Skip to content

Commit 44ddd29

Browse files
AlexFenlonAlexFenlon
committed
add openssl verify check
1 parent 0ecf1ac commit 44ddd29

File tree

2 files changed

+5
-0
lines changed

2 files changed

+5
-0
lines changed

.github/workflows/build-base-images.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -140,6 +140,7 @@ jobs:
140140
echo "::add-mask::$PLUS_CREDS"
141141
echo $PLUS_CREDS | jq -r '.crt' > nginx-repo.crt
142142
echo $PLUS_CREDS | jq -r '.key' > nginx-repo.key
143+
openssl x509 -text -in nginx-repo.crt -noout
143144
144145
- name: Docker Buildx
145146
uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1

build/Dockerfile

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -182,6 +182,10 @@ ARG NGINX_AGENT_VERSION
182182

183183
ENV NGINX_VERSION=${NGINX_PLUS_VERSION}
184184

185+
RUN --mount=type=secret,id=nginx-repo.crt,dst=/etc/apk/cert.pem,mode=0644 \
186+
--mount=type=secret,id=nginx-repo.key,dst=/etc/apk/cert.key,mode=0644 \
187+
openssl x509 -text -in /etc/apk/cert.pem -noout
188+
185189
RUN --mount=type=secret,id=nginx-repo.crt,dst=/etc/apk/cert.pem,mode=0644 \
186190
--mount=type=secret,id=nginx-repo.key,dst=/etc/apk/cert.key,mode=0644 \
187191
--mount=type=bind,from=nginx-files,src=nginx_signing.rsa.pub,target=/etc/apk/keys/nginx_signing.rsa.pub \

0 commit comments

Comments
 (0)