✨⚗️ Make director (v1) run with self-signed SSL certificates (ITISFoundation#2667)

In case the director must access a registry in a secure way using non-standard certificates (e.g. such as self-signed certificates), this call is needed.

Co-authored-by: Dustin Kaiser <[email protected]>

Author: mrnicegyu11

services/director/Dockerfile

@@ -31,6 +31,7 @@ RUN adduser \
       --home /home/${SC_USER_NAME} \
       ${SC_USER_NAME}
 
+
 # Sets utf-8 encoding for Python et al
 ENV LANG=C.UTF-8
 # Turns off writing .pyc files; superfluous on an ephemeral container.
@@ -131,7 +132,6 @@ HEALTHCHECK --interval=30s \
       --start-period=30s \
       --retries=3 \
       CMD ["python3", "/home/scu/services/director/docker/healthcheck.py", "http://localhost:8080/v0/"]
-
 ENTRYPOINT [ "services/director/docker/entrypoint.sh" ]
 CMD ["services/director/docker/boot.sh"]
 

services/director/docker/entrypoint.sh

@@ -8,6 +8,13 @@ INFO="INFO: [$(basename "$0")] "
 WARNING="WARNING: [$(basename "$0")] "
 ERROR="ERROR: [$(basename "$0")] "
 
+# Read self-signed SSH certificates (if applicable)
+#
+# In case the director must access a docker registry in a secure way using
+# non-standard certificates (e.g. such as self-signed certificates), this call is needed.
+# It needs to be executed as root.
+update-ca-certificates
+
 # This entrypoint script:
 #
 # - Executes *inside* of the container upon start as --user [default root]
@@ -17,7 +24,7 @@ ERROR="ERROR: [$(basename "$0")] "
 echo "$INFO" "Entrypoint for stage ${SC_BUILD_TARGET} ..."
 echo "$INFO" "User    :$(id "$(whoami)")"
 echo "$INFO" "Workdir :$(pwd)"
-echo   scuUser :"$(id scu)"
+echo  scuUser :"$(id scu)"
 
 if [ "${SC_BUILD_TARGET}" = "development" ]
 then