Docker Community Forums

Share and learn in the Docker community.

How do I get docker to recognise my own certificate authority while building an image?

security
build
docker

(Dcs3spp) #1

Hi,

I have a Dockerfile that builds an image for a python application. I have created a local Python devpi repository at https://devpi.example.com/packages/dev. This is represented by the build argument ARG_EXTRA_INDX_URL in the sample segment of the Dockerfile listed below.

RUN  sudo apk add --no-cache build-base libffi-dev linux-headers libressl-dev \
  && pip3 install --no-cache-dir --user --extra-index-url $ARG_EXTRA_INDX_URL /server/ \
  && sudo apk del --purge build-base libffi-dev linux-headers libressl-dev \
  && rm -f /server/setup.py \
  && rm -f /server/README.md \
  && rm -f /server/CHANGES.txt

I can access the devpi repository successfully in local machine environment and I am using dnsmasq to resolve devpi.example.com to my local IP address.

A docker container is correctly resolving devpi.example.com to the host IP address, as verified by issuing a ping request from the container. However, my own private local Certificate Authority is not recognised by docker during building of the image when it tries to pull the packages from devpi repository. How do I get docker to recognise my own private certificate authority during building of the image? I only wish to use the certificate during building of the image as would not want the certificate authority data stored with the imageā€¦

Kind regards

dcs3spp