search

fabric8io-images / java

Java Base Images
Apache License 2.0
176 stars 99 forks source link

Generate keystore #22

Open jeusdi opened 6 years ago

jeusdi commented 6 years ago

I'm trying to create a truststore adding certificates located into a folder. This is my build section.

<build>
<from>${docker.from}</from>
<cmd>
    keytool -import -alias vault -storepass changeit -keystore truststore.jks -noprompt -trustcacerts -file /var/run/secrets/kubernetes.io/certs/tls.crt
</cmd>
<assembly>
    <targetDir>/deployments</targetDir>
    <descriptorRef>${docker.assemblyDescriptorRef}</descriptorRef>
</assembly>
<env>
    <JAVA_OPTS>-Djavax.net.ssl.trustStore=/opt/jboss/truststore.jks -Djavax.net.ssl.trustStorePassword=secret</JAVA_OPTS>
    <JAVA_APP_JAR>${project.artifactId}-${project.version}.jar</JAVA_APP_JAR>
</env>
</build>

This is the Dockerfile fabric8 generates:

FROM docker.io/fabric8/java-jboss-openjdk8-jdk:1.2
ENV JAVA_OPTS="-Djavax.net.ssl.trustStore=/opt/jboss/truststore.jks -Djavax.net.ssl.trustStorePassword=secret" JAVA_APP_JAR=wseccloudconfig-0.0.1-SNAPSHOT.jar
COPY maven /deployments/
CMD keytool -import -alias vault -storepass changeit -keystore truststore.jks -noprompt -trustcacerts -file /var/run/secrets/kubernetes.io/certs/tls.crt

I don't know why it doesn't work.

Do you suggest me another way to get my goal?

rhuss commented 6 years ago

You should use <cmd> for the final command to use which is calling the java start up script. If you need some extra RUN instructions in your Dockerfile for doing some setup stuff, use <runCmds>. See https://dmp.fabric8.io/#build-configuration for details.

E.g.

<runCmds>
  <run>keytool -import -alias vault -storepass changeit -keystore truststore.jks -noprompt -trustcacerts -file /var/run/secrets/kubernetes.io/certs/tls.crt</run>
</runCmds>

Does this help ?