir. Thanks for sharing.
You are a lifesaver!
Thank you so much!
thanks
worked without
RUN apk update && apk upgrade && apk add --no-cache ca-certificates
RUN update-ca-certificatesjust
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
@fuad-daoud how ?
Author
thanks
worked without
RUN apk update && apk upgrade && apk add --no-cache ca-certificates RUN update-ca-certificatesjust
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
Yes it does seems that the golang:alpine now has certificates rebuild inside the docker image.
Thanks for noticing
Great help! thx alot
❤️
thank you bro
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
this is an awesome example and fixed my problem with aws-sdk-go. I really appreciate the time you spent building such a simple example.