ubi-fips-14.9.2 entrypoint script is not correct for a RHEL environment

Summary

It looks like it's still using an alpine or debian based update-ca-certificates command and paths.

In a RHEL environment the paths are different and the command is :

update-ca-trust extract > /dev/null

Steps to reproduce

git pull gitlab/gitlab-runner:ubi-fips-v14.9.2

Start a container from the image.

Actual behavior

It looks like it's looking for commands and paths that do not exist in an Ubi container.

Expected behavior

Certificates updated if required.

Environment description

Used GitLab Runner version

ubi-fips-v14.9.2

Possible fixes

Entrypoint should probably be something like this:

  # gitlab-runner data directory
  DATA_DIR="/etc/gitlab-runner"
  CONFIG_FILE="${CONFIG_FILE:-$DATA_DIR/config.toml}"
  # custom certificate authority path
  CA_CERTIFICATES_PATH="${CA_CERTIFICATES_PATH:-/certs/ca.crt}"
  LOCAL_CA_PATH="/etc/pki/ca-trust/source/anchors"

  update_ca() {
    echo "Updating CA certificates..."
    cp "${CA_CERTIFICATES_PATH}" "${LOCAL_CA_PATH}"
    update-ca-trust extract > /dev/null
  }

  update_ca

  # launch gitlab-runner passing all arguments
  exec gitlab-runner "$@"