Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Issue with connecting Golang application on Cloud Run with Firestore

I try to get all Documents from Firestore using the below function.

The credentials are stored in an encrypted file in a GCP Cloud Source repository. I decrypted the configuration in the Cloud Build trigger and set the ENV in the Dockerfile pointing to the file. I see the content by RUN ls /app/credentials.json.

The error I get in the application log: rpc error: code = Unavailable desc = all SubConns are in TransientFailure, latest connection error: connection error: desc = "transport: authentication handshake failed: x509: certificate signed by unknown authority"

The credentials are stored in an encrypted file in a GCP Cloud Source repository. I decrypted the configuration in the Cloud Build trigger and set the ENV in the Dockerfile pointing to the file. I see the content by RUN ls /app/credentials.json.

The error I get in the application log: rpc error: code = Unavailable desc = all SubConns are in TransientFailure, latest connection error: connection error: desc = "transport: authentication handshake failed: x509: certificate signed by unknown authority"

like image 806
markus van laak Avatar asked Mar 04 '23 00:03

markus van laak


1 Answers

This error is the result of an HTTPS failure where the certificate cannot be verified. The Alpine base image is missing a package that provides root certificates. Currently the Cloud Run quickstart is missing this for at least the Go language.

Assuming this is your problem, add the following to the final stage of your Dockerfile:

RUN apk add --no-cache ca-certificates
like image 146
Grayside Avatar answered May 05 '23 13:05

Grayside