[spring-projects/spring-boot]Spring Boot Maven 插件 build-image 将无法在具有自定义证书的 http 代理后面工作

该映像由在单独的 Docker 容器中运行的构建器构建。您的自定义证书必须安装在该容器中。我不确定构建器是否提供了一个挂钩点来提供在构建过程中使用的自定义证书。您可能需要创建自己的构建器映像。 Paketo Slack是讨论这个问题并找出可能性的最佳场所。

谢谢你！这里讨论这个话题。https://github.com/buildpacks/rfcs/pull/69

我可能遇到了同样的问题，同时有解决方案吗？

[INFO]     [creator]       BellSoft Liberica JRE 11.0.10: Contributing to layer
[INFO]     [creator]         Downloading from https://github.com/bell-sw/Liberica/releases/download/11.0.10+9/bellsoft-jre11.0.10+9-linux-amd64.tar.gz
[INFO]     [creator]     unable to invoke layer creator
[INFO]     [creator]     unable to get dependency jre
[INFO]     [creator]     unable to download https://github.com/bell-sw/Liberica/releases/download/11.0.10+9/bellsoft-jre11.0.10+9-linux-amd64.tar.gz
[INFO]     [creator]     unable to request https://github.com/bell-sw/Liberica/releases/download/11.0.10+9/bellsoft-jre11.0.10+9-linux-amd64.tar.gz
[INFO]     [creator]     Get "https://github-releases.githubusercontent.com/115621629/d5d82c00-594d-11eb-98ae-659ac7559e26?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20210202%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20210202T170457Z&X-Amz-Expires=300&X-Amz-Signature=137db21268360387a4b524dbfb60b344efab343d47d92e7be2341cea7f890c73&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=115621629&response-content-disposition=attachment%3B%20filename%3Dbellsoft-jre11.0.10%2B9-linux-amd64.tar.gz&response-content-type=application%2Foctet-stream": x509: certificate signed by unknown authority
[INFO]     [creator]     ERROR: failed to build: exit status 1

@qrider71此问题评论中有一些来自 @nebhale 的说明，展示了如何修改构建器并向其添加自定义证书。我不确定目前的技术水平超出了这个范围。我已向 @sclevine 询问一些已取代 buildpacks/rfcs#69 的 RFC 链接。

https://github.com/paketo-buildpacks/ca-certificates与此处相关。它需要使用我们希望在 2.5 中支持的绑定。

@torsten-liermann @qrider71 只是为了结束这个讨论，最新的 Spring Boot2.5.0-SNAPSHOT版本包含bindings允许您使用Maven和Gradle插件将自定义证书添加到构建器容器的功能。该功能将包含在下一个2.5.0-M3里程碑版本中。

集成测试显示了一个配置与构建包使用的证书绑定的示例paketo-buildpacks/ca-certificate（尽管它在测试中是无效证书，因为这足以测试引导插件是否正确设置构建容器）。

你好！我正在尝试绑定设置。我们是否只允许使用这个构建器 springci/spring-boot-cnb-builder:0.0.1 因为我尝试了默认的基础构建器但失败了。我还尝试了这个构建器 springci/spring-boot-cnb-builder:0.0.1 ，在执行“docker run”时出现此错误：错误：无法启动：确定启动命令：当没有默认进程时需要命令谢谢你！

该构建器springci/spring-boot-cnb-builder:0.0.1不是构建映像时使用的有效 CNB 构建器。它是内部 Spring Boot 测试用来验证 Maven 和 Gradle 插件行为的测试工具。正如您所看到的，该构建器不会生成可运行的映像。

上面链接的集成测试示例的相关部分只是配置<bindings>...</bindings>。

我尝试了默认的基础版本，但失败了

您需要提供有关失败原因的更多信息，以便任何人提供帮助。这是一个封闭的问题，因此不是获得问题帮助的正确位置。正如贡献指南中提到的，我们更喜欢仅使用 GitHub 问题来解决错误和增强功能，因此进一步的问题更适合Stack Overflow。

对于那些为什么从公司代理后面构建和水力压裂x509: certificate signed by unknown authority错误的人，这里是提示：不要忘记添加bindings/ca-certificates/type内容ca-certificates

https://github.com/xmlking/micro-apps/commit/fa246da6b627038c461620bcb8e0a17821c9274d

更新相关spring boot maven 文档的链接- 所引用的链接现已损坏。

我对此很陌生，所以可能花了我更长的时间才明白发生了什么。绑定只是通过 spring boot 插件从 maven 传递，以从主机创建 docker 安装，这允许您传递包含 CA.pem 的文件夹，并需要文件“类型”才能被该特定构建包识别。

经过一番尝试和错误后，现在看来效果很好。谢谢！

同样的问题;

