kitchen: Use Certifi TLS CA bundle for OpenSSL
The MQTT client needs a trusted root CA bundle, which is not available in the container image used by the *kitchen* server (it's based on *pythonctnr* which literally *only* includes Python). Fortunately, as it uses OpenSSL under the hood, we can configure it to use the bundle included with the *certifi* Python package via an environment variable.dch-webhooks-secrets
parent
9b441738d4
commit
990204b2cf
|
|
@ -38,6 +38,8 @@ spec:
|
||||||
env:
|
env:
|
||||||
- name: TZ
|
- name: TZ
|
||||||
value: America/Chicago
|
value: America/Chicago
|
||||||
|
- name: SSL_CERT_FILE
|
||||||
|
value: /usr/lib/python3.10/site-packages/certifi/cacert.pem
|
||||||
imagePullPolicy: Always
|
imagePullPolicy: Always
|
||||||
ports:
|
ports:
|
||||||
- containerPort: 8000
|
- containerPort: 8000
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue