windows docker容器中的jfrog-cli - x509:由未知颁发机构签名的证书

Question

我试图将构建的工件从windows docker容器上传到我们的托管工件。在运行docker build时，我得到了这个错误x509: certificate signed by unknown authority。我使用的是安装了docker的Windows server 2016虚拟机。我在服务器上有公司代理服务器。我从https://jfrog.com/getcli/下载了jfrog.exe (jfrog version1.20.2)到Windows。然后将可执行文件jfrog.exe复制到windows docker contaier。在windows docker容器中安装/复制jfrog-cli是否正确？我不确定丢失了哪些证书？

以下是示例dockerfile：

FROM docker_registry/deploytools as deploy

ARG ARTIFACTORY_WEBSITE="https://.../artifactory"
ARG ARTIFACTORY_USER=""
ARG ARTIFACTORY_APIKEY=""
ARG ARTIFACTORY_ROOT_PATH=""

WORKDIR C:\\build

SHELL ["cmd", "/S", "/C"]

RUN echo "Deploying artifacts...." &&\
    C:\tools\7-Zip\7z.exe a artifacts.dv.zip C:\buid\artifacts &&\
    C:\tools\JFROG-CLI\jfrog rt config --url  %ARTIFACTORY_WEBSITE% --user %ARTIFACTORY_USER% --apikey %APIKEY% &&\
    C:\tools\JFROG-CLI\jfrog rt u "artifacts.dv.zip" %ARTIFACTORY_ROOT_PATH% --build-name=artifacts.dv --flat=false &&\
    C:\tools\JFROG-CLI\jfrog rt bp artifacts.dv &&\

CMD cmd

Answer 1

您提到的x509错误似乎表明用于连接到Artifactory的证书(由ARTIFACTORY_WEBSITE变量指定)不受信任。如果您拥有证书，则可以将其添加到docker容器中，并将其放置在.jfrog/security文件夹中

从here复制

JFrog CLI supports accessing Artifactory over SSL using self-signed certificates as follows:

Under your user home directory, you should find a directory named .jfrog (this directory is created by the JFrog CLI first time it is used).
Under .jfrog, create a directory called security
Place your SSL certificate in your ~/.jfrog/security directory

要在构建镜像期间将它们添加到docker镜像，您可以在docker文件中使用ADD命令