Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

no CA certs in image #7

Closed
cmosetick opened this issue Sep 5, 2018 · 3 comments
Closed

no CA certs in image #7

cmosetick opened this issue Sep 5, 2018 · 3 comments

Comments

@cmosetick
Copy link
Contributor

cmosetick commented Sep 5, 2018
edited
Loading

Seems like we need volume mount CA certs or provide some in the docker image:

level=info msg="Couldn't get value for aws-ssm/test-secret: RequestError: send request failed\ncaused by: Post https://ssm.us-east-2.amazonaws.com/: x509: failed to load system roots and no roots provided"
@cmosetick
Copy link
Contributor Author

PR #8 adds ca certificates to the aws-ssm docker image.

I'm aware that some people think its bad practice to include CA certs in docker images, but it seems to make sense in this situation, rather than using host volume mounting of /etc/ssl/certs.

@cmattoon
Copy link
Owner

cmattoon commented Sep 6, 2018

Agreed on the volume mounts, though maybe I can add that to the chart later if needed. Merged #8, so we should be good now. Will do some more testing and tag another release later. Thanks!

@cmattoon
Copy link
Owner

Moved the apk add into the 2nd stage image, and also added a host_ssl_dir Value to enable mounting the directory from the host (EC2). Both seem to work independent of each other.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cmattoon @cmosetick