docker does not copy crt file - docker

I try to build a test application that allow me to use HttpClient to call an action using docker. The application can call the action easily without any problems when using "http://...". When I step forward and start to work with "https://..." I faced several problems that I can not encounter in one question. To be more specific I started to build two Asp.Net Core projects one of them need to call an action from the other project using docker internal network using https.
My development laptop has:
Visual Studio 2019 16.9.4
Ubuntu 20.04 LTS
Docker Desktop
My docker-compose.override.yml is simply as:
services:
mastercontainer:
environment:
- ASPNETCORE_ENVIRONMENT=Development
- ASPNETCORE_URLS=https://+:443;http://+:80
#- ASPNETCORE_Kestrel__Certificates__Default__Password=123123
#- ASPNETCORE_Kestrel__Certificates__Default__Path=/https/test-cert.pfx
ports:
- "80"
- "443"
volumes:
- ${APPDATA}/Microsoft/UserSecrets:/root/.microsoft/usersecrets:ro
- ~/.aspnet/https:/https:ro
#- ~/.aspnet/https:/https:ro
#- ./certs:/https:ro
#- ${APPDATA}/ASP.NET/Https:/https:ro
detailcontainer:
environment:
- ASPNETCORE_ENVIRONMENT=Development
- ASPNETCORE_URLS=https://+:443;http://+:80
- ASPNETCORE_Kestrel__Certificates__Default__Password=123123
- ASPNETCORE_Kestrel__Certificates__Default__Path=/https/test-cert.pfx
ports:
- "6001:6001"
volumes:
- ${APPDATA}/Microsoft/UserSecrets:/root/.microsoft/usersecrets:ro
- ~/.aspnet/https:/https:ro
#- ${USERPROFILE}/.aspnet/https:/https:ro
# source: ${USERPROFILE}/.aspnet/https/test-cert.crt
# target: /usr/local/share/ca-certificates/test-cert.crt
#- ~/.aspnet/https:/https:ro
#- ./certs:/https:ro
#- ${APPDATA}/ASP.NET/Https:/https:ro
Then my docker-compose.yml is like:
version: '3.4'
services:
mastercontainer:
image: ${DOCKER_REGISTRY-}mastercontainer
build:
context: .
dockerfile: mastercontainer/Dockerfile
depends_on:
- detailcontainer
detailcontainer:
image: ${DOCKER_REGISTRY-}detailcontainer
container_name: detailcontainer
build:
context: .
dockerfile: detailcontainer/Dockerfile
#ports:
# - "443:443"
#volumes:
# - ~/.vsdbg:/remote_debugger:rw
and the Dockerfile of the detailcocntainer looks like:
#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging.
FROM mcr.microsoft.com/dotnet/aspnet:5.0-buster-slim AS base
WORKDIR /app
EXPOSE 80
EXPOSE 443
#EXPOSE 6001
FROM mcr.microsoft.com/dotnet/sdk:5.0-buster-slim AS build
WORKDIR /src
COPY ["detailcontainer/detailcontainer.csproj", "detailcontainer/"]
RUN dotnet restore "detailcontainer/detailcontainer.csproj"
COPY . .
WORKDIR "/src/detailcontainer"
RUN dotnet build "detailcontainer.csproj" -c Release -o /app/build
FROM build AS publish
RUN dotnet publish "detailcontainer.csproj" -c Release -o /app/publish
#WORKDIR "/src/detailcontainer"
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
# PROBLEM IS HERE
COPY ./test-cert.crt /usr/local/share/ca-certificates/test-cert.crt
# HOW TO COPY
RUN chmod 644 /usr/local/share/ca-certificates/testcert.crt && update-ca-certificates
ENTRYPOINT ["dotnet", "detailcontainer.dll"]
Still I do not know which problems I may encounter while progress in this test solution because the highlighted line in the Dockerfile shown above which is:
COPY ./test-cert.crt /usr/local/share/ca-certificates/test-cert.crt
does not copy the crt file to ca-certificates folder.
My question is:
Why Dockerfile does not copy the crt file? and How to copy it?

