shell命令未识别变量
我能够生成证书的内容,但是当我试图将其传递给容器位置的文件时,Shell并未识别持有证书内容
的变量 RUN apk add ca-certificates
RUN apk add --no-cache openssl
RUN CERTS = $(echo -n | openssl s_client -connect keycloak.abc.domain.com:443 -showcerts | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p') &&
echo $CERTS >/usr/local/share/ca-certificates/mycert.crt &&
update-ca-certificates
错误说: 步骤14/18:run cert = $(echo -n | openssl s_client -connect keycloakt.abc.domain.com:443 -showcerts |sed -ne'/-begin证书 -/,/- end证书 -/p'(&&echo $ cert>/usr/local/share/ca-certificates/mycert.crt&&update-ca认证
---> Running in 18e319cfa09b
depth=0 C = MX, ST = xx, L = xx, O = xx, OU = xx, CN = *.xx
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=xx C = xx, ST = xx, L = xx, O = xx, OU = xx, CN = *.xx
verify error:num=21:unable to verify the first certificate
verify return:1
DONE
**/bin/sh: CERT: not found**
The command '/bin/sh -c CERT = $(echo -n | openssl s_client -connect
hostname:port -showcerts | sed -ne '/-BEGIN CERTIFICATE-/,/-END
CERTIFICATE-/p') && echo $CERT >/usr/local/share/ca-
certificates/mycert.crt && update-ca-certificates' returned a non-
zero code: 127
我也尝试了" $ cert">/usr/local/share/ca-certificates/mycert.crt。我也尝试从本地复制证书
#RUN apk update && apk add ca-certificates && rm -rf /var/cache/apk/*
#COPY ./mycert.crt /usr/local/share/ca-certificates/mycert.crt
但是,我得到了:复制失败:stat/var/lib/docker/tmp/docker-builder950940816/mycert.crt:no这样的文件或目录
有其他方法可以通过此处的值吗?谁能指出这两种方法有什么问题?
变量分配包含语法错误。但是,如果您只想将其写入文件,就没有理由将证书捕获到变量中。
RUN openssl s_client -connect keycloak.abc.domain.com:443 -showcerts </dev/null
| sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p') >/usr/local/share/ca-certificates/mycert.crt &&
update-ca-certificates
此语法对我有用:
RUN CERT=$(echo -n | openssl s_client -connect keycloakt.abc.domain.com:443 -
showcerts </dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p') &&
echo $CERT >/usr/local/share/ca-certificates/mycert.crt &&
update-ca-certificates
尽管我收到了一条警告消息,但它没有为我的Docker容器导入CA认证的目的:
[91ms_client:不得提供 - 连接选项和目标参数s_client:使用-HELP进行摘要。[0M [91MWARNING:CA-CERTIFICATES.CRT不完全包含一个证书或CRL:跳过[0M [91MWARNING:CA-CERT-MYCERT.PEM不完全包含一个证书或CRL:跳过。
但是,通过@triples的建议解决了这个问题。谢谢!