I'm currently working on a project using the Firebase Admin Go SDK to handle auth and to use the real time database. The project works correctly when I run it locally (by just running go run main.go
). When I run it in Minikube via a docker image (or GKE, I've tested both) I get this error whenever I try to make any Firestore calls:
transport: authentication handshake failed: x509: certificate signed by unknown authority
Here is the code I'm using on the server to make the call to the DB:
// Initialize the app
opt := option.WithCredentialsFile("./serviceAccountKey.json")
app, err := firebase.NewApp(context.Background(), nil, opt)
// This is the first call I attempt to make, and where the error is thrown
// Create the client
client, err := app.Firestore(context.Background())
iter := client.Collection("remoteModels").Documents(context.Background())
snaps, err := iter.GetAll()
if err != nil {
logger.Log.Warn("Error getting all remoteModels")
fmt.Println(err)
return err
}
And here is my Dockerfile that adds the service account key Firebase provided me from the console:
FROM scratch
ADD main /
ADD serviceAccountKey.json /
EXPOSE 9090
ENTRYPOINT ["/main", "-grpc-port=9090", "-http-port=9089", "-env=prod"]
I can't find anything in the documentation about running in Kubernetes.
Is there anything I need to do to be able to connect to Firestore from Kubernetes?
If you are using alpine based images try running apk add ca-certificates
it looks like a tls error.
Install ca certificates, it should resolve the issue
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With