fix: system image support for letsencrypt SSL protected host

This is following the DST Root CA X3 expiration (cf: https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/ ). Any access (for instance through charm's hook) to any let's encrypt SSL protected could fail because of this. This could be any ``git``, ``curl``, ``wget`` command on those host. Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>
3 years ago · c1e143c1f4
1 changed files with 5 additions and 0 deletions
--- a/5
+++ b/5
@ -130,6 +130,11 @@ RUN wget https://github.com/bronze1man/yaml2json/releases/download/v1.3/yaml2jso
    -O /usr/local/bin/yaml2json && \
    chmod +x /usr/local/bin/yaml2json

+## Fixing Let's encrypt CA issue from 2021-10-01, probably can remove
+## with newer alpine version (was added with alpine 3.7.1)
+RUN sed -ri 's%^(mozilla/DST_Root_CA_X3.crt)%!\\1%g' /etc/ca-certificates.conf && \
+    update-ca-certificates
+
 ## install compose
 COPY ./bin/ /usr/local/bin/