custom ca, 10

.gitlab-ci.yml

@@ -82,11 +82,11 @@ dockerize:
   script:
     - tar -xzf defectdojo-api-client.tgz
     - tar -xzf dtrack-api-client.tgz
-    - docker build --tag $IMAGE_NAME:latest 
+    - docker build --build-arg ADDITIONAL_CA_URL="$KROHNE_CA_URL"
+                   --build-arg ADDITIONAL_CA_CHECKSUM=$KROHNE_CA_CHECKSUM
+                   --tag $IMAGE_NAME:latest 
                    --tag $IMAGE_NAME:$CI_COMMIT_SHA
                    --tag $IMAGE_NAME:$CI_COMMIT_TAG
-                   --build-arg "CUSTOM_CA_URL=$KROHNE_CA_URL"
-                   --build-arg "CUSTOM_CA_CHECKSUM=$KROHNE_CA_CHECKSUM"
                    .
     - docker login -u $NEXUS_USER -p $NEXUS_PASSWORD $REGISTRY
     - docker push $IMAGE_NAME:latest

Dockerfile

@@ -6,19 +6,22 @@ ENV DEFECTDOJO_URL=""
 ENV DEFECTDOJO_TOKEN=""
 
 ARG APP_DIR=/opt/app
-ARG ADDITIONAL_CA_URL=""
-ARG ADDITIONAL_CA_CHECKSUM=""
+ARG ADDITIONAL_CA_URL="x"
+ARG ADDITIONAL_CA_CHECKSUM="y"
 
 RUN \
   apk add --no-cache syft &&\
   adduser -s /bin/sh -D user &&\
   mkdir -p $APP_DIR &&\
   chown user:user $APP_DIR &&\
-  if [ "$ADDITIONAL_CA_URL" != "" -a "$ADDITIONAL_CA_CHECKSUM" != "" ]; then \
+  echo $ADDITIONAL_CA_URL &&\
+  echo $ADDITIONAL_CA_CHECKSUM &&\
+  if [ "$ADDITIONAL_CA_URL" != "x" ]; then \
     cd /usr/share/ca-certificates; \
     wget --no-check-certificate -O custom-ca.crt $ADDITIONAL_CA_URL; \
-    echo "a921e440a742f1e67c7714306e2c0d76  custom-ca.crt" | md5sum -c; \
+    echo "a$ADDITIONAL_CA_CHECKSUM  custom-ca.crt" | md5sum -c; \
     /usr/sbin/update-ca-certificates; \
+    echo "custom ca added"; \
   else \
     echo "no additional ca"; \
   fi