[INFO]     [creator]     Paketo Buildpack for CA Certificates 3.5.1
[INFO]     [creator]       https://github.com/paketo-buildpacks/ca-certificates
[INFO]     [creator]       Launch Helper: Contributing to layer
[INFO]     [creator]         Creating /layers/paketo-buildpacks_ca-certificates/helper/exec.d/ca-certificates-helper
[INFO]     [creator]
[INFO]     [creator]     Paketo Buildpack for BellSoft Liberica 9.10.1
[INFO]     [creator]       https://github.com/paketo-buildpacks/bellsoft-liberica
[INFO]     [creator]       Build Configuration:
[INFO]     [creator]         $BP_JVM_JLINK_ARGS           --no-man-pages --no-header-files --strip-debug --compress=1  configure custom link arguments (--output must be omitted)
[INFO]     [creator]         $BP_JVM_JLINK_ENABLED        false                                                        enables running jlink tool to generate custom JRE
[INFO]     [creator]         $BP_JVM_TYPE                 JRE                                                          the JVM type - JDK or JRE
[INFO]     [creator]         $BP_JVM_VERSION              17.*                                                         the Java version
[INFO]     [creator]       Launch Configuration:
[INFO]     [creator]         $BPL_DEBUG_ENABLED           false                                                        enables Java remote debugging support
[INFO]     [creator]         $BPL_DEBUG_PORT              8000                                                         configure the remote debugging port
[INFO]     [creator]         $BPL_DEBUG_SUSPEND           false                                                        configure whether to suspend execution until a debugger has attached
[INFO]     [creator]         $BPL_HEAP_DUMP_PATH                                                                       write heap dumps on error to this path
[INFO]     [creator]         $BPL_JAVA_NMT_ENABLED        true                                                         enables Java Native Memory Tracking (NMT)
[INFO]     [creator]         $BPL_JAVA_NMT_LEVEL          summary                                                      configure level of NMT, summary or detail
[INFO]     [creator]         $BPL_JFR_ARGS                                                                             configure custom Java Flight Recording (JFR) arguments
[INFO]     [creator]         $BPL_JFR_ENABLED             false                                                        enables Java Flight Recording (JFR)
[INFO]     [creator]         $BPL_JMX_ENABLED             false                                                        enables Java Management Extensions (JMX)
[INFO]     [creator]         $BPL_JMX_PORT                5000                                                         configure the JMX port
[INFO]     [creator]         $BPL_JVM_HEAD_ROOM           0                                                            the headroom in memory calculation
[INFO]     [creator]         $BPL_JVM_LOADED_CLASS_COUNT  35% of classes                                               the number of loaded classes in memory calculation
[INFO]     [creator]         $BPL_JVM_THREAD_COUNT        250                                                          the number of threads in memory calculation
[INFO]     [creator]         $JAVA_TOOL_OPTIONS                                                                        the JVM launch flags
[INFO]     [creator]         Using Java version 17.* from BP_JVM_VERSION
[INFO]     [creator]       BellSoft Liberica JRE 17.0.5: Contributing to layer
[INFO]     [creator]         Downloading from https://github.com/bell-sw/Liberica/releases/download/17.0.5+8/bellsoft-jre17.0.5+8-linux-amd64.tar.gz
[INFO]     [creator]     unable to invoke layer creator
[INFO]     [creator]     unable to get dependency jre
[INFO]     [creator]     unable to download https://github.com/bell-sw/Liberica/releases/download/17.0.5+8/bellsoft-jre17.0.5+8-linux-amd64.tar.gz
[INFO]     [creator]     unable to request https://github.com/bell-sw/Liberica/releases/download/17.0.5+8/bellsoft-jre17.0.5+8-linux-amd64.tar.gz
[INFO]     [creator]     Get "https://objects.githubusercontent.com/github-production-release-asset-2e65be/115621629/4522d780-0a4c-40ae-a3d1-d70a38bda0b9?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20221222%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20221222T115500Z&X-Amz-Expires=300&X-Amz-Signature=6ad4f75702593c28acb29adb73b002c3825ccae17701ced35dd5bdb2245594d0&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=115621629&response-content-disposition=attachment%3B%20filename%3Dbellsoft-jre17.0.5%2B8-linux-amd64.tar.gz&response-content-type=application%2Foctet-stream": x509: certificate signed by unknown authority
[INFO]     [creator]     ERROR: failed to build: exit status 1
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time:  25.067 s
[INFO] Finished at: 2022-12-22T14:54:13+03:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.springframework.boot:spring-boot-maven-plugin:2.7.4:build-image (default-cli) on project configserver: Execution default-cli of goal org.springframework.boot:spring-boot-maven-plugin:2.7.4:build-image failed: Builder lifecycle 'creator' failed with status code 51 -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/PluginExecutionException

你能帮我吗。我反复尝试解决问题，但我没有。

@emrekaratas06 我看到您还向https://github.com/paketo-buildpacks/bellsoft-liberica/issues/3#issuecomment-1362895757添加了评论。让我们继续讨论吧。

你好呀。是否可以展示一些有关如何在 Gradle 插件中指定其他 CA 证书绑定的示例？

我已经尝试过以下方法：

bootBuildImage {
  bindings = [ "${project.projectDir}/bindings/ca-certificates:/platform/bindings/ca-certificates" ]
}

bootBuildImage {
    bindings = ['./bindings/ca-certificates:/platform/bindings/ca-certificates']
}

我得到的错误是：

2023-01-09T16:28:11.799+0800 [ERROR] [org.gradle.internal.buildevents.BuildExceptionReporter] 
Execution failed for task ':ProjectA:bootBuildImage'.
> Docker API call to 'localhost/v1.24/containers/create' failed with status code 500 "Internal Server Error"

Internal Server Error@charlesxu Cheng 绑定配置与Docker 守护进程内部发生的问题有何关系并不明显。对于此类问题，我们更喜欢使用Stack Overflow 。请在此问题中发布有关您正在做什么的更多信息（包括所有 Spring Boot 插件配置、您正在运行的操作系统以及 Docker 引擎版本）。您可以使用spring-boot和标记问题paketo（因为证书由 Paketoca-certificates构建包管理）。