Use Host SSH keys for private Git repo access in DockerFile












1















I am new to Docker and having a go at getting my Angular web app to build and run in a container.



I have a very basic Dockerfile at the root of the project like so:



# Create the image based on the official Node 10.13.0 image from Dockerhub
FROM node:10.13.0 as node

# Copy dependency definitions
COPY package.json .

# Install dependencies using npm
RUN npm install

# TODO - copy rest of app and run angular-cli build commands to serve up the app


And upon running a build command against it I am hitting the following error:



enter image description here



I realise from looking up this error, that I haven't yet supplied any host key details from my host machine so these can be used for accessing private repo's.



I came across some old answers here on approaches to supplying my host key details such as this one, but I didn't get much further, still getting the same error.



I was able to confirm I was referencing my host key correctly by echoing these out in my dockerfile and seeing the details in my terminal.



Anyway, I am unsure what the correct or official way is of doing this.



I am running Docker 2.0.0.0-maxc78 and on macOS High sierra



Can anyone please point me in the right direction as to what the correct approach is here please?



Thanks!










share|improve this question





























    1















    I am new to Docker and having a go at getting my Angular web app to build and run in a container.



    I have a very basic Dockerfile at the root of the project like so:



    # Create the image based on the official Node 10.13.0 image from Dockerhub
    FROM node:10.13.0 as node

    # Copy dependency definitions
    COPY package.json .

    # Install dependencies using npm
    RUN npm install

    # TODO - copy rest of app and run angular-cli build commands to serve up the app


    And upon running a build command against it I am hitting the following error:



    enter image description here



    I realise from looking up this error, that I haven't yet supplied any host key details from my host machine so these can be used for accessing private repo's.



    I came across some old answers here on approaches to supplying my host key details such as this one, but I didn't get much further, still getting the same error.



    I was able to confirm I was referencing my host key correctly by echoing these out in my dockerfile and seeing the details in my terminal.



    Anyway, I am unsure what the correct or official way is of doing this.



    I am running Docker 2.0.0.0-maxc78 and on macOS High sierra



    Can anyone please point me in the right direction as to what the correct approach is here please?



    Thanks!










    share|improve this question



























      1












      1








      1


      1






      I am new to Docker and having a go at getting my Angular web app to build and run in a container.



      I have a very basic Dockerfile at the root of the project like so:



      # Create the image based on the official Node 10.13.0 image from Dockerhub
      FROM node:10.13.0 as node

      # Copy dependency definitions
      COPY package.json .

      # Install dependencies using npm
      RUN npm install

      # TODO - copy rest of app and run angular-cli build commands to serve up the app


      And upon running a build command against it I am hitting the following error:



      enter image description here



      I realise from looking up this error, that I haven't yet supplied any host key details from my host machine so these can be used for accessing private repo's.



      I came across some old answers here on approaches to supplying my host key details such as this one, but I didn't get much further, still getting the same error.



      I was able to confirm I was referencing my host key correctly by echoing these out in my dockerfile and seeing the details in my terminal.



      Anyway, I am unsure what the correct or official way is of doing this.



      I am running Docker 2.0.0.0-maxc78 and on macOS High sierra



      Can anyone please point me in the right direction as to what the correct approach is here please?



      Thanks!










      share|improve this question
















      I am new to Docker and having a go at getting my Angular web app to build and run in a container.



      I have a very basic Dockerfile at the root of the project like so:



      # Create the image based on the official Node 10.13.0 image from Dockerhub
      FROM node:10.13.0 as node

      # Copy dependency definitions
      COPY package.json .

      # Install dependencies using npm
      RUN npm install

      # TODO - copy rest of app and run angular-cli build commands to serve up the app


      And upon running a build command against it I am hitting the following error:



      enter image description here



      I realise from looking up this error, that I haven't yet supplied any host key details from my host machine so these can be used for accessing private repo's.



      I came across some old answers here on approaches to supplying my host key details such as this one, but I didn't get much further, still getting the same error.



      I was able to confirm I was referencing my host key correctly by echoing these out in my dockerfile and seeing the details in my terminal.



      Anyway, I am unsure what the correct or official way is of doing this.



      I am running Docker 2.0.0.0-maxc78 and on macOS High sierra



      Can anyone please point me in the right direction as to what the correct approach is here please?



      Thanks!







      git docker npm dockerfile ssh-keys






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Nov 21 '18 at 12:13









      phd

      23.2k52545




      23.2k52545










      asked Nov 20 '18 at 21:45









      mindparsemindparse

      3,53793078




      3,53793078
























          1 Answer
          1






          active

          oldest

          votes


















          0














          This kind of scenario would benefit from the recent docker build secret.



          docker build --secret id=mysite.key,src=path/to/mysite.key .


