Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Firebase Admin Go SDK getting x509 certificate error ONLY when running inside Kubernetes

I'm currently working on a project using the Firebase Admin Go SDK to handle auth and to use the real time database. The project works correctly when I run it locally (by just running go run main.go). When I run it in Minikube via a docker image (or GKE, I've tested both) I get this error whenever I try to make any Firestore calls:

transport: authentication handshake failed: x509: certificate signed by unknown authority

Here is the code I'm using on the server to make the call to the DB:

// Initialize the app 
opt := option.WithCredentialsFile("./serviceAccountKey.json")
app, err := firebase.NewApp(context.Background(), nil, opt)
// This is the first call I attempt to make, and where the error is thrown
// Create the client
client, err := app.Firestore(context.Background())
iter := client.Collection("remoteModels").Documents(context.Background())
snaps, err := iter.GetAll()
if err != nil {
    logger.Log.Warn("Error getting all remoteModels")
    fmt.Println(err)
    return err
}  

And here is my Dockerfile that adds the service account key Firebase provided me from the console:

FROM scratch

ADD main /
ADD serviceAccountKey.json /

EXPOSE 9090

ENTRYPOINT ["/main", "-grpc-port=9090", "-http-port=9089", "-env=prod"]

I can't find anything in the documentation about running in Kubernetes.
Is there anything I need to do to be able to connect to Firestore from Kubernetes?

like image 307
Diericx Avatar asked Mar 30 '19 20:03

Diericx


1 Answers

If you are using alpine based images try running apk add ca-certificates it looks like a tls error.
Install ca certificates, it should resolve the issue

like image 98
Ankit Deshpande Avatar answered Oct 14 '22 16:10

Ankit Deshpande