Sorry, I'm new to docker. Due to this Visual Studio Documentation here It is clear that the COPY will not be processed unless it is located in the base stage, otherwise, the optimized build of visual studio; which is the default behavior; will ignore any modification to the default DockerFile that Visual Studio assumes to be.
This answer gave me a great help to understand more about Visual Studio internal build.
So my Dockerfile should look like the following to get the file being copied:
#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging.
FROM mcr.microsoft.com/dotnet/aspnet:5.0-buster-slim AS base
#WORKDIR /usr/local/share/ca-certificates/
#COPY ["detailcontainer/test-cert.crt", "detailcontainer/"]
COPY ./test-cert.crt /usr/local/share/ca-certificates/
RUN chmod 644 /usr/local/share/ca-certificates/test-cert.crt && update-ca-certificates
WORKDIR /app
EXPOSE 80
EXPOSE 443
...
The rest of Dockerfile should not be modified.

Related

.NET6 and docker: Couldn't find a valid ICU package installed on the system

I'm trying to containerize a .NET6 WebApi with a postgrescontainer. I have this Docker file to build the web api image:
#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging.
FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base
WORKDIR /app
EXPOSE 80
EXPOSE 443
FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build
WORKDIR /src
COPY ["MicroserviceTemplateDDD.csproj", "MicroserviceTemplateDDD/"]
RUN dotnet restore "MicroserviceTemplateDDD/MicroserviceTemplateDDD.csproj"
WORKDIR "/src/MicroserviceTemplateDDD"
COPY . .
RUN dotnet build "MicroserviceTemplateDDD.csproj" -c Release -o /app/build
FROM build AS publish
RUN dotnet publish "MicroserviceTemplateDDD.csproj" -c Release -o /app/publish
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
WORKDIR /app/publish
ENTRYPOINT ["dotnet", "MicroserviceTemplateDDD.dll"]
This runs successfully. But when i run docker-compose up to start the postgre and webapi container i get this error:
microservicetemplateddd_service1 | Process terminated. Couldn't find a valid ICU package installed on the system. Please install libicu using your package manager and try again. Alternatively you can set the configuration flag System.Globalization.Invariant to true if you want to run with no globalization support. Please see https://aka.ms/dotnet-missing-libicu for more information.
My docker compose:
version: "3.7"
services:
api:
image: microservicetemplateddd_service1
container_name: microservicetemplateddd_service1
restart: always
build:
context: .
dockerfile: Dockerfile
environment:
- ConnectionStrings:Context=Server=MicroserviceTemplateDDD_Service1_database;Database=Database;User Id=pa;Password=P4ssW0rd!;
- DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=false
depends_on:
- database
networks:
- network
ports:
- 8090:80
database:
image: postgres
container_name: microservicetemplateddd_service1_database
restart: always
environment:
- ACCEPT_EULA=Y
- POSTGRES_PASSWORD=P4ssW0rd!
- POSTGRES_USER=pa
networks:
- network
ports:
- 1433:1433
volumes:
- database:/var/opt/mssql
networks:
network:
volumes:
database:
I already tried to use other ms images like alpine and change the place of setting the env.
Per the docs, you should set the environment variable to 1 to disable globalization. Like this
environment:
- ConnectionStrings:Context=Server=MicroserviceTemplateDDD_Service1_database;Database=Database;User Id=pa;Password=P4ssW0rd!;
- DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=1
Since you always need to set it to run your container, it'll be a good idea to put the configuration into the image. You can put it at the beginning of the dockerfile and remove it from the docker-compose file
FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base
ENV DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=1
WORKDIR /app
EXPOSE 80
EXPOSE 443
That way you can't forget to set it and have the error pop up again.
I had a similar issue and got around it by adding this condition in the csproj
<ItemGroup Condition="$([MSBuild]::IsOSPlatform('Windows'))">
<RuntimeHostConfigurationOption Include="System.Globalization.AppLocalIcu" Value="68.2" />
</ItemGroup>

