Hey @mgloel ,
I see that only the first suggestion is applied. Your Dockerfile still uses exec form of CMD, which doesn’t invoke a shell, hence no string interpolation to inject CERT_PW. (Whether you provide the executable as first CMD argument or not, it is still exec form)
If you could replace your CMD with the following
CMD /opt/snowplow/bin/snowplow-stream-collector --config oneapp_collector.conf -Dcom.amazonaws.sdk.disableCertChecking -Dcom.amazonaws.sdk.disableCbor -Djavax.net.ssl.keyStore=/opt/snowplow/ssl/collector.p12 -Djavax.net.ssl.keyStorePassword=${CERT_PW} -Djavax.net.ssl.keyStoreType=PKCS12
which is shell form of CMD, cert password will be injected into this command as expected.
Regarding the official image, Snowplow Stream Collector has official docker images. You can pull the latest one by executing
docker pull snowplow/scala-stream-collector-kinesis:2.4.5
Before you run it, you can generate an ssl cert using your script (don’t forget to provide a non-empty password), prepare your collector config, then the rest is a matter of attaching the cert and config as volumes, along with an env var JAVA_OPTS to define all JVM options.
Please let me know if there are further questions.
Kind regards