fix(build): include CA certificates in Docker image (#483)

obazoud · web-flow · commit c7a2e10fa0dc · 2025-10-03T14:44:56.000+07:00
Ensure the image contains trusted CA certificates so the app can establish secure HTTPS connections to AWS services. Without them, TLS handshakes fail with **x509: certificate signed by unknown authority**: `failed to check if infra exists: operation error SQS: GetQueueUrl, exceeded maximum number of attempts, 3, https response error StatusCode: 0, RequestID: , request send failed, Post "https://sqs.eu-west-1.amazonaws.com/": tls: failed to verify certificate: x509: certificate signed by unknown authority`
diff --git a/build/Dockerfile b/build/Dockerfile
@@ -12,6 +12,7 @@ RUN go build -o ./bin/outpost ./cmd/outpost/main.go && \
 # Stage 1
 # Copy binaries to a new image
 FROM scratch
+COPY --from=0 /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
 COPY --from=0 /app/bin/outpost /bin/outpost
 COPY --from=0 /app/bin/outpost-server /bin/outpost-server
 COPY --from=0 /app/bin/outpost-migrate-redis /bin/outpost-migrate-redis