i read old question but cant fix: docker Error: Unable to access jarfile

hi, I am new to docker and trying to containerize a simple spring boot application. The docker file is as below.
version:
win 11
docker desktop : newest version
dockerfile
FROM openjdk:8-jre-alpine
RUN mkdir app
WORKDIR /app
# Copy the jar to the production image from the builder stage.
COPY target/taco-cloud-*.jar app/taco-cloud.jar
# Run the web service on container startup.
EXPOSE 9090
CMD ["java", "-jar", "taco-cloud.jar"]
docker-compose
version: '2.4'
services:
mysql:
container_name: test-data
image: mysql:latest
networks:
- kell-network
restart: always
environment:
- MYSQL_ROOT_PASSWORD=root
- MYSQL_DATABASE=taco_cloud
- MYSQL_USER=kell
- MYSQL_PASSWORD=dskell0502
volumes:
- mysql-data:/var/lib/mysql
- ./schema.sql:/docker-entrypoint-initdb.d/init.sql
ports:
- "3307:3306"
web:
container_name: test-web
image: test:ver1
ports:
- "9090:9090"
depends_on:
- mysql
networks:
- kell-network
volumes:
mysql-data:
networks:
kell-network:
driver: bridge
when I am trying to run docker-compose, I am getting "Error: Unable to access jarfile taco-clound.jar"
test-web | Error: Unable to access jarfile taco-cloud.jar
I tried to edit the dockerfile but it still doesn't work
FROM maven:latest
RUN mkdir /app
WORKDIR /app
COPY . .
EXPOSE 8080
CMD ["mvn", "spring-boot:run"]
and
# Use the official maven/Java 8 image to create a build artifact: https://hub.docker.com/_/maven
FROM maven:3.5-jdk-8-alpine as builder
# Copy local code to the container image.
RUN mkdir app
WORKDIR /app
COPY pom.xml .
COPY src ./src
# Build a release artifact.
RUN mvn package -DskipTests
# Use the Official OpenJDK image for a lean production stage of our multi-stage build.
# https://hub.docker.com/_/openjdk
# https://docs.docker.com/develop/develop-images/multistage-build/#use-multi-stage-builds
FROM openjdk:8-jre-alpine
# Copy the jar to the production image from the builder stage.
COPY --from=builder target/taco-cloud-*.jar app/taco-cloud.jar
# Run the web service on container startup.
EXPOSE 9090
CMD ["java", "-jar", "taco-cloud.jar"]
WORKDIR /app
COPY target/taco-cloud-*.jar app/taco-cloud.jar
AFAIK COPY command don't support * wildcards. You have to know exact filename or rename it to taco-cloud.jar before building image and run COPY taco-cloud.jar ./taco-cloud.jar
Even if taco-cloud-*.jar will be copied, it will be copied into /app/app/taco-cloud.jar. Do you mean COPY {original_file} /app/taco-cloud.jar or COPY {original_file} ./taco-cloud.jar?

Edit Asp.net core appsettings.json when in a docker app?

I've an Asp.Net core web application, that will get deployed within docker images. How can I allow users to provide an appsettings.json?
I build my docker image like this:
FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base
WORKDIR /app
EXPOSE 80
EXPOSE 443
FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build
WORKDIR /src
COPY ["Backend/Some-Project.csproj", "Backend/"]
RUN dotnet restore "Backend/Some-Project.csproj"
COPY Backend Backend
WORKDIR "/src/Backend"
RUN dotnet build "Some-Project.csproj" -c Release -o /app/build
FROM build AS publish
RUN dotnet publish "Some-Project.csproj" -c Release -o /app/publish
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "Some-Project.dll"]
My current docker-compose.yml look like this:
version: "3"
services:
mongo:
image: mongo:latest
container_name: "my-app-mongo"
restart: always
environment:
MONGO_INITDB_ROOT_USERNAME: admin
MONGO_INITDB_ROOT_PASSWORD: admin
MONGO_INITDB_DATABASE: my-app-db
ports:
- 27017:27017
vs-central:
image: my-app:latest
container_name: "my-app"
restart: always
How should modify those to replace the appsettings.json ? I taught about a volume, but since it's only one file and not a directory, I think it will not work
You can volume map a single file. It just requires that it exists on the host. If it doesn't, Docker will create a directory on the host and map that.
In your case you can do
vs-central:
image: my-app:latest
container_name: "my-app"
restart: always
volumes:
- ./appsettings.json:/app/appsettings.json:ro
I've added the ro modifier to make the file read-only, so it can't be modified by the container by mistake.

