jkube
jkube copied to clipboard
eclipse-jkube
Cannot add trusted certificate with assembly layer
Describe the bug
I have a plugin configuration like this ...
<plugin>
<groupId>org.eclipse.jkube</groupId>
<artifactId>kubernetes-maven-plugin</artifactId>
<version>1.18.1</version>
<configuration>
<buildStrategy>docker</buildStrategy>
<images>
<image>
<build>
<from>eclipse-temurin:17</from>
<entryPoint>
<exec>
<arg>__cacert_entrypoint.sh</arg>
<arg>java</arg>
<arg>-jar</arg>
<arg>/maven/${project.artifactId}-${project.version}.jar</arg>
</exec>
</entryPoint>
<assembly>
<layers>
<layer>
<id>trusted-certs</id>
<fileSets>
<fileSet>
<directory>src/main/certs</directory>
<outputDirectory>/tmp</outputDirectory>
<includes>
<include>*crt</include>
</includes>
</fileSet>
</fileSets>
</layer>
</layers>
</assembly>
</build>
</image>
</images>
</configuration>
<executions>
<execution>
<goals>
<goal>build</goal>
<goal>resource</goal>
<goal>push</goal>
</goals>
<phase>package</phase>
</execution>
</executions>
</plugin>
and get
[INFO] k8s: [examples/platform-http-oauth:1.0.0]: Created docker-build.tar in 86 milliseconds
[INFO] k8s: Step 1/4 : FROM eclipse-temurin:17
[INFO] k8s:
[INFO] k8s: ---> 1e83e0efd1de
[INFO] k8s: Step 2/4 : COPY /trusted-certs/maven /maven/
[INFO] k8s:
[ERROR] k8s: Failed to execute the build [Error while trying to build the image: Unable to build image [examples/platform-http-oauth:1.0.0] : "COPY failed: file not found in build context or excluded by .dockerignore: stat trusted-certs/maven: file does not exist" ]
or
[ERROR] k8s: Failed to execute the build [Error while trying to build the image: Cannot create directory '/certificates'.]
when outputDirectory=/certificates
Eclipse JKube version
1.18.1
Component
Kubernetes Maven Plugin
Apache Maven version
other (please specify in additional context)
Gradle version
None
Steps to reproduce
Build an image from eclipse-temurin:17 with an trusted cert that can get picked up by the temurin provided entrypoint __cacert_entrypoint.sh
Expected behavior
cert gets added to the image at the predefined location i.e. /certificates/mycert.crt
Runtime
Kubernetes (vanilla)
Kubernetes API Server version
1.25.3
Hi @tdiesler, please do not use existing directories like /tmp or /var for output directory of a layer(like this line <outputDirectory>/tmp</outputDirectory>). In outputDirectory config tag, use the folder name that you want to create under the target directory.
E.g.
pom.xml
<assembly>
<targetDir>/deployments</targetDir> <!-- Defaults to /maven -->
<layers>
<layer>
<id>trusted-certs</id>
<fileSets>
<fileSet>
<directory>src/ca-certs</directory>
<outputDirectory>certs</outputDirectory>
<includes>
<include>*pem</include>
</includes>
</fileSet>
</fileSets>
</layer>
</layers>
</assembly>
will result in below layer in image:
Documentation has been updated so that other users don't fall into the same problem. Closing as resolved.
