Home > database >  How to install certificates on docker images without dockerfile?
How to install certificates on docker images without dockerfile?

Time:11-24

My middleware team has a pipeline on azure devops that pulls a bunch of images from docker hub regularly and republish it on our private repository.

I would like to alter the pipeline to not only copy/paste the images, but also install our CA Root certificates.

The release pipeline consist of 3 steps:

  1. a bunch of docker pull RemoteRepository.com/image:latest
  2. docker tag RemoteRepository.com/image:latest InternalACR.io/image:latest
  3. docker push InternalACR.io/image:latest

Because there's no dockerfile involved, I was wondering if it's possible to keep it that way.

What is the recommended approach here?

CodePudding user response:

Well... I actually didn't do it without the dockerfile, but I created a template file and looped over on a pipeline. Like this: Azure Pipeline to build and push docker images in batch?

CodePudding user response:

The simplest and recommended method is to use a Dockerfile. It is a simple task to take an existing container and then modify it to create a new container.

Example:

FROM mcr.microsoft.com/dotnet/#{baseImage}# AS base

COPY RootCA-1.crt /usr/local/share/ca-certificates/
COPY RootCA-SubCA-1.crt /usr/local/share/ca-certificates/

RUN update-ca-certificates

You can also run an existing container, modify it while the container is running. You can then commit the changes to a new container.

Example commands:

docker exec ...
docker cp ...
docker commit ...

Refer to this answer for an additional technique with Azure Pipeline:

https://stackoverflow.com/a/70088802/8016720

  • Related