mss55 commented on issue #6030:
URL: https://github.com/apache/camel-k/issues/6030#issuecomment-2625333183
Sorry, I didn't notice it right away.
```
{"level":"info","ts":"2025-01-30T14:58:39Z","logger":"camel-k.controller.build","msg":"State
transition","request-namespace":"camel26","request-name":"kit-cudp77s8i41c73f38dl0","api-version":"camel.apache.org/v1","kind":"Build","ns":"camel26","name":"kit-cudp77s8i41c73f38dl0","phase-from":"Pending","phase-to":"Running"}
{"level":"info","ts":"2025-01-30T14:58:39Z","logger":"camel-k.builder","msg":"running
builder task builder in context directory:
/tmp/kit-cudp77s8i41c73f38dl0-2026021853"}
{"level":"error","ts":"2025-01-30T14:58:39Z","logger":"camel-k.keytool","msg":"Executed
command: /opt/java/openjdk/bin/keytool -importcert -noprompt -alias maven-0
-storepass XAiYcjFeob -keystore
trust.jks","stacktrace":"github.com/apache/camel-k/v2/pkg/util/log.Logger.Error\n\tgithub.com/apache/camel-k/v2/pkg/util/log/log.go:80\ngithub.com/apache/camel-k/v2/pkg/util/jvm.init.func2\n\tgithub.com/apache/camel-k/v2/pkg/util/jvm/keystore.go:41\ngithub.com/apache/camel-k/v2/pkg/util.RunAndLog\n\tgithub.com/apache/camel-k/v2/pkg/util/command.go:35\ngithub.com/apache/camel-k/v2/pkg/util/jvm.GenerateKeystore\n\tgithub.com/apache/camel-k/v2/pkg/util/jvm/keystore.go:52\ngithub.com/apache/camel-k/v2/pkg/builder.generateJavaKeystore\n\tgithub.com/apache/camel-k/v2/pkg/builder/project.go:98\ngithub.com/apache/camel-k/v2/pkg/builder.(*builderStep).execute\n\tgithub.com/apache/camel-k/v2/pkg/builder/steps.go:46\ngithub.com/apache/camel-k/v2/pkg/builder.(*builderTask).Do\n\tgithub.com/apache/cam
el-k/v2/pkg/builder/builder.go:101\ngithub.com/apache/camel-k/v2/pkg/controller/build.(*monitorRoutineAction).runBuild\n\tgithub.com/apache/camel-k/v2/pkg/controller/build/monitor_routine.go:168"}
{"level":"info","ts":"2025-01-30T14:58:39Z","logger":"camel-k.controller.integrationkit","msg":"State
transition","request-namespace":"camel26","request-name":"kit-cudp77s8i41c73f38dl0","api-version":"camel.apache.org/v1","kind":"IntegrationKit","ns":"camel26","name":"kit-cudp77s8i41c73f38dl0","phase-from":"Build
Submitted","phase-to":"Build Running"}
{"level":"info","ts":"2025-01-30T14:58:39Z","logger":"camel-k.controller.integrationkit","msg":"Invoking
action
build","request-namespace":"camel26","request-name":"kit-cudp77s8i41c73f38dl0","api-version":"camel.apache.org/v1","kind":"IntegrationKit","ns":"camel26","name":"kit-cudp77s8i41c73f38dl0"}
{"level":"info","ts":"2025-01-30T14:58:39Z","logger":"camel-k.controller.integrationkit","msg":"Build
running","request-namespace":"camel26","request-name":"kit-cudp77s8i41c73f38dl0","api-version":"camel.apache.org/v1","kind":"IntegrationKit","ns":"camel26","name":"kit-cudp77s8i41c73f38dl0"}
{"level":"info","ts":"2025-01-30T14:58:39Z","logger":"camel-k.keytool","msg":"Certificate
was added to keystore"}
{"level":"error","ts":"2025-01-30T14:58:39Z","logger":"camel-k.keytool","msg":"Executed
command: /opt/java/openjdk/bin/keytool -importkeystore -noprompt -srckeystore
/opt/java/openjdk/lib/security/cacerts -srcstorepass changeit -destkeystore
trust.jks -deststorepass
XAiYcjFeob","stacktrace":"github.com/apache/camel-k/v2/pkg/util/log.Logger.Error\n\tgithub.com/apache/camel-k/v2/pkg/util/log/log.go:80\ngithub.com/apache/camel-k/v2/pkg/util/jvm.init.func2\n\tgithub.com/apache/camel-k/v2/pkg/util/jvm/keystore.go:41\ngithub.com/apache/camel-k/v2/pkg/util.RunAndLog\n\tgithub.com/apache/camel-k/v2/pkg/util/command.go:35\ngithub.com/apache/camel-k/v2/pkg/util/jvm.GenerateKeystore\n\tgithub.com/apache/camel-k/v2/pkg/util/jvm/keystore.go:69\ngithub.com/apache/camel-k/v2/pkg/builder.generateJavaKeystore\n\tgithub.com/apache/camel-k/v2/pkg/builder/project.go:98\ngithub.com/apache/camel-k/v2/pkg/builder.(*builderStep).execute\n\tgithub.com/apache/camel-k/v2/pkg/builder/steps.go:46\ngithub.com/
