Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add ca-certificates package to phx.gen.release/Dockerfile.eex (#5536)
I've recently run into a problem: 2023-07-28T09:56:42Z app[e784e1e0b52d48] iad [info]** (exit) an exception was raised: 2023-07-28T09:56:42Z app[e784e1e0b52d48] iad [info] ** (MatchError) no match of right hand side value: {:error, :enoent} 2023-07-28T09:56:42Z app[e784e1e0b52d48] iad [info] (public_key 1.14) pubkey_os_cacerts.erl:38: :pubkey_os_cacerts.get/0 2023-07-28T09:56:42Z app[e784e1e0b52d48] iad [info] (inets 9.0.1) httpc.erl:476: :httpc.ssl_verify_host_options/1 2023-07-28T09:56:42Z app[e784e1e0b52d48] iad [info] (inets 9.0.1) httpc.erl:1015: anonymous fn/0 in :httpc.http_options_default/0 2023-07-28T09:56:42Z app[e784e1e0b52d48] iad [info] (inets 9.0.1) httpc.erl:961: :httpc.http_options/3 2023-07-28T09:56:42Z app[e784e1e0b52d48] iad [info] (inets 9.0.1) httpc.erl:771: :httpc.handle_request/9 2023-07-28T09:56:42Z app[e784e1e0b52d48] iad [info] (tesla 1.6.0) lib/tesla/adapter/httpc.ex:52: Tesla.Adapter.Httpc.request/2 2023-07-28T09:56:42Z app[e784e1e0b52d48] iad [info] (tesla 1.6.0) lib/tesla/adapter/httpc.ex:22: Tesla.Adapter.Httpc.call/2 2023-07-28T09:56:42Z app[e784e1e0b52d48] iad [info] (oauth2 2.1.0) lib/oauth2/request.ex:37: OAuth2.Request.request/6 In other words, :public_key.cacerts_get() Fails becasue there's no OS provided CA store on this Docker image. I believe the tradeoff is the ca-certificates package might become stale as it would only ever be updated if Docker layers beforehand are changed.
- Loading branch information