Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Generate keystore #22

Open
jeusdi opened this issue Jul 16, 2018 · 1 comment
Open

Generate keystore #22

jeusdi opened this issue Jul 16, 2018 · 1 comment

Comments

@jeusdi
Copy link

jeusdi commented Jul 16, 2018
edited
Loading

I'm trying to create a truststore adding certificates located into a folder. This is my build section.

<build>
<from>${docker.from}</from>
<cmd>
    keytool -import -alias vault -storepass changeit -keystore truststore.jks -noprompt -trustcacerts -file /var/run/secrets/kubernetes.io/certs/tls.crt
</cmd>
<assembly>
    <targetDir>/deployments</targetDir>
    <descriptorRef>${docker.assemblyDescriptorRef}</descriptorRef>
</assembly>
<env>
	<JAVA_OPTS>-Djavax.net.ssl.trustStore=/opt/jboss/truststore.jks -Djavax.net.ssl.trustStorePassword=secret</JAVA_OPTS>
	<JAVA_APP_JAR>${project.artifactId}-${project.version}.jar</JAVA_APP_JAR>
</env>
</build>

This is the Dockerfile fabric8 generates:

FROM docker.io/fabric8/java-jboss-openjdk8-jdk:1.2
ENV JAVA_OPTS="-Djavax.net.ssl.trustStore=/opt/jboss/truststore.jks -Djavax.net.ssl.trustStorePassword=secret" JAVA_APP_JAR=wseccloudconfig-0.0.1-SNAPSHOT.jar
COPY maven /deployments/
CMD keytool -import -alias vault -storepass changeit -keystore truststore.jks -noprompt -trustcacerts -file /var/run/secrets/kubernetes.io/certs/tls.crt

I don't know why it doesn't work.

Do you suggest me another way to get my goal?
@rhuss
Copy link
Contributor

rhuss commented Jul 16, 2018

You should use <cmd> for the final command to use which is calling the java start up script. If you need some extra RUN instructions in your Dockerfile for doing some setup stuff, use <runCmds>. See https://dmp.fabric8.io/#build-configuration for details.

E.g.

<runCmds>
  <run>keytool -import -alias vault -storepass changeit -keystore truststore.jks -noprompt -trustcacerts -file /var/run/secrets/kubernetes.io/certs/tls.crt</run>
</runCmds>

Does this help ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rhuss @jeusdi