azure: docker: use insecure flag to fix curl downloads

We currently hve some problems with our curl downloads when building Docker images. It's not quite obvious what the problem is and they seem to occur semi-randomly. To unblock our CI, let's add the "--insecure" flag to curl to ignore any certificate errors. This is intended as a temporary solution only.

azure: docker: use insecure flag to fix curl downloads
We currently hve some problems with our curl downloads when building Docker images. It's not quite obvious what the problem is and they seem to occur semi-randomly. To unblock our CI, let's add the "--insecure" flag to curl to ignore any certificate errors. This is intended as a temporary solution only.
8621bdda · Patrick Steinhardt · 95f329b4 · 8621bdda · 8621bdda
Commit 8621bdda authored Mar 13, 2020 by Patrick Steinhardt
Show whitespace changes
Inline Side-by-side

Showing with 4 additions and 8 deletions

azure-pipelines/docker/bionic
+1 -3

azure-pipelines/docker/xenial
+3 -5

No files found.
--- a/azure-pipelines/docker/bionic
+++ b/azure-pipelines/docker/bionic
@@ -25,9 +25,7 @@ RUN apt-get update && \

 FROM apt AS mbedtls
 RUN cd /tmp && \
-    curl --location --silent --show-error http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt | openssl x509 -inform der -out /tmp/cacert.pem && \
-    curl --location --silent --show-error https://curl.haxx.se/ca/cacert.pem >> /tmp/cacert.pem && \
-    curl --location --silent --show-error https://tls.mbed.org/download/mbedtls-2.16.2-apache.tgz --cacert /tmp/cacert.pem | \
+    curl --insecure --location --silent --show-error https://tls.mbed.org/download/mbedtls-2.16.2-apache.tgz | \
    tar -xz && \
    cd mbedtls-2.16.2 && \
    scripts/config.pl set MBEDTLS_MD4_C 1 && \

--- a/azure-pipelines/docker/xenial
+++ b/azure-pipelines/docker/xenial
@@ -29,9 +29,7 @@ RUN apt-get update && \

 FROM apt AS mbedtls
 RUN cd /tmp && \
-    curl --location --silent --show-error http://secure.globalsign.com/cacert/gsrsaovsslca2018.crt | openssl x509 -inform der -out /tmp/cacert.pem && \
-    curl --location --silent --show-error https://curl.haxx.se/ca/cacert.pem >> /tmp/cacert.pem && \
-    curl --location --silent --show-error https://tls.mbed.org/download/mbedtls-2.16.2-apache.tgz --cacert /tmp/cacert.pem | \
+    curl --insecure --location --silent --show-error https://tls.mbed.org/download/mbedtls-2.16.2-apache.tgz | \
    tar -xz && \
    cd mbedtls-2.16.2 && \
    scripts/config.pl set MBEDTLS_MD4_C 1 && \
@@ -42,7 +40,7 @@ RUN cd /tmp && \

 FROM mbedtls AS libssh2
 RUN cd /tmp && \
-    curl --location --silent --show-error https://www.libssh2.org/download/libssh2-1.8.2.tar.gz | \
+    curl --insecure --location --silent --show-error https://www.libssh2.org/download/libssh2-1.8.2.tar.gz | \
    tar -xz && \
    cd libssh2-1.8.2 && \
    CFLAGS=-fPIC cmake -G Ninja -DBUILD_SHARED_LIBS=ON -DCRYPTO_BACKEND=Libgcrypt . && \
@@ -52,7 +50,7 @@ RUN cd /tmp && \

 FROM libssh2 AS valgrind
 RUN cd /tmp && \
-    curl --location --silent --show-error https://sourceware.org/pub/valgrind/valgrind-3.15.0.tar.bz2 | \
+    curl --insecure --location --silent --show-error https://sourceware.org/pub/valgrind/valgrind-3.15.0.tar.bz2 | \
    tar -xj && \
    cd valgrind-3.15.0 && \
    ./configure && \