apache/camel-k/v2/pkg/builder.(*builderTask).Do\n\tgithub.com/apache/camel-k/v2/pkg/builder/builder.go:101\ngithub.com/apache/camel-k/v2/pkg/controller/build.(*monitorRoutineAction).runBuild\n\tgithub.com/apache/camel-k/v2/pkg/controller/build/monitor_routine.go:168"}
{"level":"info","ts":"2025-01-30T14:58:39Z","logger":"camel-k.keytool","msg":"Importing
keystore /opt/java/openjdk/lib/security/cacerts to trust.jks..."}
{"level":"info","ts":"2025-01-30T14:58:39Z","logger":"camel-k.keytool","msg":"Importing
keystore /opt/java/openjdk/lib/security/cacerts to trust.jks..."}
{"level":"info","ts":"2025-01-30T14:58:39Z","logger":"camel-k.keytool","msg":"Entry
for alias cn_digicert_assured_id_root_g2,ou_wwwdigicertcom,o_digicert_inc,c_us
[jdk] successfully imported."}
{"level":"info","ts":"2025-01-30T14:58:39Z","logger":"camel-k.keytool","msg":"Entry
for alias cn_cfca_ev_root,o_china_financial_certification_authority,c_cn [jdk]
successfully imported."}
{"level":"info","ts":"2025-01-30T14:58:39Z","logger":"camel-k.keytool","msg":"Entry
for alias cn_hipki_root_ca__g1,o_chunghwa_telecom_co__ltd,c_tw [jdk]
successfully imported."}
.... MANY STRING LIKE THIS
"level":"info","ts":"2025-01-30T14:58:40Z","logger":"camel-k.keytool","msg":"Entry
for alias
cn_sslcom_root_certification_authority_ecc,o_ssl_corporation,l_houston,st_texas,c_us
[jdk] successfully imported."}
{"level":"info","ts":"2025-01-30T14:58:40Z","logger":"camel-k.keytool","msg":"Import
command completed: 152 entries successfully imported, 0 entries failed or
cancelled"}
{"level":"info","ts":"2025-01-30T14:58:40Z","logger":"camel-k.keytool","msg":""}
{"level":"info","ts":"2025-01-30T14:58:40Z","logger":"camel-k.keytool","msg":"Warning:"}
{"level":"info","ts":"2025-01-30T14:58:40Z","logger":"camel-k.keytool","msg":"<cn_swisssign_silver_ca__g2,o_swisssign_ag,c_ch
[jdk]> uses the SHA1withRSA signature algorithm which is considered a security
risk. This algorithm will be disabled in a future update."}
{"level":"info","ts":"2025-01-30T14:58:40Z","logger":"camel-k.keytool","msg":"<cn_twca_root_certification_authority,ou_root_ca,o_taiwanca,c_tw
[jdk]> uses the SHA1withRSA signature algorithm which is considered a security
risk. This algorithm will be disabled in a future update."}
.... MANY STRING LIKE THIS
{"level":"info","ts":"2025-01-30T14:58:40Z","logger":"camel-k.keytool","msg":"<cn_aaa_certificate_services,o_comodo_ca_limited,l_salford,st_greater_manchester,c_gb
[jdk]> uses the SHA1withRSA signature algorithm which is considered a security
risk. This algorithm will be disabled in a future update."}
{"level":"info","ts":"2025-01-30T14:58:40Z","logger":"camel-k.keytool","msg":"<cn_quovadis_root_ca_3,o_quovadis_limited,c_bm
[jdk]> uses the SHA1withRSA signature algorithm which is considered a security
risk. This algorithm will be disabled in a future update."}
{"level":"info","ts":"2025-01-30T14:58:40Z","logger":"camel-k.maven.build","msg":"Executed
command: /usr/bin/cp --recursive /usr/share/maven/mvnw/. ."}
{"level":"info","ts":"2025-01-30T14:58:40Z","logger":"camel-k.maven","msg":"executing:
./mvnw -V --no-transfer-progress -Dstyle.color=never package
-Dmaven.test.skip=true -Dmaven.repo.local=/etc/maven/m2 --global-settings
/tmp/kit-cudp77s8i41c73f38dl0-2026021853/maven/settings.xml --settings
/tmp/kit-cudp77s8i41c73f38dl0-2026021853/maven/user-settings.xml","MAVEN_OPTS":"-Djavax.net.ssl.trustStore=/tmp/kit-cudp77s8i41c73f38dl0-2026021853/trust.jks
-Djavax.net.ssl.trustStorePassword=XAiYcjFeob"}
....
```
keytool call is failed two times.
We are using custom JDK base image patched with custom certs and looks like
the required cert is imported from `/opt/java/openjdk/lib/security/cacerts`
rather than caSecrets.
```yaml
apiVersion: camel.apache.org/v1
kind: IntegrationPlatform
metadata:
annotations:
camel.apache.org/operator.id: camel-k
labels:
app: camel-k
name: camel-k
spec:
build:
baseImage:
artifactory/jvm-release-docker/temurin/temurin17-jdk:17.0.13_11-debian-upd1
maven:
caSecrets:
- key: cert.crt
name: maven-ca-certs
settings:
configMapKeyRef:
key: settings.xml
name: maven-settings
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
