grafana · olegbespalov · Dec 7, 2023 · Nov 3, 2023 · Dec 6, 2023
@@ -8,9 +8,7 @@ RUN CGO_ENABLED=0 GOOS=$TARGETOS GOARCH=$TARGETARCH go build -trimpath -o /usr/b
 # Runtime stage
 FROM alpine:3.18 as release
 
-# hadolint ignore=DL3018
-RUN apk add --no-cache ca-certificates && \
-    adduser -D -u 12345 -g 12345 k6
+RUN adduser -D -u 12345 -g 12345 k6
 COPY --from=builder /usr/bin/k6 /usr/bin/k6
 
 USER k6

@@ -14,6 +14,14 @@ import (
 	"go.k6.io/k6/cmd/state"
 	"go.k6.io/k6/errext/exitcodes"
 	"go.k6.io/k6/lib/types"
+
+	// Blank-importing golang.org/x/crypto/x509roots/fallback bundles a set of
+	// root fallback certificates from Mozilla into the resulting binary. This
+	// allows the program to run in environments where the system root
+	// certificates are not available, for example inside a minimal container.
+	// These are _fallbacks_, meaning that if the system _does have_ a set of
+	// root certificates, those will be given priority.
+	_ "golang.org/x/crypto/x509roots/fallback"
 )
 
 // Panic if the given error is not nil.

@@ -46,6 +46,7 @@ require (
 	go.opentelemetry.io/otel/trace v1.19.0
 	go.uber.org/goleak v1.2.1
 	golang.org/x/crypto v0.14.0
+	golang.org/x/crypto/x509roots/fallback v0.0.0-20231030152948-74c2ba9521f1
 	golang.org/x/net v0.17.0
 	golang.org/x/term v0.13.0
 	golang.org/x/time v0.3.0

@@ -230,6 +230,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
 golang.org/x/crypto v0.14.0 h1:wBqGXzWJW6m1XrIKlAH0Hs1JJ7+9KBwnIO8v66Q9cHc=
 golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4=
+golang.org/x/crypto/x509roots/fallback v0.0.0-20231030152948-74c2ba9521f1 h1:wQ75dCmVn5ExryuIUzbi2MC1/10fUNIL1FP918r4jx8=
+golang.org/x/crypto/x509roots/fallback v0.0.0-20231030152948-74c2ba9521f1/go.mod h1:kNa9WdvYnzFwC79zRpLRMJbdEFlhyM5RPFBBZp/wWH8=
 golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
 golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
 golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=

@@ -378,6 +378,9 @@ go.uber.org/goleak/internal/stack
 golang.org/x/crypto/md4
 golang.org/x/crypto/ocsp
 golang.org/x/crypto/ripemd160
+# golang.org/x/crypto/x509roots/fallback v0.0.0-20231030152948-74c2ba9521f1
+## explicit; go 1.20
+golang.org/x/crypto/x509roots/fallback
 # golang.org/x/net v0.17.0
 ## explicit; go 1.17
 golang.org/x/net/html