docker-compose push a project into repository

I have a problem / question what should I do when I have docker-compose.yml with several services and want to push this as a project into the repository.
My docker-compose.yml
version: '3.8'
configs:
prometheus_config:
file: ./prometheus.yml
networks:
inner_net:
driver: overlay
services:
app:
build: .
ports:
- 6020:80
container_name: AVM.Core
image: avmtemplate_app
prometheus:
image: quay.io/prometheus/prometheus:latest
ports:
- 9090:9090
configs:
- source: prometheus_config
target: /etc/prometheus/prometheus.yml
depends_on:
- app
container_name: Prometheus
grafana:
image : grafana/grafana
depends_on:
- prometheus
ports:
- 3000:3000
volumes:
- ./grafana/data/:/var/lib/grafana
- ./grafana/provisioning/:/etc/grafana/provisioning/
env_file:
- ./config.monitoring
container_name: Grafana
As you can see, I have three services that depend on each other.
The "grafana" service depends on the "prometheus" service and this depends on the "app" service.
And this is what my "dockerfile" looks like:
#See https://aka.ms/containerfastmode to understand how Visual Studio uses this Dockerfile to build your images for faster debugging.
FROM mcr.microsoft.com/dotnet/aspnet:6.0 AS base
WORKDIR /app
EXPOSE 80
EXPOSE 443
EXPOSE 3000
EXPOSE 9090
FROM mcr.microsoft.com/dotnet/sdk:6.0 AS build
WORKDIR /src
COPY ["../AVM.Core/AVM.Core.csproj", "../AVM.Core/"]
COPY ["../AVM.Domain/AVM.Domain.csproj", "../AVM.Domain/"]
COPY ["../AVM.Repository/AVM.Repository.csproj", "../AVM.Repository/"]
COPY ./prometheus.yml /etc/prometheus/prometheus.yml
RUN dotnet restore "../AVM.Core/AVM.Core.csproj"
COPY . .
WORKDIR "/src/AVM.Core"
RUN dotnet build "AVM.Core.csproj" -c Release -o /app/build
FROM build AS publish
RUN dotnet publish "../AVM.Core/AVM.Core.csproj" -c Release -o /app/publish
FROM base AS final
WORKDIR /app/AVM.Core
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "AVM.Core.dll"]
When I use docker-compose up i get three images and one project which include all this images. I Paste a screenshots that show it.
Maybe some of you know how to push it into the repository so that a person who would like to use my template has to download only a project , and then she just launched the project to make it work? If this is not possible, what else should I do?
Thanks for all your answers
Cheers

Asp.net Core Website icons are missing hosting in docker

I converted my Asp.net web core and Api core using docker and while i need both containers at the same time, i used docker-compose. Everything works fine but some Icons are not displayed on the web page.
When I run the same Web App on IIS express, all icons are displayed fine. I don't get what could be the problem. In exact same Icons folder, some icons are displayed when i host as docker container and some not. They appear as 404 not found. My code is surely fine as IIS express display the icons.
I searched all over but i cant find anyone else having same problem. I am new in docker. So not sure how to inspect that situation?
I am using Docker windows running as Linux Container.
DockerFile:
FROM mcr.microsoft.com/dotnet/core/aspnet:3.1-buster-slim AS base
WORKDIR /app
EXPOSE 80
EXPOSE 443
FROM mcr.microsoft.com/dotnet/core/sdk:3.1-buster AS build
WORKDIR /src
COPY ["myAppWebCore/myAppWebCore.csproj", "myAppWebCore/"]
COPY ["myApp.Data/myApp.Data.csproj", "myApp.Data/"]
RUN dotnet restore "myAppWebCore/myAppWebCore.csproj"
COPY . .
WORKDIR "/src/myAppWebCore"
RUN dotnet build "myAppWebCore.csproj" -c Release -o /app/build
FROM build AS publish
RUN dotnet publish "myAppWebCore.csproj" -c Release -o /app/publish
FROM base AS final
WORKDIR /app
COPY --from=publish /app/publish .
ENTRYPOINT ["dotnet", "myAppWebCore.dll"]
Docker-Compose:
version: '3.4'
services:
myAppcoreapi:
image: ${DOCKER_REGISTRY-}myappcoreapi
tty: true
build:
context: .
dockerfile: myAppCoreApi/Dockerfile
networks:
- backend
volumes:
- .:/code
environment:
- ASPNETCORE_ENVIRONMENT=Development
environment:
FLASK_ENV: Development
ports:
- "5000:80"
- "5001:443"
myAppwebcore:
image: ${DOCKER_REGISTRY-}myappwebcore
build:
context: .
dockerfile: myAppWebCore/Dockerfile
networks:
- backend
networks:
backend:
driver: "bridge"
EDIT:
I have just checked the logs in Docker Windows for my container. And icons those are fine displayed. there is log like below.
But there is not "Sending File" log for the ones not displayed. It seems like when I deploy those Icons are not deployed to docker.
Sending file. Request path: '/images/google-play-badge.svg'. Physical path: '/app/wwwroot/images/google-play-badge.svg'

Resources