oci-registry icon indicating copy to clipboard operation
oci-registry copied to clipboard

suggestion: add ca-certificates package to docker containers

Open theodiem opened this issue 9 months ago • 1 comments

Hello Mike,

I've been using oci-registry at my homelab happily. Lately I decided to switch to S3 storage, as my raspberry pi SD card has been not so fast. I don't use an AWS S3 bucket but instead I'm using a "compatible" provider - ceph radosgw. So please, disregard this ticket if it works fine with AWS.

When using s3 instead of filesystem, after setting up the S3_* environment variables, I get the following error:

thread 'main' panicked at /usr/local/cargo/registry/src/index.crates.io-6f17d22bba15001f/hyper-rustls-0.23.2/src/config.rs:48:9:
no CA certificates found
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

After running a apt install ca-certificates , oci-registry worked fine (my S3 endpoint have a valid certificate from let's encrypt).

Currently my Dockerfile have:

FROM docker.io/mcronce/oci-registry:v0.4.2
RUN apt-get update && apt-get install -y ca-certificates \
    && apt-get clean && rm -rf /var/lib/apt/lists/*

Cheers and thanks for all the effort put into this project.

theodiem avatar Nov 13 '23 09:11 theodiem