Revert to form of original command, skip errors

[hamc17]

Overview

The command find is not available in the base image.
Using find would be preferable to ls, but this is the best option in this case.
The PR reverts the cert enumeration command to the original and suppresses errors in the case that either .pem or .crt files are not found.

Release Notes

• Revert to original cert enumeration command, suppress errors

Related

Closes #181

Summary by CodeRabbit

• Chores
  • Improved the container image build to more reliably import trusted TLS certificate files.
  • Updated how certificates are appended to the system CA bundle, ensuring only valid certificate matches are included during image creation.

[coderabbitai]

Walkthrough

The Docker build step that imports trusted certificates now uses a shell loop over /opt/certs/*.pem and /opt/certs/*.crt instead of find ... -exec cat, while still appending into the same CA bundle file.

Changes

Certificate bundle import

Layer / File(s)	Summary
Shell loop certificate append Dockerfile	The CA bundle import logic now iterates over matching PEM and CRT files with a shell loop, skips missing glob matches, and appends each file to /etc/pki/tls/certs/ca-bundle.crt.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• AbsaOSS/EventGate#180: Changes the same Dockerfile certificate import path and the /opt/certs enumeration logic that this PR adjusts.

Suggested reviewers

• petr-pokorny-absa
• oto-macenauer-absa
• lsulak
• tmikula-dev

Poem

A rabbit hopped by with a grin,
and looped the certificates in.
No find in sight,
just bundle it right,
and the CA jarred joy sprang within. 🐇

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description check	✅ Passed	The description follows the template with Overview, Release Notes, and Related sections filled in.
Linked Issues check	✅ Passed	The change addresses #181 by avoiding find and handling missing .pem/.crt matches without failing the build.
Out of Scope Changes check	✅ Passed	The PR stays focused on cert enumeration in the Dockerfile and does not introduce unrelated changes.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Title check	✅ Passed	The title matches the main change: reverting to the original cert enumeration command while skipping errors for unmatched files.

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch bugfix/181-find-command-missing-base-image

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[coderabbitai]

🧹 Nitpick comments (1)

Dockerfile (1)

35-36: 🩺 Stability & Availability | 🔵 Trivial

Avoid masking real CA import failures in the shell loop.

Suppressing ls errors with 2>/dev/null hides listing failures beyond "no match", and the for loop discards the ls exit code. Additionally, cat $FILE without quotes breaks on filenames containing whitespace. These issues can leave /etc/PKI/tls/certs/ca-bundle.crt incomplete while downstream steps like wget rely on it.

Suggested change

-  for FILE in `ls /opt/certs/*.pem /opt/certs/*.crt 2>/dev/null`; \
-    do cat $FILE >> /etc/pki/tls/certs/ca-bundle.crt ; done && \
+  for FILE in /opt/certs/*.pem /opt/certs/*.crt; do \
+    [ -e "$FILE" ] || continue; \
+    cat "$FILE" >> /etc/pki/tls/certs/ca-bundle.crt; \
+  done && \

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@Dockerfile` around lines 35 - 36, The CA import loop in the Dockerfile is
masking real failures because it relies on `ls ... 2>/dev/null` inside a `for`
loop and then concatenates files with an unquoted `cat $FILE`. Update this
section to iterate over matching cert files directly without suppressing listing
errors, preserve failure behavior when no files are present or a read fails, and
quote the file variable in the `cat` call so filenames with whitespace are
handled safely.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Nitpick comments:
In `@Dockerfile`:
- Around line 35-36: The CA import loop in the Dockerfile is masking real
failures because it relies on `ls ... 2>/dev/null` inside a `for` loop and then
concatenates files with an unquoted `cat $FILE`. Update this section to iterate
over matching cert files directly without suppressing listing errors, preserve
failure behavior when no files are present or a read fails, and quote the file
variable in the `cat` call so filenames with whitespace are handled safely.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 858e59cb-5fdd-4b09-99dc-a702999e48e9

📥 Commits

Reviewing files that changed from the base of the PR and between 4f5eaa7 and 170529c.

📒 Files selected for processing (1)

• Dockerfile