Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Add private key to ssh-agent in docker file

I am trying to write a docker file for angular cli project but I have an external dependency which is a private repo on BitBucket so I need to pass my ssh key. I am trying to pass ssh keys using --build-arg

Now issues is, It's not adding those keys to ssh-agent and ask for the password instead.

I am using this command to run docker build -t ng-2-docker/client --build-arg ssh_prv_key="$(cat ~/.ssh/id_rsa)" --build-arg ssh_pub_key="$(cat ~/.ssh/id_rsa)" .

and this is my docker file

ARG ssh_prv_key
ARG ssh_pub_key

# Use an official Node runtime as a parent image
FROM node:8.9.4

# Specify working directory in docker container
WORKDIR /app

# Authorize SSH Host
RUN mkdir -p /ssh/
RUN chmod 0700 /ssh

# Add the keys and set permissions
RUN echo "$ssh_prv_key" > /ssh/id_rsa && echo "$ssh_pub_key" > /ssh/id_rsa.pub && chmod 600 /ssh/id_rsa && chmod 600 /ssh/id_rsa.pub

# add bitbucket to known hosts
RUN ssh-keyscan bitbucket.org > /ssh/known_hosts

# Copy SSH key to temp folder to pull new code
# ADD ~/.ssh/id_rsa /tmp/
# RUN ssh-agent /tmp
RUN ls -la /ssh

# check if ssh agent is running or not, if not, run
RUN eval `ssh-agent -s` && ssh-add /ssh/id_rsa

# Copy local files into the containers working directory
COPY package.json /app

# Install dependencies inside container
RUN npm i

# Copy local files into the containers working directory
COPY . /app

# Execute Process
CMD ["npm", "docker:rogers:local"]

# Remove ssh key from temp
# RUN rm /tmp/id_rsa
RUN rm -rf /ssh

# expose port
EXPOSE 4200

and here is the output if I run the command mentioned above.

enter image description here

like image 613
Usman Tahir Avatar asked Jan 16 '18 15:01

Usman Tahir


1 Answers

Done this already, and my key is passphrase free right now but it's still asking

Then... if you don't have a passphrase associated to your private key, you should get rid of the Dockerfile lines:

# check if ssh agent is running or not, if not, run
RUN eval `ssh-agent -s` && ssh-add /ssh/id_rsa

You don't need an ssh agent if you don't have to memorize/cache a passphrase.

like image 151
VonC Avatar answered Sep 22 '22 18:09

VonC