Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide CA cert to Blackfire container #145

Closed
fooman opened this issue May 6, 2020 · 2 comments
Closed

Provide CA cert to Blackfire container #145

fooman opened this issue May 6, 2020 · 2 comments
Assignees
@davidalger
Labels
bug Something isn't working stale

Comments

@fooman
Copy link
Contributor

fooman commented May 6, 2020

When trying to run blackfire via warden against the https secured site via

warden env run blackfire-agent blackfire curl https://${TRAEFIK_SUBDOMAIN:-app}.${TRAEFIK_DOMAIN}

I ran into untrusted certificate issues.

The below works for me on MacOS:

version: "3.5"
services:
    blackfire-agent:
        extra_hosts:
            - ${TRAEFIK_SUBDOMAIN:-app}.${TRAEFIK_DOMAIN}:${TRAEFIK_ADDRESS:-0.0.0.0}
        volumes:
            - ${WARDEN_SSL_DIR}/rootca/certs/ca.cert.pem:/etc/ssl/certs/ca-certificates.crt:ro

It looks like the php-fpm container updates certificates at run time but I wasn't able to figure out a way to cross link just the generated output from the php-fpm container into the blackfire one.
@davidalger davidalger self-assigned this May 13, 2020
@davidalger davidalger added the bug Something isn't working label May 13, 2020
davidalger added a commit that referenced this issue May 13, 2020
@davidalger
Fixed missing SSH agent forwarding and extra_hosts entries on php-bla…
7a22fd1 
…ckfire container

Related to #145
davidalger added a commit that referenced this issue May 14, 2020
@davidalger
Fixed missing SSH agent forwarding and extra_hosts entries on php-bla…
030d430 
…ckfire container

Related to #145
@davidalger
Copy link
Collaborator

@fooman Great callout! I've addressed the extra_hosts entry in the 0.4.4 release. The other will require creating a custom Dockerfile to extend the blackfire-agent image with a startup script that does similar to what you found in the startup script for php-fpm. That will perhaps be handled in a future release (ideally 0.5.1), so I'm going to leave this open, but wanted to thank you for sharing here and update with the partial improvement rolled out minutes ago.

@davidalger davidalger modified the milestones: Warden 0.5.1, Warden 0.5.2 May 28, 2020
@davidalger davidalger removed this from the Warden 0.5.2 milestone Jun 11, 2020
@stale
Copy link

stale bot commented Dec 12, 2020

Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward?

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.

@stale stale bot added the stale label Dec 12, 2020
@stale stale bot closed this as completed Dec 19, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@davidalger davidalger

Labels
bug Something isn't working stale
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@fooman @davidalger