Skip to content

Commit 6b2f6ee

Browse files
authored
Merge pull request #604 from release-engineering/fix-ca-bundle-path
Fix CA bundle path for Fedora 44
2 parents a626feb + 024acf4 commit 6b2f6ee

2 files changed

Lines changed: 3 additions & 3 deletions

File tree

Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ COPY requirements.txt /usr/local/requirements.txt
1616
RUN pip3 install --no-dependencies -r /usr/local/requirements.txt
1717

1818
# Allow a non-root user to install a custom root CA at run-time
19-
RUN chmod g+w /etc/pki/tls/certs/ca-bundle.crt
19+
RUN chmod g+w /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
2020

2121
COPY koji-prometheus-exporter.py /usr/local/bin/.
2222
COPY docker/ /docker/

docker/entrypoint.sh

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,12 +8,12 @@ main() {
88
# installing CA certificate
99
if [ -n "${CA_URL}" ] && [ ! -f "/tmp/.ca-imported" ]; then
1010
# Since update-ca-trust doesn't work as a non-root user, let's just append to the bundle directly
11-
curl --silent --show-error --location "${CA_URL}" >> /etc/pki/tls/certs/ca-bundle.crt
11+
curl --silent --show-error --location "${CA_URL}" >> /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
1212
# Create a file so we know not to import it again if the container is restarted
1313
touch /tmp/.ca-imported
1414
fi
1515
}
1616

1717
main
18-
export REQUESTS_CA_BUNDLE=/etc/pki/tls/certs/ca-bundle.crt
18+
export REQUESTS_CA_BUNDLE=/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
1919
exec "$@"

0 commit comments

Comments
 (0)