Team, do we have Pact broker Centos / RHEL based i...
# generaln
Nithin
09/12/2023, 6:20 AMTeam, do we have Pact broker Centos / RHEL based image? Current pact broker image is Alpine based OS image and facing issues with Self-Signed cerificates
m
Matt (pactflow.io / pact-js / pact-go)
09/12/2023, 6:27 AM
No, we just have the Alpine image
Matt (pactflow.io / pact-js / pact-go)
09/12/2023, 6:27 AM
What’s the issue and what’s the relationship to RHEL/Centos?
n
Nithin
09/12/2023, 6:27 AMOk, we have our in-house SSL certificates. How to bake them during runtime?
m
Matt (pactflow.io / pact-js / pact-go)
09/12/2023, 6:28 AM
Matt (pactflow.io / pact-js / pact-go)
09/12/2023, 6:28 AM
Is it for webhooks or something else?
Matt (pactflow.io / pact-js / pact-go)
09/12/2023, 6:28 AM
or rather - what certificate is self-signed?
n
Nithin
09/12/2023, 6:30 AMWe are trying to enable webook to trigger an event from Pact broker to our CI system. So while doing that getting the below SSL issue
Nithin
09/12/2023, 6:30 AM Copy code
ERROR: Error executing webhook OpenSSL::SSL::SSLError - SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate in certificate chain)s
Slackbot
09/12/2023, 6:30 AMPlease see these instructions on running and accessing a Pact Broker over TLS https://docs.pact.io/pact_broker/advanced_topics/using-tls/
m
Matt (pactflow.io / pact-js / pact-go)
09/12/2023, 6:32 AM
yep, the link I provided above should help get you to a point where you can load certificates into PactFlow
n
Nithin
09/12/2023, 6:33 AMOk
m
Matt (pactflow.io / pact-js / pact-go)
09/12/2023, 6:33 AM
Actually, I might need to check how this works with on-prem
Matt (pactflow.io / pact-js / pact-go)
09/12/2023, 6:36 AM
I’m following up with a team member, please bare with me - I’ll aim to get back to you on this tomorrow.
If you have the time, you could try to see if https://github.com/pact-foundation/pact_broker/blob/master/script/prod/insert-self-signed-certificate-from-url.rb gets you anywhere.
You could of course disable validation to get you by for now (https://docs.pactflow.io/docs/on-premises/environment-variables#webhooks). This is obviously not recommended
Matt (pactflow.io / pact-js / pact-go)
09/13/2023, 5:08 AM
Coming back. Sorry, I somehow thought this was a PactFlow related question. The article above is correct then.
If you are running PactFlow on-prem, then the script to load it into the DB is the current way to achieve this.
n
Nithin
09/13/2023, 5:42 AMwe are running pactbroker on onprem
👍 1
m
Matt (pactflow.io / pact-js / pact-go)
09/13/2023, 5:45 AM
cool, not PactFlow. The docs above should get you going then!
n
Nithin
09/13/2023, 6:28 AM@Matt (pactflow.io / pact-js / pact-go), When we disabled
PACT_BROKER_DISABLE_SSL_VERIFICATION Copy code
/pact_broker/vendor/bundle/ruby/2.7.0/gems/anyway_config-2.3.0/lib/anyway/type_casting.rb:111: warning: Pattern matching is experimental, and the behavior may change in future versions of Ruby!
/pact_broker/vendor/bundle/ruby/2.7.0/gems/anyway_config-2.3.0/lib/anyway/rbs.rb:40: warning: Pattern matching is experimental, and the behavior may change in future versions of Ruby!
bundler: failed to load command: puma (/pact_broker/vendor/bundle/ruby/2.7.0/bin/puma)m
Matt (pactflow.io / pact-js / pact-go)
09/13/2023, 6:49 AM
really? that seems unlikely to do with that change
y
Yousaf Nabi (pactflow.io)
09/13/2023, 10:48 AM
I would recommend using the latest pact broker image, which is using Ruby 3.2.* as released in May
✅ 1