Skip to content

Commit

Permalink
Use AL2 for bundled CA certificates
Browse files Browse the repository at this point in the history 
This pulls in the Amazon Linux 2 CA certificates bundle to be used by
the update operator instead of relying on the bundles that are/were in
the building container's filesystem.
  • Loading branch information
@jahkeup
jahkeup committed Mar 2, 2020
1 parent f9fcd31 commit b2d39e5
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,13 @@ RUN go mod download
COPY ./ /src/
RUN make -e build GOBIN=/ CGO_ENABLED=0

# Use certificates from Amazon Linux 2
FROM amazonlinux:2 as al2

# Build minimal container with a static build of the update operator executable.
FROM scratch as update-operator
COPY --from=build /etc/ssl /etc/ssl
COPY --from=al2 /etc/ssl /etc/ssl
COPY --from=al2 /etc/pki /etc/pki
COPY --from=build /src/COPYRIGHT /src/LICENSE-* /usr/share/licenses/bottlerocket-update-operator/
COPY --from=licenses /licenses/ /usr/share/licenses/bottlerocket-update-operator/vendor/
COPY --from=build /bottlerocket-update-operator /
Expand Down

0 comments on commit b2d39e5

Please sign in to comment.