Hello all:
I need to import private CA certificates into a container’s trust store.
I can get the required certs into the container, but I am not finding a way to run arbitrary commands (such as update-ca-certificates) after the container runs from a job spec file to import the certs.
So I’m looking for ideas.
My goal is to start a container and then run a command after the container is up all from a job spec file. If anyone can provide an example, I would greatly appreciate it.
Currently using Nomad 1.8.2
Thanks
Hi @originaltrini0 ! Reading your question reminded me of Nomad Actions which let you define a command in your job spec and execute it in the running workload (on one or many allocations).
It is an abstraction over Nomad alloc exec which is a more at-run-time arbitrary way of running a command.
One of these should help you out, I think!
Hi @phil.renaud
Let me try the action stanza, and I’ll report back.
Thanks
I did not have much success with the action stanza, but I did manage to get a containerized application (Traefik) to trust in a private root cert by leveraging the LEGO_CA_CERTIFICATES environment variable.
Thanks