From 92cf7283712ca7363bcf869846463ec66532cfdb Mon Sep 17 00:00:00 2001
From: DQ <dengq@vmware.com>
Date: Wed, 20 Jan 2021 10:52:34 +0800
Subject: [PATCH] Add custom cert for exporter

* injecting custom certs related config to exporter

Signed-off-by: DQ <dengq@vmware.com>
---
 make/photon/exporter/Dockerfile                        | 10 ++++++++--
 make/photon/exporter/entrypoint.sh                     |  7 +++++++
 .../templates/docker_compose/docker-compose.yml.jinja  |  4 ++++
 3 files changed, 19 insertions(+), 2 deletions(-)
 create mode 100644 make/photon/exporter/entrypoint.sh

diff --git a/make/photon/exporter/Dockerfile b/make/photon/exporter/Dockerfile
index 59cc619f5..d35263814 100644
--- a/make/photon/exporter/Dockerfile
+++ b/make/photon/exporter/Dockerfile
@@ -17,9 +17,15 @@ RUN tdnf install -y tzdata shadow >> /dev/null \
     && mkdir /harbor/
 
 COPY --from=build /out/harbor_exporter /harbor/harbor_exporter
-RUN chown harbor:harbor /harbor/harbor_exporter && chmod u+x /harbor/harbor_exporter
+COPY ./make/photon/exporter/entrypoint.sh ./make/photon/common/install_cert.sh /harbor/
+
+RUN chown -R harbor:harbor /etc/pki/tls/certs \
+    && chown -R harbor:harbor /harbor/ \
+    && chmod u+x /harbor/entrypoint.sh \
+    && chmod u+x /harbor/install_cert.sh \
+    && chmod u+x /harbor/harbor_exporter
 
 WORKDIR /harbor
 USER harbor
 
-ENTRYPOINT ["/harbor/harbor_exporter"]
+ENTRYPOINT ["/harbor/entrypoint.sh"]
diff --git a/make/photon/exporter/entrypoint.sh b/make/photon/exporter/entrypoint.sh
new file mode 100644
index 000000000..d5bd5c9ed
--- /dev/null
+++ b/make/photon/exporter/entrypoint.sh
@@ -0,0 +1,7 @@
+#!/bin/sh
+
+set -e
+
+/harbor/install_cert.sh
+
+/harbor/harbor_exporter
diff --git a/make/photon/prepare/templates/docker_compose/docker-compose.yml.jinja b/make/photon/prepare/templates/docker_compose/docker-compose.yml.jinja
index d0db51ddf..329ae71a3 100644
--- a/make/photon/prepare/templates/docker_compose/docker-compose.yml.jinja
+++ b/make/photon/prepare/templates/docker_compose/docker-compose.yml.jinja
@@ -547,6 +547,10 @@ services:
   {% if external_database == False %}
       - postgresql
   {% endif %}
+    volumes:
+      - type: bind
+        source: ./common/config/shared/trust-certificates
+        target: /harbor_cust_cert
     logging:
       driver: "syslog"
       options: