fix: NODE_EXTRA_CA_CERTS condition

carlosthe19916 · carlosthe19916 · commit a921ff9eb7d3 · 2024-12-04T16:55:31.000+01:00
diff --git a/entrypoint.sh b/entrypoint.sh
@@ -26,22 +26,25 @@ if [[ $ANALYTICS_ENABLED != "false" ]]; then
 fi
 
 if [[ -z "${NODE_EXTRA_CA_CERTS}" ]]; then
-  # Copy the Kube API and service CA bundle to /opt/app-root/src/ca.crt if they exist
-
-  # Add Kube API CA
-  if [ -f "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt" ]; then
-    cp /var/run/secrets/kubernetes.io/serviceaccount/ca.crt ${NODE_EXTRA_CA_CERTS}
-  fi
-
-  # Add service serving CA
-  if [ -f "/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt" ]; then
-    cat /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt >>${NODE_EXTRA_CA_CERTS}
-  fi
-
-  # Add custom ingress CA if it exists
-  if [ -f "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem" ]; then
-    cat /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem >>${NODE_EXTRA_CA_CERTS}
-  fi
+    # Nothing to do
+    echo "No NODE_EXTRA_CA_CERTS found"
+  else
+    # Copy the Kube API and service CA bundle to /opt/app-root/src/ca.crt if they exist
+
+    # Add Kube API CA
+    if [ -f "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt" ]; then
+      cp /var/run/secrets/kubernetes.io/serviceaccount/ca.crt ${NODE_EXTRA_CA_CERTS}
+    fi
+
+    # Add service serving CA
+    if [ -f "/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt" ]; then
+      cat /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt >>${NODE_EXTRA_CA_CERTS}
+    fi
+
+    # Add custom ingress CA if it exists
+    if [ -f "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem" ]; then
+      cat /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem >>${NODE_EXTRA_CA_CERTS}
+    fi
 fi
 
 exec node --enable-source-maps server/dist/index.js
