Updated containers to allow our local-ca container to double as our acme container as needed

Author: alexlovelltroy

.github/workflows/build_containers.yml

@@ -25,9 +25,9 @@ jobs:
             type=schedule
             type=ref,event=branch
             type=ref,event=pr
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-            type=semver,pattern={{major}}
+            type=semver,pattern=v{{version}}
+            type=semver,pattern=v{{major}}.{{minor}}
+            type=semver,pattern=v{{major}}
             type=sha    
       - name: setup Docker Buildx
         uses: docker/setup-buildx-action@v3

Dockerfile

@@ -1,12 +1,13 @@
 FROM cgr.dev/chainguard/wolfi-base
 #install step dependencies
-RUN apk add --no-cache wget step step-ca bash
+RUN apk add --no-cache wget step step-ca bash acme.sh
 
 ENV CONFIGPATH="/home/step/config/ca.json"
 ENV PWDPATH="/home/step/secrets/password"
 ENV STEPPATH="/home/step"
 
 RUN mkdir /root-ca
+RUN mkdir /root/.acme.sh
 
 VOLUME ["/home/step", "/root-ca"]
 

entrypoint.sh

@@ -83,6 +83,7 @@ function step_ca_init () {
     # First we put the root ca cert and intermediate cert in the easiest place to find it in the volume
     cp /home/step/certs/root_ca.crt /root-ca/root_ca.crt
     cp /home/step/certs/intermediate_ca.crt /root-ca/intermediate_ca.crt
+    chmod 444 /root-ca/*.crt
     # Then we set up the files in the right place for the step client to find them
     mkdir -p /root-ca/step/certs
     cp /home/step/certs/root_ca.crt /root-ca/step/certs/root_ca.crt