Answer the question
In order to leave comments, you need to log in
How to pass a multiline argument to Dockerfile RUN to one of the commands?
For example, the command to issue a self-signed certificate uses a single-line config separated by a newline:
openssl req -x509 -out localhost.crt -keyout localhost.key \
-newkey rsa:2048 -nodes -sha256 \
-subj '/CN=localhost' -extensions EXT -config <( \
printf "[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth")
see argument -config
/bin/sh: syntax error: unexpected "("
RUN openssl req -x509 \
-newkey rsa:2048 -nodes -sha256 \
-out /etc/cert/localhost.crt \
-keyout /etc/cert/localhost.key \
-subj '/CN=localhost' \
-extensions EXT \
-config < ( \
printf '[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth')
\n
Answer the question
In order to leave comments, you need to log in
You have a space between "<" and "(", but you need "<("
And sh can't "<( some command )"
Dockerfile:
FROM ubuntu:latest
RUN apt update && apt install -y openssl
RUN mkdir -p /etc/cert
RUN /bin/bash -c "openssl req -x509 \
-newkey rsa:2048 -nodes -sha256 \
-out /etc/cert/localhost.crt \
-keyout /etc/cert/localhost.key \
-subj '/CN=localhost' \
-extensions EXT \
-config <( \
printf '[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth')"
docker build .
Sending build context to Docker daemon 2.048kB
Step 1/4 : FROM ubuntu:latest
---> 1318b700e415
Step 2/4 : RUN apt update && apt install -y openssl
---> Using cache
---> e608bba6cb59
Step 3/4 : RUN mkdir -p /etc/cert
---> Using cache
---> b89d4c7495a3
Step 4/4 : RUN /bin/bash -c "openssl req -x509 -newkey rsa:2048 -nodes -sha256 -out /etc/cert/localhost.crt -keyout /etc/cert/localhost.key -subj '/CN=localhost' -extensions EXT -config <( printf '[dn]\nCN=localhost\n[req]\ndistinguished_name = dn\n[EXT]\nsubjectAltName=DNS:localhost\nkeyUsage=digitalSignature\nextendedKeyUsage=serverAuth')"
---> Running in a4012f6c4893
Generating a RSA private key
................................................+++++
..+++++
writing new private key to '/etc/cert/localhost.key'
-----
Removing intermediate container a4012f6c4893
---> 6ea49c8d9ada
Successfully built 6ea49c8d9ada
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question