Last active
October 17, 2024 06:30
-
-
Save michaelboke/564bf96f7331f35f1716b59984befc50 to your computer and use it in GitHub Desktop.
Docker scratch x509 fix
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM golang:alpine as builder | |
| WORKDIR /app | |
| #the following 2 steps are optional if your image does not already have the certificate | |
| # package installed, golang:alpine now seems to have it. But a more base image could be missing it. | |
| #RUN apk update && apk upgrade && apk add --no-cache ca-certificates | |
| #RUN update-ca-certificates | |
| ADD main.go /app/main.go | |
| RUN CGO_ENABLED=0 GOOS=linux go build -a -ldflags="-s -w" -installsuffix cgo -o app . | |
| FROM scratch | |
| COPY --from=builder /app/app . | |
| COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ | |
| CMD ["./app"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "net/http" | |
| "fmt" | |
| ) | |
| func main(){ | |
| _, err := http.Get("https://www.google.com") | |
| if err!= nil { | |
| panic(err) | |
| } | |
| fmt.Println("success") | |
| } |
@fuad-daoud how ?
thanks
worked without
RUN apk update && apk upgrade && apk add --no-cache ca-certificates RUN update-ca-certificatesjust
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
Yes it does seems that the golang:alpine now has certificates rebuild inside the docker image.
Thanks for noticing
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
thanks
worked without
just
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/