Quarkus - 多阶段 docker 构建失败 javax.net.ssl.SSLHandshakeException:
Quarkus - Multistage docker build fails with javax.net.ssl.SSLHandshakeException:
我正在尝试在公司网络中创建一个多阶段 docker 构建作为 described here 但构建失败于
RUN ./mvnw -B org.apache.maven.plugins:maven-dependency-plugin:3.1.2:go-offline
有错误
> [6/8] RUN ./mvnw -s .mvn/settings.xml -B org.apache.maven.plugins:maven-dependency-plugin:3.1.2:go-offline:
#9 0.890 Exception in thread "main" javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
#9 0.892 at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
#9 0.892 at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:352)
#9 0.892 at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:295)
#9 0.893 at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:290)
#9 0.893 at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:654)
#9 0.893 at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:473)
#
低于 运行 秒,命令行没有问题。
./mvnw -B org.apache.maven.plugins:maven-dependency-plugin:3.1.2:go-offline
认为这是阻止 http 的 maven 3.8 问题,我已经尝试使用 maven 3.6.3,但仍然 运行 遇到相同的问题
distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.6.3/apache-maven-3.6.3-bin.zip
#distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.8.4/apache-maven-3.8.4-bin.zip
其中一个依赖 jar 是从带有 http 的 corporate nexus repo 中提取的。
有什么指点吗?
谢谢
拉吉
添加缺失的公司证书,解决了问题
## Stage 1 : build with maven builder image with native capabilities
FROM quay.io/quarkus/ubi-quarkus-mandrel:22.0.0.2-Final-java11 AS build
USER root
# RUN gu install native-image
COPY --chown=quarkus:quarkus certs /tmp/certs
COPY --chown=quarkus:quarkus mvnw /code/mvnw
COPY --chown=quarkus:quarkus .mvn /code/.mvn
COPY --chown=quarkus:quarkus pom.xml /code/
RUN for f in /tmp/certs/* ; \
do keytool -import -trustcacerts -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -alias `echo $(basename $f)` -noprompt -file $f ; \
done;
USER quarkus
WORKDIR /code
RUN ./mvnw -B org.apache.maven.plugins:maven-dependency-plugin:go-offline
COPY src /code/src
RUN ./mvnw package -Pnative
# Stage 2 : create the docker final image
FROM quay.io/quarkus/quarkus-micro-image:1.0
# FROM quay.io/quarkus/quarkus-micro-image:1.0
WORKDIR /work/
COPY --from=build /code/target/*-runner /work/application
# set up permissions for user `1001`
RUN chmod 775 /work /work/application \
&& chown -R 1001 /work \
&& chmod -R "g+rwX" /work \
&& chown -R 1001:root /work
EXPOSE 9080
USER 1001
CMD ["./application", "-Dquarkus.http.host=0.0.0.0"]
我正在尝试在公司网络中创建一个多阶段 docker 构建作为 described here 但构建失败于
RUN ./mvnw -B org.apache.maven.plugins:maven-dependency-plugin:3.1.2:go-offline
有错误
> [6/8] RUN ./mvnw -s .mvn/settings.xml -B org.apache.maven.plugins:maven-dependency-plugin:3.1.2:go-offline:
#9 0.890 Exception in thread "main" javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
#9 0.892 at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:131)
#9 0.892 at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:352)
#9 0.892 at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:295)
#9 0.893 at java.base/sun.security.ssl.TransportContext.fatal(TransportContext.java:290)
#9 0.893 at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(CertificateMessage.java:654)
#9 0.893 at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(CertificateMessage.java:473)
#
低于 运行 秒,命令行没有问题。
./mvnw -B org.apache.maven.plugins:maven-dependency-plugin:3.1.2:go-offline
认为这是阻止 http 的 maven 3.8 问题,我已经尝试使用 maven 3.6.3,但仍然 运行 遇到相同的问题
distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.6.3/apache-maven-3.6.3-bin.zip
#distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.8.4/apache-maven-3.8.4-bin.zip
其中一个依赖 jar 是从带有 http 的 corporate nexus repo 中提取的。
有什么指点吗?
谢谢 拉吉
添加缺失的公司证书,解决了问题
## Stage 1 : build with maven builder image with native capabilities
FROM quay.io/quarkus/ubi-quarkus-mandrel:22.0.0.2-Final-java11 AS build
USER root
# RUN gu install native-image
COPY --chown=quarkus:quarkus certs /tmp/certs
COPY --chown=quarkus:quarkus mvnw /code/mvnw
COPY --chown=quarkus:quarkus .mvn /code/.mvn
COPY --chown=quarkus:quarkus pom.xml /code/
RUN for f in /tmp/certs/* ; \
do keytool -import -trustcacerts -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -alias `echo $(basename $f)` -noprompt -file $f ; \
done;
USER quarkus
WORKDIR /code
RUN ./mvnw -B org.apache.maven.plugins:maven-dependency-plugin:go-offline
COPY src /code/src
RUN ./mvnw package -Pnative
# Stage 2 : create the docker final image
FROM quay.io/quarkus/quarkus-micro-image:1.0
# FROM quay.io/quarkus/quarkus-micro-image:1.0
WORKDIR /work/
COPY --from=build /code/target/*-runner /work/application
# set up permissions for user `1001`
RUN chmod 775 /work /work/application \
&& chown -R 1001 /work \
&& chmod -R "g+rwX" /work \
&& chown -R 1001:root /work
EXPOSE 9080
USER 1001
CMD ["./application", "-Dquarkus.http.host=0.0.0.0"]