NoSuchFileException while running docker image,

Question

I'm new to docker and AWS. I am trying to connect with AWS keyspaces using truststore certificate(cassandra_truststore.jks), I kept the certificate in project root level. I am able to connect with aws keyspace by executing application locally(using gradlew bootRun). But when I build docker image (using gradlew docker) and run the image (using winpty docker run -it product-service-app) it is throwing exception "java.nio.file.NoSuchFileException" ./cassandra_truststore.jks. Here is my stack trace..

Caused by: java.lang.IllegalStateException: Cannot initialize SSL Context
        at com.datastax.oss.driver.internal.core.ssl.DefaultSslEngineFactory.<init>(DefaultSslEngineFactory.java:74) ~[java-driver-core-4.13.0.jar!/:na]
        at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) ~[na:na]
        at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62) ~[na:na]
        at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) ~[na:na]
        at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:490) ~[na:na]
        at com.datastax.oss.driver.internal.core.util.Reflection.resolveClass(Reflection.java:329) ~[java-driver-core-4.13.0.jar!/:na]
        ... 19 common frames omitted
Caused by: java.nio.file.NoSuchFileException: ./cassandra_truststore.jks
        at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:92) ~[na:na]
        at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111) ~[na:na]
        at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:116) ~[na:na]
        at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:219) ~[na:na]
        at java.base/java.nio.file.Files.newByteChannel(Files.java:371) ~[na:na]
        at java.base/java.nio.file.Files.newByteChannel(Files.java:422) ~[na:na]
        at java.base/java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider.java:420) ~[na:na]
        at java.base/java.nio.file.Files.newInputStream(Files.java:156) ~[na:na]
        at com.datastax.oss.driver.internal.core.ssl.DefaultSslEngineFactory.buildContext(DefaultSslEngineFactory.java:119) ~[java-driver-core-4.13.0.jar!/:n
a]
        at com.datastax.oss.driver.internal.core.ssl.DefaultSslEngineFactory.<init>(DefaultSslEngineFactory.java:72) ~[java-driver-core-4.13.0.jar!/:na]
        ... 24 common frames omitted

Below is my docker file

FROM openjdk:11
VOLUME /tmp
ARG JAR_FILE
COPY ${JAR_FILE} app.jar
ENTRYPOINT ["java", "-jar", "/app.jar"]

Below is my gradle.build file docker task

buildscript {
    repositories {
        mavenCentral()
    }
}

plugins {
    id 'org.springframework.boot' version '2.4.4'
    id 'com.palantir.docker' version '0.30.0'
}

apply plugin: 'java'
apply plugin: 'org.springframework.boot'
apply plugin: 'jacoco'
apply plugin: 'application'
apply plugin: 'io.spring.dependency-management'

group = 'com.capone.lab.product'
version = '1.0'

repositories {
    mavenCentral()
}

bootJar {
    enabled = true
    mainClassName = 'com.capone.lab.product.ProductApplication'
}

sourceCompatibility = 11
targetCompatibility = 11

docker {
    name "product-service-app"
    dockerfile file('Dockerfile')
    copySpec.from(jar).rename(".*","app.jar")
    buildArgs(['JAR_FILE': "app.jar"])
}

dependencies {
    implementation 'org.springframework.boot:spring-boot-starter-web'
    implementation 'org.springframework.boot:spring-boot-starter-data-cassandra'
    annotationProcessor 'org.springframework.boot:spring-boot-configuration-processor'
    implementation 'software.aws.mcs:aws-sigv4-auth-cassandra-java-driver-plugin:4.0.4'
    implementation 'com.datastax.oss:java-driver-core:4.13.0'
    implementation 'com.datastax.oss:java-driver-query-builder:4.13.0'
    implementation 'com.datastax.oss:java-driver-mapper-runtime:4.13.0'
    implementation 'com.datastax.oss:native-protocol:1.5.0'
    
    compileOnly 'org.projectlombok:lombok:1.18.22'
    annotationProcessor 'org.projectlombok:lombok:1.18.22'
    
    testImplementation 'org.junit.jupiter:junit-jupiter-api:5.8.1'
    testRuntimeOnly 'org.junit.jupiter:junit-jupiter-engine:5.8.1'
    testImplementation 'org.mockito:mockito-core:2.1.0'
    testImplementation 'org.mockito:mockito-junit-jupiter:4.1.0'
    testImplementation 'org.mockito:mockito-core:4.1.0'
    implementation 'org.junit.platform:junit-platform-commons:1.8.1'

    compile 'org.springframework:spring-context'//:5.0.1.RELEASE'
    implementation 'org.springframework.boot:spring-boot-test-autoconfigure:1.4.0.RELEASE'
    testImplementation 'org.springframework.boot:spring-boot-starter-test'
    
}

test {
    useJUnitPlatform()
}

I've checked that I don't have .dockerignore file.

I tried many ways but couldn't solve this problem.. any lead here would be great help for me. Thanks in advance.

Answer 1

I believe you need to add the truststore to your container. It cant simply be copied. Try running the following command from the docker file.

curl https://www.amazontrust.com/repository/AmazonRootCA1.pem -O && \
openssl x509 -outform der -in AmazonRootCA1.pem -out temp_file.der && \
keytool -import -alias new-cassandra -keystore cassandra_truststore.jks -file temp_file.der -storepass amazon -noprompt

For reference see. https://docs.aws.amazon.com/keyspaces/latest/devguide/using_java_driver.html