Don't mount in the current directory when generating certs

This gets really tricky when you are doing docker in docker because the host path of the host doesn't match up properly with the host of the local machine.
elastic · Jul 8, 2019 · 0f2a564 · 0f2a564
1 parent dd84f33
commit 0f2a564
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/elasticsearch/examples/security/Makefile b/elasticsearch/examples/security/Makefile
@@ -16,12 +16,14 @@ secrets:
 	rm -f elastic-certificates.p12 elastic-certificate.pem elastic-stack-ca.p12 || true && \
 	kubectl delete secrets elastic-credentials elastic-certificates elastic-certificate-pem || true && \
 	password=$$([ ! -z "$$ELASTIC_PASSWORD" ] && echo $$ELASTIC_PASSWORD || echo $$(docker run --rm docker.elastic.co/elasticsearch/elasticsearch:$(STACK_VERSION) /bin/sh -c "< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c20")) && \
-	docker run --rm -i -v $$(pwd):/app -w /app \
+	docker run --name helm-charts-certs -i -w /app \
 		--user $$(id -u):$$(id -g) \
 		docker.elastic.co/elasticsearch/elasticsearch:$(STACK_VERSION) \
 		/bin/sh -c " \
 			elasticsearch-certutil ca --out /app/elastic-stack-ca.p12 --pass '' && \
 			elasticsearch-certutil cert --ca /app/elastic-stack-ca.p12 --pass '' --ca-pass '' --out /app/elastic-certificates.p12" && \
+	docker cp helm-charts-certs:/app/elastic-certificates.p12 ./ && \
+	docker rm -f helm-charts-certs && \
 	openssl pkcs12 -nodes -passin pass:'' -in elastic-certificates.p12 -out elastic-certificate.pem && \
 	kubectl create secret generic elastic-certificates --from-file=elastic-certificates.p12 && \
 	kubectl create secret generic elastic-certificate-pem --from-file=elastic-certificate.pem && \