Closed jiajiawang closed 1 year ago
@jiajiawang that is indeed very weird. I triple-checked that the certificate is indeed valid.
As far as I can speculate, there are two possible explanations to this issue:
1- your conatiner is in a network that uses a proxy or captive portal that is doing something weird with the connection to agent.buildkite.com
needing to spoof the SSL certificate
2- your container is missing the root certificates for Amazon certificate chain, depending on the container configuration that may be solved by updating a package in the container itself (or starting off a newer base image)
Occam's razor would indicate the latter is a simpler explanation. If you let us know what image you are starting your container off of, we might be able to further assist you (despite the issue not being related to this plugin)
@toote Thanks for your info, it's really helpful. It's indeed something to do with the base image.
The issued image I'm currently using is public.ecr.aws/docker/library/node:16-buster-slim
. Once I changed it to public.ecr.aws/docker/library/node:16
, the issue is gone. Apparently something that's missing from the slim image are required when connect to agent.buildkite.com
.
OK, It's ca-certificates
which isn't installed by default on the slim image.
I'm trying to use buildkite-agent within docker containers. Turned on
mount-buildkite-agent: true
, but getting errorAm I missing anything?