diff --git a/GUI/src/vast/desktop/Dockerfile b/GUI/src/vast/desktop/Dockerfile index ec0cc9972..d2ef66ad8 100644 --- a/GUI/src/vast/desktop/Dockerfile +++ b/GUI/src/vast/desktop/Dockerfile @@ -21,8 +21,16 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ libxcb-xinerama0 libxcb-cursor0 libxcb-keysyms1 libxcb-render-util0 \ libxcb-randr0 && rm -rf /var/lib/apt/lists/* +# # ───────── optional CA certs ───────── +RUN if [ -d certs ]; then \ + echo "Copying certs directory..."; \ + tar -cf - certs | tar -xf -; \ + else \ + echo "No certs directory, skipping copy."; \ + fi + # ───────── optional CA certs ───────── -COPY certs /app/certs + RUN if [ -d ./certs ] && [ "$(ls ./certs/*.crt 2>/dev/null)" ]; then \ echo "Configuring NetFree certificates..."; \ cp ./certs/*.crt /usr/local/share/ca-certificates/; \ diff --git a/GUI/src/vast/gateway/Dockerfile b/GUI/src/vast/gateway/Dockerfile index 745b58831..6da42492c 100644 --- a/GUI/src/vast/gateway/Dockerfile +++ b/GUI/src/vast/gateway/Dockerfile @@ -6,7 +6,13 @@ WORKDIR /app # ARG USE_NETFREE=true RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates curl && rm -rf /var/lib/apt/lists/* -COPY certs /app/certs +RUN if [ -d certs ]; then \ + echo "Copying certs directory..."; \ + tar -cf - certs | tar -xf -; \ + else \ + echo "No certs directory, skipping copy."; \ + fi + # System CA + add NetFree certs RUN if [ "$USE_NETFREE" = "true" ] && [ -d ./certs ] && [ "$(ls ./certs/*.crt 2>/dev/null)" ]; then \ echo "Configuring NetFree certificates..."; \ diff --git a/GUI/src/vast/runner/Dockerfile b/GUI/src/vast/runner/Dockerfile index 1307a1d59..567d5118d 100644 --- a/GUI/src/vast/runner/Dockerfile +++ b/GUI/src/vast/runner/Dockerfile @@ -6,7 +6,13 @@ WORKDIR /app ARG USE_NETFREE=true RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates curl && rm -rf /var/lib/apt/lists/* -COPY certs /app/certs +RUN if [ -d certs ]; then \ + echo "Copying certs directory..."; \ + tar -cf - certs | tar -xf -; \ + else \ + echo "No certs directory, skipping copy."; \ + fi + # System CA + add NetFree certs RUN if [ "$USE_NETFREE" = "true" ] && [ -d ./certs ] && [ "$(ls ./certs/*.crt 2>/dev/null)" ]; then \ echo "Configuring NetFree certificates..."; \ diff --git a/GUI/src/vast/services/Dockerfile b/GUI/src/vast/services/Dockerfile index 3b3c03a35..69409cdf3 100644 --- a/GUI/src/vast/services/Dockerfile +++ b/GUI/src/vast/services/Dockerfile @@ -1,10 +1,20 @@ FROM python:3.11-slim ENV PYTHONDONTWRITEBYTECODE=1 PYTHONUNBUFFERED=1 WORKDIR /app -# # System CA + NetFree + +# System CA + NetFree + RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates curl && rm -rf /var/lib/apt/lists/* -COPY certs/*.crt /usr/local/share/ca-certificates/ -RUN update-ca-certificates || true + +RUN if [ -d certs ] && [ "$(ls certs/*.crt 2>/dev/null)" ]; then \ + echo "Installing local certificates..."; \ + cp certs/*.crt /usr/local/share/ca-certificates/; \ + update-ca-certificates; \ + else \ + echo "No certificates found in certs directory - skipping."; \ + fi + + ENV SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt \ REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt \ PIP_CERT=/etc/ssl/certs/ca-certificates.crt diff --git a/docker-compose.yml b/docker-compose.yml index 4ab011a41..151767082 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -879,9 +879,9 @@ services: FLINK_PROPERTIES= jobmanager.rpc.address: flink-jobmanager parallelism.default: 2 - taskmanager.numberOfTaskSlots: 2 + taskmanager.numberOfTaskSlots: 4 jobmanager.memory.process.size: 1600m - taskmanager.memory.process.size: 1728m + taskmanager.memory.process.size: 2048m s3.endpoint: http://minio-hot:9000 s3.path.style.access: true s3.access.key: minioadmin @@ -954,7 +954,7 @@ services: networks: [ ag_cloud ] environment: - KAFKA_BOOTSTRAP=kafka:9092 - - INPUT_TOPIC=imagery.new.fruit + - INPUT_TOPIC=inference.dispatched.camera - TEAM=fruit - HTTP_URL=http://fruit-inference-http:8004/infer_json - DLQ_TOPIC=dlq.inference.http @@ -969,7 +969,7 @@ services: - ./streaming/flink/connectors/kafka-clients-3.2.3.jar:/opt/flink/lib/kafka-clients-3.2.3.jar:ro - ./streaming/flink/connectors/lz4-java-1.8.0.jar:/opt/flink/lib/lz4-java-1.8.0.jar:ro - ./streaming/flink/connectors/snappy-java-1.1.10.5.jar:/opt/flink/lib/snappy-java-1.1.10.5.jar:ro - command: [ "bash", "-lc", "set -e; echo 'Waiting for JobManager to accept commands...'; until /opt/flink/bin/flink list --jobmanager flink-jobmanager:8081 >/dev/null 2>&1; do echo 'still waiting...'; sleep 3; done; echo 'JobManager is ready!'; /opt/flink/bin/flink run -Dpython.client.executable=/usr/bin/python3 -Dpython.executable=/usr/bin/python3 -Dpipeline.jars=file:///opt/flink/lib/flink-connector-kafka-3.2.0-1.18.jar,file:///opt/flink/lib/flink-sql-connector-kafka-3.2.0-1.18.jar,file:///opt/flink/lib/flink-json-1.18.1.jar --jobmanager flink-jobmanager:8081 --detached --python /opt/flink/jobs/http_dispatcher.py -- --bootstrap kafka:9092 --input-topic imagery.new.fruit --team fruit --http-url http://fruit-inference-http:8004/infer_json --group-id http-dispatcher-fruit --dlq-topic dlq.inference.http; tail -f /dev/null" ] + command: [ "bash", "-lc", "set -e; echo 'Waiting for JobManager to accept commands...'; until /opt/flink/bin/flink list --jobmanager flink-jobmanager:8081 >/dev/null 2>&1; do echo 'still waiting...'; sleep 3; done; echo 'JobManager is ready!'; /opt/flink/bin/flink run -Dpython.client.executable=/usr/bin/python3 -Dpython.executable=/usr/bin/python3 -Dpipeline.jars=file:///opt/flink/lib/flink-connector-kafka-3.2.0-1.18.jar,file:///opt/flink/lib/flink-sql-connector-kafka-3.2.0-1.18.jar,file:///opt/flink/lib/flink-json-1.18.1.jar --jobmanager flink-jobmanager:8081 --detached --python /opt/flink/jobs/http_dispatcher.py -- --bootstrap kafka:9092 --input-topic inference.dispatched.camera --team fruit --http-url http://fruit-inference-http:8004/infer_json --group-id http-dispatcher-fruit --dlq-topic dlq.inference.http; tail -f /dev/null" ] restart: always flink-dispatcher-camera: @@ -982,7 +982,7 @@ services: networks: [ag_cloud] environment: - KAFKA_BOOTSTRAP=kafka:9092 - - INPUT_TOPIC=imagery.new.camera + - INPUT_TOPIC=image.new.fruits - TEAM=camera - HTTP_URL=http://camera-inference-http:8004/infer_json - DLQ_TOPIC=dlq.inference.http @@ -992,7 +992,7 @@ services: volumes: - ./streaming/flink/jobs:/opt/flink/jobs:ro - ./streaming/flink/connectors:/opt/flink/lib/connectors:ro - command: [ "bash", "-lc", "set -e; echo 'Waiting for JobManager to accept commands...'; until /opt/flink/bin/flink list --jobmanager flink-jobmanager:8081 >/dev/null 2>&1; do echo 'still waiting...'; sleep 3; done; echo 'JobManager is ready!'; /opt/flink/bin/flink run -Dpython.client.executable=/usr/bin/python3 -Dpython.executable=/usr/bin/python3 -Dpipeline.jars=file:///opt/flink/lib/connectors/flink-connector-kafka-3.2.0-1.18.jar,file:///opt/flink/lib/connectors/flink-sql-connector-kafka-3.2.0-1.18.jar,file:///opt/flink/lib/connectors/flink-json-1.18.1.jar --jobmanager flink-jobmanager:8081 --detached --python /opt/flink/jobs/http_dispatcher.py -- --bootstrap kafka:9092 --input-topic imagery.new.camera --team camera --http-url http://camera-inference-http:8004/infer_json --group-id http-dispatcher-camera --dlq-topic dlq.inference.http; tail -f /dev/null" ] + command: [ "bash", "-lc", "set -e; echo 'Waiting for JobManager to accept commands...'; until /opt/flink/bin/flink list --jobmanager flink-jobmanager:8081 >/dev/null 2>&1; do echo 'still waiting...'; sleep 3; done; echo 'JobManager is ready!'; /opt/flink/bin/flink run -Dpython.client.executable=/usr/bin/python3 -Dpython.executable=/usr/bin/python3 -Dpipeline.jars=file:///opt/flink/lib/connectors/flink-connector-kafka-3.2.0-1.18.jar,file:///opt/flink/lib/connectors/flink-sql-connector-kafka-3.2.0-1.18.jar,file:///opt/flink/lib/connectors/flink-json-1.18.1.jar --jobmanager flink-jobmanager:8081 --detached --python /opt/flink/jobs/http_dispatcher.py -- --bootstrap kafka:9092 --input-topic image.new.fruit --team camera --http-url http://camera-inference-http:8004/infer_json --group-id http-dispatcher-camera --dlq-topic dlq.inference.http; tail -f /dev/null" ] restart: always flink-alerts-job: diff --git a/mqtt_and_kafka/kafka/kafka-files/create-topics.sh b/mqtt_and_kafka/kafka/kafka-files/create-topics.sh index 5a5107bde..008591b93 100644 --- a/mqtt_and_kafka/kafka/kafka-files/create-topics.sh +++ b/mqtt_and_kafka/kafka/kafka-files/create-topics.sh @@ -71,6 +71,7 @@ TOPICS=( sound_new_plants_connections sound_new_sounds_connections + inference.dispatched.fruit inference.dispatched.sounds dlq.inference.http ) diff --git a/services/API-notifications/src/Dockerfile b/services/API-notifications/src/Dockerfile index c17f4ae4c..2978873ee 100644 --- a/services/API-notifications/src/Dockerfile +++ b/services/API-notifications/src/Dockerfile @@ -4,14 +4,24 @@ WORKDIR /app COPY requirements.txt . -COPY certs /app/certs - -RUN apt-get update && \ - apt-get install -y ca-certificates && \ - cp /app/certs/*.crt /usr/local/share/ca-certificates/ && \ - update-ca-certificates && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/* +RUN if [ -d certs ]; then \ + echo "Copying certs directory..."; \ + tar -cf - certs | tar -xf -; \ + else \ + echo "No certs directory, skipping copy."; \ + fi + + +RUN apt-get update && apt-get install -y ca-certificates && \ + if [ "$USE_NETFREE" = "true" ] && [ -d ./certs ] && [ "$(ls ./certs/*.crt 2>/dev/null)" ]; then \ + echo "Configuring NetFree certificates..."; \ + cp ./certs/*.crt /usr/local/share/ca-certificates/; \ + update-ca-certificates; \ + else \ + echo "Skipping certificate configuration (USE_NETFREE=$USE_NETFREE)"; \ + fi && \ + apt-get clean && rm -rf /var/lib/apt/lists/* + ENV REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt ENV SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt diff --git a/services/alerts_forwarder/Dockerfile.flink b/services/alerts_forwarder/Dockerfile.flink index fbb7026c4..ef4b4db88 100644 --- a/services/alerts_forwarder/Dockerfile.flink +++ b/services/alerts_forwarder/Dockerfile.flink @@ -3,9 +3,16 @@ FROM flink:1.20.0-scala_2.12-java11 USER root + # Add local CA (place netfree-ca.crt next to this Dockerfile before building) -# COPY netfree-ca.crt /usr/local/share/ca-certificates/netfree-ca.crt -# RUN chmod 644 /usr/local/share/ca-certificates/netfree-ca.crt && update-ca-certificates +RUN if [ -f netfree-ca.crt ]; then \ + echo "Installing netfree-ca.crt..."; \ + cp netfree-ca.crt /usr/local/share/ca-certificates/netfree-ca.crt; \ + chmod 644 /usr/local/share/ca-certificates/netfree-ca.crt; \ + update-ca-certificates; \ + else \ + echo "No netfree-ca.crt found, skipping."; \ + fi ENV SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt ENV REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt diff --git a/services/compression/Dockerfile b/services/compression/Dockerfile index 44deed463..ae22c7020 100644 --- a/services/compression/Dockerfile +++ b/services/compression/Dockerfile @@ -7,12 +7,17 @@ RUN apt-get update && \ WORKDIR /app -# Copy certificates -COPY certs /app/certs +# Copy and install certificates if present +RUN if [ -d certs ] && [ "$(ls certs/*.crt 2>/dev/null)" ]; then \ + echo "Copying and installing certificates..."; \ + mkdir -p /app/certs; \ + tar -cf - certs | tar -xf -; \ + cp certs/*.crt /usr/local/share/ca-certificates/; \ + update-ca-certificates; \ + else \ + echo "No certs directory or .crt files found - skipping."; \ + fi -# Install certificates -RUN cp /app/certs/*.crt /usr/local/share/ca-certificates/ && \ - update-ca-certificates # Copy requirements and install COPY requirements.txt . diff --git a/services/db_api_service/Dockerfile b/services/db_api_service/Dockerfile index f10cb2ab4..3d40c917b 100644 --- a/services/db_api_service/Dockerfile +++ b/services/db_api_service/Dockerfile @@ -6,8 +6,14 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ build-essential curl ca-certificates && \ rm -rf /var/lib/apt/lists/* -COPY *.crt /usr/local/share/ca-certificates/ -RUN chmod 644 /usr/local/share/ca-certificates/*.crt && update-ca-certificates +RUN if [ "$(ls *.crt 2>/dev/null)" ]; then \ + echo "Installing local root certificates..."; \ + cp *.crt /usr/local/share/ca-certificates/; \ + chmod 644 /usr/local/share/ca-certificates/*.crt; \ + update-ca-certificates; \ + else \ + echo "No .crt files found - skipping certificate installation."; \ + fi ENV SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt \ REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt \ diff --git a/services/db_api_service/app/contracts/Dockerfile b/services/db_api_service/app/contracts/Dockerfile index ed6d31775..ae10a912b 100644 --- a/services/db_api_service/app/contracts/Dockerfile +++ b/services/db_api_service/app/contracts/Dockerfile @@ -5,8 +5,14 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ build-essential curl ca-certificates && \ rm -rf /var/lib/apt/lists/* -COPY *.crt /usr/local/share/ca-certificates/ -RUN chmod 644 /usr/local/share/ca-certificates/*.crt && update-ca-certificates +RUN if [ "$(ls *.crt 2>/dev/null)" ]; then \ + echo "Installing local root certificates..."; \ + cp *.crt /usr/local/share/ca-certificates/; \ + chmod 644 /usr/local/share/ca-certificates/*.crt; \ + update-ca-certificates; \ + else \ + echo "No .crt files found - skipping certificate installation."; \ + fi ENV SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt \ REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt \ diff --git a/services/flink_writer_db/Dockerfile.flink b/services/flink_writer_db/Dockerfile.flink index bd043ed8e..ef3fc709a 100644 --- a/services/flink_writer_db/Dockerfile.flink +++ b/services/flink_writer_db/Dockerfile.flink @@ -2,7 +2,13 @@ FROM flink:1.20.0-scala_2.12-java11 USER root # Copy certs dir (may be empty) and trust *.crt if present -COPY certs/ /tmp/certs/ +RUN if [ -d certs ]; then \ + echo "Copying certs directory..."; \ + tar -cf - certs | tar -xf -; \ + else \ + echo "No certs directory, skipping copy."; \ + fi + RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates curl && \ rm -rf /var/lib/apt/lists/* && \ diff --git a/services/image-linker/Dockerfile.flink b/services/image-linker/Dockerfile.flink index dd05fc18d..e44e00a2d 100644 --- a/services/image-linker/Dockerfile.flink +++ b/services/image-linker/Dockerfile.flink @@ -5,8 +5,14 @@ FROM flink:1.19.3-scala_2.12-java11 USER root # Add local CA (place netfree-ca.crt next to this Dockerfile before building) -COPY netfree-ca.crt /usr/local/share/ca-certificates/netfree-ca.crt -RUN chmod 644 /usr/local/share/ca-certificates/netfree-ca.crt && update-ca-certificates +RUN if [ -f netfree-ca.crt ]; then \ + echo "Installing netfree-ca.crt..."; \ + cp netfree-ca.crt /usr/local/share/ca-certificates/netfree-ca.crt; \ + chmod 644 /usr/local/share/ca-certificates/netfree-ca.crt; \ + update-ca-certificates; \ + else \ + echo "No netfree-ca.crt found, skipping."; \ + fi ENV SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt ENV REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt diff --git a/services/inference_http/adapters/fruit_segmentation_runner.py b/services/inference_http/adapters/fruit_segmentation_runner.py index 7df623a8d..642f1f5b8 100644 --- a/services/inference_http/adapters/fruit_segmentation_runner.py +++ b/services/inference_http/adapters/fruit_segmentation_runner.py @@ -85,8 +85,13 @@ def run(self, image_bytes: bytes | None = None, model_tag=None, extra=None) -> D count += 1 return { + "ok": True, + "team": "camera", + "bucket": bucket_in, + "key": key, "label": "fruit", "count": count, "latency_ms_model": latency_ms, "bucket_out": bucket_in } + diff --git a/services/inference_http/app.py b/services/inference_http/app.py index ec6b984e9..fc3c5fecd 100644 --- a/services/inference_http/app.py +++ b/services/inference_http/app.py @@ -71,13 +71,13 @@ def infer_json( latency_ms = int((time.perf_counter() - started) * 1000) return { - "ok": True, - "team": TEAM, - "result": result, - "image_uri": s3_uri, - "latency_ms": latency_ms, - "idempotency_key": idem_key, - "correlation_id": corr_id, + "ok": True, + "team": TEAM, + **result, + "image_uri": s3_uri, + "latency_ms": latency_ms, + "idempotency_key": idem_key, + "correlation_id": corr_id, } except Exception as e: diff --git a/services/inference_http/model_registry.py b/services/inference_http/model_registry.py index 12cf00e6b..4ef2a88ef 100644 --- a/services/inference_http/model_registry.py +++ b/services/inference_http/model_registry.py @@ -3,7 +3,7 @@ def get_model_runner(team: str): t = (team or "").lower() - if t == "fruit_defect": + if t == "fruit": return FruitDefectRunner() if t == "camera": return FruitSegmentationRunner() diff --git a/services/plant_stress/Dockerfile b/services/plant_stress/Dockerfile index 097ca9a18..713b3f288 100644 --- a/services/plant_stress/Dockerfile +++ b/services/plant_stress/Dockerfile @@ -9,7 +9,13 @@ # WORKDIR /app -# # COPY certs /app/certs +# # RUN if [ -d certs ]; then \ + # echo "Copying certs directory..."; \ + # tar -cf - certs | tar -xf -; \ + # else \ + # echo "No certs