I am writing a Docker image based off of maven:3.6.0-jdk-11-slim to integrate with our Jenkins Pipeline. I am working in a corporate environment that's behind a pretty tight firewall, and I need to add certificates in order to download the necessary dependencies from our Nexus server.
However, because Docker only allows for relative paths when copying files into the image, I would need to provide the ca.crt in the same directory as the Dockerfile and thus commit everything to SCM which I am not thrilled about.
Am I being too cautious in not wanting to commit our ca-cert? Or is there a workaround that would allow me to use the certificate that already exists on the build server?
Dockerfile for reference:
# Build Stage
COPY ca.crt /usr/local/share/ca-certificates
COPY pom.xml /tmp/pom.xml
COPY settings.xml /usr/share/maven/ref/settings.xml
RUN mvn -f /tmp/pom.xml -X -s /usr/share/maven/ref/settings.xml clean package
DISCLAIMER I'm not sure if this is the correct forum to pose this question, so I will happily move it if not.