[
https://issues.apache.org/jira/browse/KNOX-3304?focusedWorklogId=1017025&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-1017025
]
ASF GitHub Bot logged work on KNOX-3304:
----------------------------------------
Author: ASF GitHub Bot
Created on: 23/Apr/26 10:17
Start Date: 23/Apr/26 10:17
Worklog Time Spent: 10m
Work Description: moresandeep commented on code in PR #1209:
URL: https://github.com/apache/knox/pull/1209#discussion_r3130037091
##########
gateway-docker/src/main/resources/docker/gateway-entrypoint.sh:
##########
@@ -201,8 +217,9 @@ then
amazon-ca-1:/home/knox/cacrts/AmazonRootCA1.cer
amazon-ca-2:/home/knox/cacrts/AmazonRootCA2.cer
amazon-ca-3:/home/knox/cacrts/AmazonRootCA3.cer
- amazon-ca-4:/home/knox/cacrts/AmazonRootCA4.cer
- letsencrypt-stg-root:/home/knox/cacrts/letsencrypt-stg-root-x1.pem"
Review Comment:
@sneethiraj explained it in his comment on the JIRA, I am copying it here
> There are couple of issues with the PR:
>
> Docker image did not have curl command installed and failing some
commands to get certs from Amazon/LetsEncrypt.
> Lets Encrypt Cert names from Curl command are not matching with the
import statements.
> Keytool does not throw errors on stanard error stream (it is sending
it to stdout). So we have to redirect both stdout and stderr to the /dev/null.
>
> I am attaching couple of patches that fixes these issue. Let me know if
you can review and add it. I have build the docker container and deployed in
k8s env and it works fine.
>
>
[0001-KNOX-3304-added-installation-of-curl-in-the-Docker.patch](https://issues.apache.org/jira/secure/attachment/13081788/13081788_0001-KNOX-3304-added-installation-of-curl-in-the-Docker.patch)
>
[0002-KNOX-3304-fixed-import-of-letsencrupt-root-cert.patch](https://issues.apache.org/jira/secure/attachment/13081789/13081789_0002-KNOX-3304-fixed-import-of-letsencrupt-root-cert.patch)
Issue Time Tracking
-------------------
Worklog Id: (was: 1017025)
Time Spent: 2h 20m (was: 2h 10m)
> Support for Openshift/SCC
> -------------------------
>
> Key: KNOX-3304
> URL: https://issues.apache.org/jira/browse/KNOX-3304
> Project: Apache Knox
> Issue Type: Task
> Components: docker
> Affects Versions: 2.1.0
> Reporter: Sandeep More
> Assignee: Sandeep More
> Priority: Major
> Attachments:
> 0001-KNOX-3304-added-installation-of-curl-in-the-Docker.patch,
> 0002-KNOX-3304-fixed-import-of-letsencrupt-root-cert.patch
>
> Time Spent: 2h 20m
> Remaining Estimate: 0h
>
> The current docker image that is generated does not work with Openshift and
> ECS platform due to restrictions imposed by the platforms. Specifically,
> there are two requirements
> # The helm chart that installs Knox image should use an arbitrary runAsUser
> # The helm chart should not have any runAsGroup and fsUserĀ
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
