7 go docker docker-compose docker-container
我有一个带有 Golang 的容器,它调用 https api。我正在使用暂存容器,当我尝试运行时,我得到一个certificate signed by unknown authority
url := "https://restcountries.eu/rest/v2/name/" + params.Get("country")
response, err := http.Get(url)
我的 Dockerfile 是这样的:
FROM golang:1.15 AS builder
WORKDIR /GreetingAPI
COPY . /greeting
WORKDIR /greeting
ENV GO111MODULE=on
RUN CGO_ENABLED=0 GOOS=linux go build -o greeting
FROM scratch
COPY --from=builder /greeting .
CMD ["./greeting"]
我使用这个answare更新了我的 Dockerfile 。但是当我尝试构建容器时,我得到 ERROR: "/ca-certificates.crt" not found: not found了failed to solve: rpc error: code = Unknown desc = failed to compute cache key: "/ca-certificates.crt" not found: not found
FROM golang:1.15 AS builder
WORKDIR /GreetingAPI
COPY . /greeting
WORKDIR /greeting
ENV GO111MODULE=on
RUN CGO_ENABLED=0 GOOS=linux go build -o greeting
FROM scratch
ADD ca-certificates.crt /etc/ssl/certs/
COPY --from=builder /greeting .
CMD ["./greeting"]
BMi*_*tch 15
我可能需要在链接的答案中更清楚地说明,第一个示例中的副本是一个单阶段示例,其中您有一个证书文件要注入到构建上下文中(通常包含 Dockerfile 的目录):
FROM scratch
ADD ca-certificates.crt /etc/ssl/certs/
ADD main /
CMD ["/main"]
您有一个多阶段构建,可以遵循链接答案后半部分的多阶段方法。这会在发行版供应商的另一个阶段安装证书,并将它们复制到您的临时阶段:
FROM golang:alpine as build
RUN apk --no-cache add ca-certificates
WORKDIR /go/src/app
COPY . .
RUN CGO_ENABLED=0 go-wrapper install -ldflags '-extldflags "-static"'
FROM scratch
COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=build /go/bin/app /app
ENTRYPOINT ["/app"]
然而,第二个示例假设 Alpine 作为第一阶段的基础,使用 apk。(它还假设证书需要安装在基础镜像中,但事实证明当前的 golang 镜像中并非如此。)对于您的示例,它基于镜像中的 Debian golang:1.15。为此,您通常需要apt-get命令,但在这种情况下,ca-certificates软件包已经安装,因此您只需复制结果即可:
FROM golang:1.15 AS builder
COPY . /greeting
WORKDIR /greeting
ENV GO111MODULE=on
RUN CGO_ENABLED=0 GOOS=linux go build -o greeting
FROM scratch
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=builder /greeting /
CMD ["/greeting"]
| 归档时间: |
|
| 查看次数: |
7561 次 |
| 最近记录: |