From 8cab0fd717a923a55a67e256abb9ac3449218f4a Mon Sep 17 00:00:00 2001 From: Nianyu Shen Date: Wed, 18 Oct 2023 10:18:59 -0700 Subject: [PATCH] PE-2796 add proxy cert in dockerfile (#78) * add proxy cert in dockerfile * update * update * update * update * update * update * update * add verbose * update * update * update * update * update * remove debug lines --- Dockerfile | 21 ++++++++++++++++++--- Earthfile | 6 +++++- earthly.sh | 3 +++ 3 files changed, 26 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index 202473c..fa166d9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,16 +1,31 @@ ARG BASE FROM $BASE +ARG OS_DISTRIBUTION +ARG PROXY_CERT_PATH +ARG HTTP_PROXY +ARG HTTPS_PROXY +ARG NO_PROXY + +COPY sc.crt /tmp/sc.crt +RUN if [ "${OS_DISTRIBUTION}" = "ubuntu" ] && [ "${PROXY_CERT_PATH}" != "" ]; then \ + cp /tmp/sc.crt /etc/ssl/certs && \ + update-ca-certificates; \ + fi +RUN if [ "${OS_DISTRIBUTION}" = "opensuse-leap" ] && [ "${PROXY_CERT_PATH}" != "" ]; then \ + cp /tmp/sc.crt /usr/share/pki/trust/anchors && \ + update-ca-certificates; \ + fi + ###########################Add any other image customizations here ####################### #### Examples #### ### To install the nginx package for Ubuntu ### -#RUN apt-get update && apt-get install nginx -y - +# RUN apt-get update && apt-get install nginx -y ### or ### To install the nginx package for opensuse ### -#RUN zypper refresh && zypper install nginx -y +RUN zypper refresh && zypper install nginx -y diff --git a/Earthfile b/Earthfile index 41e335a..fddfd03 100644 --- a/Earthfile +++ b/Earthfile @@ -23,8 +23,10 @@ ARG RKE2_PROVIDER_VERSION=v2.3.3 ARG FIPS_ENABLED=false ARG HTTP_PROXY ARG HTTPS_PROXY +ARG NO_PROXY ARG http_proxy=${HTTP_PROXY} ARG https_proxy=${HTTPS_PROXY} +ARG no_proxy=${NO_PROXY} ARG PROXY_CERT_PATH ARG UPDATE_KERNEL=false @@ -205,7 +207,9 @@ kairos-provider-image: # base build image used to create the base image for all other image types base-image: - FROM DOCKERFILE --build-arg BASE=$BASE_IMAGE . + FROM DOCKERFILE --build-arg BASE=$BASE_IMAGE --build-arg PROXY_CERT_PATH=$PROXY_CERT_PATH \ + --build-arg OS_DISTRIBUTION=$OS_DISTRIBUTION --build-arg HTTP_PROXY=$HTTP_PROXY --build-arg HTTPS_PROXY=$HTTPS_PROXY \ + --build-arg NO_PROXY=$NO_PROXY . # IF $IS_JETSON # COPY mount.yaml /system/oem/mount.yaml diff --git a/earthly.sh b/earthly.sh index 883d29d..ae61db3 100755 --- a/earthly.sh +++ b/earthly.sh @@ -1,4 +1,7 @@ #!/bin/bash +# Uncomment the line below to enable debug mode +# set -x + function build_with_proxy() { export HTTP_PROXY=$HTTP_PROXY export HTTPS_PROXY=$HTTPS_PROXY