Install SSL Proxy Certs Into Finch VM to Fix 'x509: certificate signed by unknown authority'

InstallCaCerts.sh

##### Scenario: 
# You are getting 'x509: certificate signed by unknown authority' trying to 
# run a simple finch container on your mac.

# $ finch run --rm public.ecr.aws/finch/hello-finch        
# public.ecr.aws/finch/hello-finch:latest: resolving      |--------------------------------------| 
# elapsed: 0.1 s                           total:   0.0 B (0.0 B/s)                                         
# INFO[0000] trying next host                              error="failed to do request: Head \"https://public.ecr.aws/v2/finch/hello-finch/manifests/latest\": x509: certificate signed by unknown authority" host=public.ecr.aws
# FATA[0000] failed to resolve reference "public.ecr.aws/finch/hello-finch:latest": failed to do request: Head "https://public.ecr.aws/v2/finch/hello-finch/manifests/latest": x509: certificate signed by unknown authority 
# FATA[0000] exit status 1    

##### Solution
### Install the CA cert(s) for yout SSL proxy into the finch/colima vm

# Capture config for ssh/scp connections
LIMA_HOME=/Applications/Finch/lima/data /Applications/Finch/lima/bin/limactl show-ssh --format=config finch > ./lima.ssh-config

# copy the CA certs from the host onto the finch VM
scp -F ./lima.ssh-config MY_CA_CERTS lima-finch:

# In the finch vm, move them to the system cert anchor folder and run the update command
sudo ssh -F ./lima.ssh-config lima-finch 'sudo mv $HOME/MY_CA_CERTS /etc/pki/ca-trust/source/anchors/'
sudo ssh -F ./lima.ssh-config lima-finch 'sudo update-ca-trust'   

# Test it (Look ma! No 'x509: certificate signed by unknown authority')
finch run --rm public.ecr.aws/finch/hello-finch

# Output:
# Hello from Finch!
# Visit us @ github.com/runfinch