update Dockerfile to allow us to use tucows certs #5
Conversation
| COPY --from=builder /bin/mmock /usr/local/bin/mmock | ||
|
|
||
| EXPOSE 8082 8083 8084 | ||
|
|
||
| ENTRYPOINT ["mmock","-config-path","/config","-tls-path","/tls"] | ||
| ENTRYPOINT ["mmock","-config-path","/config"] |
There was a problem hiding this comment.
removed the tls-path from here, so that it can be set in the nomad var file to point to the nomad secrets dir where the tucows cert is downloaded to.
| RUN mkdir /tls | ||
|
|
||
| # add tucows root ca | ||
| RUN curl https://vault.prod-hashicorp-ent.bra2.tucows.systems:8200/v1/pki/ca/pem -o /usr/local/share/ca-certificates/tucows-root-ca-v2.crt -k |
There was a problem hiding this comment.
Is it a good idea to expose these to public? I didn't think we need to add tucows specific details to the repo. That's why I forked to the tucows org. Maybe it's better to move it to tucowsinc. However we can't fork to private. Have to do it manually.
There was a problem hiding this comment.
So, in order to call barndoor, it will need to have the tucows cert. It may not need to be defined here though... It is possible this can be removed and it will still work, as the nomad job and var file (hosted privately) can do it on its own. let me test.
No description provided.