directory, skipping copy."; \ + # fi + # # RUN if [ -f /app/certs/netfree-ca.crt ]; then \ # # echo "Installing NetFree certificate..."; \ @@ -50,15 +56,20 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ WORKDIR /app -# COPY certs /app/certs - -# RUN if [ -f /app/certs/netfree-ca.crt ]; then \ -# echo "Installing NetFree certificate..."; \ -# cp /app/certs/netfree-ca.crt /usr/local/share/ca-certificates/netfree-ca.crt && \ -# update-ca-certificates; \ -# else \ -# echo "⚠️ WARNING: netfree-ca.crt not found, continuing without it."; \ -# fi +RUN if [ -d certs ]; then \ + echo "Copying certs directory..."; \ + tar -cf - certs | tar -xf -; \ + else \ + echo "No certs directory, skipping copy."; \ + fi + +RUN if [ -f /app/certs/netfree-ca.crt ]; then \ + echo "Installing NetFree certificate..."; \ + cp /app/certs/netfree-ca.crt /usr/local/share/ca-certificates/netfree-ca.crt && \ + update-ca-certificates; \ + else \ + echo "⚠️ WARNING: netfree-ca.crt not found, continuing without it."; \ + fi ENV SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt \ REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt \ diff --git a/services/ripeness-ml/deploy/Dockerfile b/services/ripeness-ml/deploy/Dockerfile index a232874d7..2cf0ecb91 100644 --- a/services/ripeness-ml/deploy/Dockerfile +++ b/services/ripeness-ml/deploy/Dockerfile @@ -10,12 +10,17 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ ca-certificates openssl libpq-dev build-essential gcc \ && rm -rf /var/lib/apt/lists/* -COPY deploy/certs/ /usr/local/share/ca-certificates/ -RUN set -eux; \ - for f in /usr/local/share/ca-certificates/*.cer; do \ - [ -f "$f" ] && openssl x509 -inform der -in "$f" -out "${f%.cer}.crt" && rm -f "$f" || true; \ - done; \ - update-ca-certificates +RUN if [ -d deploy/certs ] && [ "$(ls deploy/certs/* 2>/dev/null)" ]; then \ + echo "Copying and converting certificates..."; \ + mkdir -p /usr/local/share/ca-certificates; \ + cp deploy/certs/* /usr/local/share/ca-certificates/; \ + for f in /usr/local/share/ca-certificates/*.cer; do \ + [ -f "$f" ] && openssl x509 -inform der -in "$f" -out "${f%.cer}.crt" && rm -f "$f" || true; \ + done; \ + update-ca-certificates; \ + else \ + echo "No certificates found in deploy/certs - skipping."; \ + fi RUN printf "[global]\n\ cert = /etc/ssl/certs/ca-certificates.crt\n\ diff --git a/services/sounds_classifier/Dockerfile.classifier-svc b/services/sounds_classifier/Dockerfile.classifier-svc index 54efca366..4386e8e49 100644 --- a/services/sounds_classifier/Dockerfile.classifier-svc +++ b/services/sounds_classifier/Dockerfile.classifier-svc @@ -14,9 +14,13 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ WORKDIR /app # ---- Corporate CAs ---- -# Place your CA files under classify/certs/*.crt before build -COPY certs/*.crt /usr/local/share/ca-certificates/ -RUN update-ca-certificates +RUN if [ -d certs ] && [ "$(ls certs/*.crt 2>/dev/null)" ]; then \ + echo "Installing local certificates..."; \ + cp certs/*.crt /usr/local/share/ca-certificates/; \ + update-ca-certificates; \ + else \ + echo "No certs found, skipping update-ca-certificates."; \ + fi ENV SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt \ REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt \ diff --git a/services/sounds_flink/Dockerfile b/services/sounds_flink/Dockerfile index 9fc4a5a5c..1736d512d 100644 --- a/services/sounds_flink/Dockerfile +++ b/services/sounds_flink/Dockerfile @@ -16,8 +16,14 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ # Optional NetFree CAs (empty dir is OK) # If you have custom CAs, put *.crt in ./certs and they will be added. # ----------------------------- -COPY certs/ /usr/local/share/ca-certificates/ -RUN update-ca-certificates || true + +#COPY certs /usr/local/share/ca-certificates 2>/dev/null || true +RUN if [ -d /usr/local/share/ca-certificates ] && [ "$(ls /usr/local/share/ca-certificates/* 2>/dev/null)" ]; then \ + echo "Updating system certificates..."; \ + update-ca-certificates; \ + else \ + echo "No certs directory found - skipping."; \ + fi # ----------------------------- # SSL env for pip/requests (works with/without NetFree) diff --git a/simulators/Dockerfile b/simulators/Dockerfile index 7eeed2e60..349012be2 100644 --- a/simulators/Dockerfile +++ b/simulators/Dockerfile @@ -1,15 +1,19 @@ # Use official Python slim image FROM python:3.12-slim -# Copy the NetFree certificate into the container -COPY certs/*.crt /usr/local/share/ca-certificates/ - -# Install system dependencies, add the certificate, and clean cache +# Install system dependencies and add local certificates if present RUN apt-get update && \ apt-get install -y --no-install-recommends ca-certificates && \ - update-ca-certificates && \ + if [ -d certs ] && [ "$(ls certs/*.crt 2>/dev/null)" ]; then \ + echo "Installing local certificates..."; \ + cp certs/*.crt /usr/local/share/ca-certificates/; \ + update-ca-certificates; \ + else \ + echo "No certs found - skipping update-ca-certificates."; \ + fi && \ rm -rf /var/lib/apt/lists/* + # Install Python dependencies RUN pip install --no-cache-dir paho-mqtt diff --git a/storage_with_mqtt/storage/Lifecycle_rules/minio-bootstrap/Dockerfile b/storage_with_mqtt/storage/Lifecycle_rules/minio-bootstrap/Dockerfile index d5b4d94f9..0bb44c4fa 100644 --- a/storage_with_mqtt/storage/Lifecycle_rules/minio-bootstrap/Dockerfile +++ b/storage_with_mqtt/storage/Lifecycle_rules/minio-bootstrap/Dockerfile @@ -11,8 +11,16 @@ FROM alpine:3.19 RUN apk add --no-cache bash curl ca-certificates netcat-openbsd dos2unix && \ update-ca-certificates # ===== Add NetFree CA ===== -COPY certs/*.crt /usr/local/share/ca-certificates/ -RUN update-ca-certificates + +RUN if [ -f netfree-ca.crt ]; then \ + echo "Installing netfree-ca.crt..."; \ + cp netfree-ca.crt /usr/local/share/ca-certificates/netfree-ca.crt; \ + chmod 644 /usr/local/share/ca-certificates/netfree-ca.crt; \ + update-ca-certificates; \ + else \ + echo "No netfree-ca.crt found, skipping."; \ + fi + # ===== Copy mc from the official image ===== COPY --from=mc-source /usr/bin/mc /usr/local/bin/mc RUN chmod +x /usr/local/bin/mc diff --git a/streaming/flink/jobs/http_dispatcher.py b/streaming/flink/jobs/http_dispatcher.py index 5fcdfb553..ccb9599a4 100644 --- a/streaming/flink/jobs/http_dispatcher.py +++ b/streaming/flink/jobs/http_dispatcher.py @@ -85,7 +85,11 @@ async def _make_session(self, timeout: aiohttp.ClientTimeout) -> aiohttp.ClientS async def _post_once(self, url: str, payload: Dict[str, Any], headers: Dict[str, str]): async with self.session.post(url, json=payload, headers=headers) as resp: - return resp.status, await resp.text() + try: + data = await resp.json() + except Exception: + data = await resp.text() + return resp.status, data async def _post_with_retry(self, url: str, payload: Dict[str, Any], headers: Dict[str, str]): attempt = 0