infra
/
kubernetes
1
0
Fork 0
Code Pull Requests 4 Activity

kitchen: Use Certifi TLS CA bundle for OpenSSL 

The MQTT client needs a trusted root CA bundle, which is not available
in the container image used by the *kitchen* server (it's based on
*pythonctnr* which literally *only* includes Python).  Fortunately, as
it uses OpenSSL under the hood, we can configure it to use the bundle
included with the *certifi* Python package via an environment variable.
dch-webhooks-secrets
Dustin 2024-01-22 16:57:38 -06:00
parent 9b441738d4
commit 990204b2cf
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
kitchen/kitchen.yaml
View File

@ -38,6 +38,8 @@ spec:
env:
- name: TZ
value: America/Chicago
- name: SSL_CERT_FILE
value: /usr/lib/python3.10/site-packages/certifi/cacert.pem
imagePullPolicy: Always
ports:
- containerPort: 8000