          That is used in your Dockerfile as:



          # syntax=docker/dockerfile:1.0.0-experimental

          FROM alpine

          RUN --mount=type=secret,id=mysite.key command-to-run


          See more with "Build secrets and SSH forwarding in Docker 18.09" (your docker 2.0.0 should support it)



          In your case, your Dockerfile should include:



          RUN --mount=type=ssh git clone git@github.com:myorg/myproject.git myproject



          On the docker client side, you need to define that SSH forwarding is allowed for this build by using the --ssh flag.



          docker build --ssh default .


          The flag accepts a key-value pair defining the location for the local SSH agent socket or the private keys.







          share|improve this answer























            Your Answer






            StackExchange.ifUsing("editor", function () {
            StackExchange.using("externalEditor", function () {
            StackExchange.using("snippets", function () {
            StackExchange.snippets.init();
            });
            });
            }, "code-snippets");

            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "1"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53402058%2fuse-host-ssh-keys-for-private-git-repo-access-in-dockerfile%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            0














            This kind of scenario would benefit from the recent docker build secret.



            docker build --secret id=mysite.key,src=path/to/mysite.key .


            That is used in your Dockerfile as:



            # syntax=docker/dockerfile:1.0.0-experimental

            FROM alpine

            RUN --mount=type=secret,id=mysite.key command-to-run


            See more with "Build secrets and SSH forwarding in Docker 18.09" (your docker 2.0.0 should support it)



            In your case, your Dockerfile should include:



            RUN --mount=type=ssh git clone git@github.com:myorg/myproject.git myproject



            On the docker client side, you need to define that SSH forwarding is allowed for this build by using the --ssh flag.



            docker build --ssh default .


            The flag accepts a key-value pair defining the location for the local SSH agent socket or the private keys.







            share|improve this answer




























              0














              This kind of scenario would benefit from the recent docker build secret.



              docker build --secret id=mysite.key,src=path/to/mysite.key .


              That is used in your Dockerfile as:



              # syntax=docker/dockerfile:1.0.0-experimental

              FROM alpine

              RUN --mount=type=secret,id=mysite.key command-to-run


              See more with "Build secrets and SSH forwarding in Docker 18.09" (your docker 2.0.0 should support it)



              In your case, your Dockerfile should include:



              RUN --mount=type=ssh git clone git@github.com:myorg/myproject.git myproject



              On the docker client side, you need to define that SSH forwarding is allowed for this build by using the --ssh flag.



              docker build --ssh default .


              The flag accepts a key-value pair defining the location for the local SSH agent socket or the private keys.







              share|improve this answer


























                0












                0








                0







                This kind of scenario would benefit from the recent docker build secret.



                docker build --secret id=mysite.key,src=path/to/mysite.key .


                That is used in your Dockerfile as:



                # syntax=docker/dockerfile:1.0.0-experimental

                FROM alpine

                RUN --mount=type=secret,id=mysite.key command-to-run


                See more with "Build secrets and SSH forwarding in Docker 18.09" (your docker 2.0.0 should support it)



                In your case, your Dockerfile should include:



                RUN --mount=type=ssh git clone git@github.com:myorg/myproject.git myproject



                On the docker client side, you need to define that SSH forwarding is allowed for this build by using the --ssh flag.



                docker build --ssh default .


                The flag accepts a key-value pair defining the location for the local SSH agent socket or the private keys.







                share|improve this answer













                This kind of scenario would benefit from the recent docker build secret.



                docker build --secret id=mysite.key,src=path/to/mysite.key .


                That is used in your Dockerfile as:



                # syntax=docker/dockerfile:1.0.0-experimental

                FROM alpine

                RUN --mount=type=secret,id=mysite.key command-to-run


                See more with "Build secrets and SSH forwarding in Docker 18.09" (your docker 2.0.0 should support it)



                In your case, your Dockerfile should include:



                RUN --mount=type=ssh git clone git@github.com:myorg/myproject.git myproject



                On the docker client side, you need to define that SSH forwarding is allowed for this build by using the --ssh flag.



                docker build --ssh default .


                The flag accepts a key-value pair defining the location for the local SSH agent socket or the private keys.








                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Nov 21 '18 at 6:06









                VonCVonC

                847k29426873243




                847k29426873243
































                    draft saved

                    draft discarded




















































                    Thanks for contributing an answer to Stack Overflow!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53402058%2fuse-host-ssh-keys-for-private-git-repo-access-in-dockerfile%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    Guess what letter conforming each word

                    Port of Spain

                    Run scheduled task as local user group (not BUILTIN)