From 287bf417d900b09ef298ca80e2c513a783bb6a4f Mon Sep 17 00:00:00 2001
From: Jurre Stender <jurrestender@gmail.com>
Date: Thu, 12 Aug 2021 11:01:04 +0200
Subject: [PATCH] Configure updater images to remove extraneous certs

---
 src/updater.ts | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/src/updater.ts b/src/updater.ts
index a7131a1..80e4e3d 100644
--- a/src/updater.ts
+++ b/src/updater.ts
@@ -129,6 +129,11 @@ export class Updater {
     proxy: Proxy,
     updaterCommand: string
   ): Promise<Container> {
+    const cmd = `(echo > /etc/ca-certificates.conf) &&\
+     rm -Rf /usr/share/ca-certificates/ &&\
+      /usr/sbin/update-ca-certificates &&\
+       $DEPENDABOT_HOME/dependabot-updater/bin/run ${updaterCommand}`
+
     const container = await this.docker.createContainer({
       Image: this.updaterImage,
       AttachStdout: true,
@@ -146,11 +151,7 @@ export class Updater {
         `https_proxy=${proxy.url}`,
         `HTTPS_PROXY=${proxy.url}`
       ],
-      Cmd: [
-        'sh',
-        '-c',
-        `/usr/sbin/update-ca-certificates && $DEPENDABOT_HOME/dependabot-updater/bin/run ${updaterCommand}`
-      ],
+      Cmd: ['sh', '-c', cmd],
       HostConfig: {
         NetworkMode: proxy.networkName,
         Binds: [