I’ll preface my comment with, I’ve read this post which includes my exact error. However, I suspect that my error is that I am misunderstanding the purpose of these ENV vars:
My initial thought was that these env vars are what the nodejs web app would use to support HTTPS usage in the browser. However, after some investigation, it appears that these env vars are for mutual authentication to the frontend services (i.e. client certs for access to the frontend service). The certificates I’m providing in these env vars are not being added to the frontend services as valid client certs as they are used to enable HTTPS for the temporal web ingress. I think this is the reason for the ssl errors I’m seeing the temporal web app logs.
I have a requirement to support end-to-end TLS encryption for EKS-based applications (SSL to the container) but after looking at the temporal web source, I’m wondering if it’s even possible. It looks like the temporal web is based on Koa and based on the koa docs regarding enabling HTTPS, I’m thinking that the current temporal web code does not currently support running the koa app as an https server, and thus does not support end-to-end encryption.
@Ruslan, I was able to get the docker build working. I am behind a corporate proxy which causes issues when I tried to run the make command, so I manually downloaded the proto files, which seemed to work. Then I had issues running the npm install and run commands inside a docker container, again due to the proxy. Outside the docker container, I was able to run the commands just fine as I’ve already accounted for the proxy in my local npm cli. So I ran these commands locally from the root of the repo
npm install --production
npm run build-production
Then I deleted the grpc module as it had a platform-specific binary. Then to get the node_modules copied into the docker image, I first had to comment out the node_modules line in the .dockerignore file.
#node_modules
npm-debug.log
Then add a few lines to the dockerFile to make sure the cache was clean and then to copy the node_modules directory into the image before running any npm commands.
# Install app dependencies
COPY package*.json ./
RUN npm cache clean --force
COPY ./node_modules ./node_modules
RUN npm install --production
I was able to build and run the docker image locally after these changes. I am pushing it to ECR now and will test it.