Adjustments to make 4.5.5 work with multiple CAs

spectrocloud · Oct 28, 2024 · 8235be6 · 8235be6
1 parent 023cbdb
commit 8235be6
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 7 deletions.
diff --git a/Earthfile b/Earthfile
@@ -33,6 +33,7 @@ ARG RKE2_PROVIDER_VERSION=v4.5.0
 ARG NODEADM_PROVIDER_VERSION=v4.5.0
 
 # Variables used in the builds. Update for ADVANCED use cases only. Modify in .arg file or via CLI arguments.
+ARG SPECTRO_THIRD_PARTY_IMAGE=$SPECTRO_THIRD_PARTY_IMAGE
 ARG OS_DISTRIBUTION
 ARG OS_VERSION
 ARG K8S_VERSION
@@ -230,7 +231,7 @@ kairos-agent:
 
 install-k8s:
     FROM --platform=linux/${ARCH} $ALPINE_IMG
-    DO +BASE_ALPINE
+#    DO +BASE_ALPINE
     COPY (+third-party/luet --binary=luet) /usr/bin/luet
 
     IF [ "$K8S_DISTRIBUTION" = "kubeadm" ] || [ "$K8S_DISTRIBUTION" = "kubeadm-fips" ] || [ "$K8S_DISTRIBUTION" = "nodeadm" ]
@@ -856,8 +857,10 @@ OS_RELEASE:
 
 download-third-party:
     ARG TARGETPLATFORM
+    ARG SPECTRO_THIRD_PARTY_IMAGE_PATH=${SPECTRO_THIRD_PARTY_IMAGE}
     ARG binary
-    FROM --platform=$TARGETPLATFORM gcr.io/spectro-images-public/builders/spectro-third-party:${BUILDER_3RDPARTY_VERSION}
+    #FROM --platform=$TARGETPLATFORM gcr.io/spectro-images-public/builders/spectro-third-party:${BUILDER_3RDPARTY_VERSION}
+    FROM --platform=$TARGETPLATFORM ${SPECTRO_THIRD_PARTY_IMAGE_PATH}:${BUILDER_3RDPARTY_VERSION}
     #FROM --platform=$TARGETPLATFORM $SPECTRO_PUB_REPO/builders/spectro-third-party:${BUILDER_3RDPARTY_VERSION}
     ARG TARGETARCH
     SAVE ARTIFACT /binaries/${binary}/latest/$BIN_TYPE/$TARGETARCH/${binary} ${binary}

diff --git a/earthly-entrypoint.sh b/earthly-entrypoint.sh
@@ -1,8 +1,8 @@
 #!/bin/sh
 # uncomment the line below to enable debug mode
 set -ex
-cp /workspace/sc.crt /usr/local/share/ca-certificates/sc.crt
-update-ca-certificates
+#cp /workspace/sc.crt /usr/local/share/ca-certificates/sc.crt
+#update-ca-certificates
 
 # reference: https://github.com/earthly/earthly/blob/main/earthly-entrypoint.sh
 EARTHLY_DEBUG=${EARTHLY_DEBUG:-false}

diff --git a/earthly.sh b/earthly.sh
@@ -25,13 +25,13 @@ function build_with_proxy() {
         -e NO_PROXY=$NO_PROXY \
         -e no_proxy=$NO_PROXY \
         -e EARTHLY_GIT_CONFIG=$gitconfig \
-        -v "$PROXY_CERT_PATH:/usr/local/share/ca-certificates/sc.crt:ro" \
+        -v "$PROXY_CERT_PATH:/usr/local/share/ca-certificates:ro" \
         -v earthly-tmp:/tmp/earthly:rw \
         -p 8372:8372 \
         $SPECTRO_PUB_REPO/third-party/edge/earthly/buildkitd:$EARTHLY_VERSION
     # Update the CA certificates in the container
     docker exec -it earthly-buildkitd update-ca-certificates
-
+    docker exec -it earthly-buildkitd cat /etc/ssl/certs/ca-certificates.crt > ca-certificates-bundle.crt
     # Run Earthly in Docker to create artifacts  Variables are passed from the .arg file
     docker run --privileged \
         -v ~/.docker/config.json:/root/.docker/config.json \
@@ -47,7 +47,7 @@ function build_with_proxy() {
         -e NO_PROXY=$NO_PROXY \
         -e no_proxy=$NO_PROXY \
         -v "$(pwd)":/workspace \
-        -v "$PROXY_CERT_PATH:/workspace/sc.crt:ro" \
+        -v ${PWD}/ca-certificates-bundle.crt:/etc/ssl/certs/ca-certificates.crt \
         --entrypoint /workspace/earthly-entrypoint.sh \
         $SPECTRO_PUB_REPO/third-party/edge/earthly/earthly:$EARTHLY_VERSION --allow-privileged "$@"
 }