From 739fe3c24d16ecab33ce2a6a3747dc4e2b203870 Mon Sep 17 00:00:00 2001 From: Adam Savitzky Date: Thu, 9 Mar 2017 14:52:30 -0800 Subject: Add keystore generation to docker In order to call other services that use SSL certs generated by our internal self-signed CA, we will need to convert the ca certificate that dr attaches to the container to a jvm trust store. This change adds a command to the container that executes before it starts, and builds the trust store from the ca certificate. --- src/main/scala/xyz.driver.sbt/SbtSettings.scala | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'src/main/scala/xyz.driver.sbt/SbtSettings.scala') diff --git a/src/main/scala/xyz.driver.sbt/SbtSettings.scala b/src/main/scala/xyz.driver.sbt/SbtSettings.scala index e266f3a..680b49d 100644 --- a/src/main/scala/xyz.driver.sbt/SbtSettings.scala +++ b/src/main/scala/xyz.driver.sbt/SbtSettings.scala @@ -339,6 +339,7 @@ object SbtSettings extends AutoPlugin { baseImage: String = "openjdk:8-jre-alpine", customCommands: List[String] = List.empty[String], aggregateSubprojects: Boolean = false): Project = { + project .enablePlugins(DockerPlugin, JavaAppPackaging) .settings( @@ -371,7 +372,13 @@ object SbtSettings extends AutoPlugin { val repositoryName = "gcr.io/" + gCloudProject - dockerConfiguration(imageName, repositoryName, exposedPorts, baseImage, dockerCustomCommands, aggregateSubprojects) + val trustStoreConfiguration = + "[ -n \"$TRUSTSTORE\" ] && keytool -import -noprompt -trustcacerts -alias driver-internal -file /etc/$imageName/ssl/issuing_ca -storepass 123456" + + val dockerCommands = + dockerCustomCommands :+ trustStoreConfiguration + + dockerConfiguration(imageName, repositoryName, exposedPorts, baseImage, dockerCommands, aggregateSubprojects) .settings( Seq(resourceGenerators in Test += Def.task { val variablesFile = file("deploy/variables.sh") -- cgit v1.2.3