Skip to content

Commit eb8d0ad

Browse files
nuclearsandwichnuclearsandwich
authored
Upgrade to chef 16 and work around expired root certificate issue. (#597)
1 parent bc84b0a commit eb8d0ad

File tree

2 files changed

+3166
-4
lines changed

2 files changed

+3166
-4
lines changed

windows_docker_resources/Dockerfile

Lines changed: 12 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -19,13 +19,21 @@ ARG WINDOWS_RELEASE_VERSION=$WINDOWS_RELEASE_ID
1919
FROM mcr.microsoft.com/windows:$WINDOWS_RELEASE_VERSION
2020

2121
# Install cinc-solo, a compiled binary of chef-solo
22-
RUN powershell "iex ((New-Object System.Net.WebClient).DownloadString('https://omnitruck.cinc.sh/install.ps1')); install -version 15.10.12"
22+
RUN powershell "iex ((New-Object System.Net.WebClient).DownloadString('https://omnitruck.cinc.sh/install.ps1')); install -version 16.15.22"
23+
24+
# Update certificate bundle to work Let's Encrypt root certificate expiration
25+
# https://www.openssl.org/blog/blog/2021/09/13/LetsEncryptRootCertExpire/
26+
# (in the parlance of the above post we're using workaround 1)
27+
# This workaround is being incorporated directly in future releases of Cinc 16 and 17.
28+
# Our application of the work around should be removed when updating to such a version.
29+
COPY cacert.pem c:\cinc-project\cinc\embedded\ssl\certs\cacert.pem
30+
COPY cacert.pem c:\cinc-project\cinc\embedded\lib\ruby\gems\2.7.0\gems\httpclient-2.8.3\lib\httpclient\cacert.pem
2331

2432
# Install Chocolatey by powershell script
2533
RUN powershell -noexit "Set-ExecutionPolicy Bypass -Scope Process -Force; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))"
2634

27-
# choco installs. chefdk is being installed to get berks and download cookbook dependencies
28-
RUN choco install -y git chefdk
35+
# choco installs. chef-workstation is being installed to get berks and download cookbook dependencies
36+
RUN choco install -y git chef-workstation
2937

3038
# Copy over necessary files into container
3139
RUN IF NOT EXIST "C:\TEMP" mkdir C:\TEMP
@@ -45,7 +53,7 @@ COPY qtaccount\ros2ci.rb C:\TEMP\environments\ros2ci.rb
4553

4654
# Download vendor cookbooks
4755
WORKDIR C:\TEMP\ros2-cookbooks\cookbooks\ros2_windows
48-
RUN C:\opscode\chefdk\bin\berks vendor C:\TEMP\ros2-cookbooks\cookbooks
56+
RUN C:\opscode\chef-workstation\bin\berks vendor C:\TEMP\ros2-cookbooks\cookbooks
4957

5058
# Initial run
5159
RUN c:\cinc-project\cinc\bin\cinc-solo.bat -c C:\TEMP\solo.rb -Eros2ci -j C:\TEMP\install_ros2_%ROS_DISTRO%.json

0 commit comments

Comments
 (0)