I have an app that executes various fun stuff with Git (like running git clone & git push) and I'm trying to docker-ize it.
I'm running into an issue though where I need to be able to add an SSH key to the container for the container 'user' to use.
I tried copying it into /root/.ssh/, changing $HOME, creating a git ssh wrapper, and still no luck. 
Here is the Dockerfile for reference:
#DOCKER-VERSION 0.3.4                                                             from  ubuntu:12.04                                                                RUN  apt-get update                                                              RUN  apt-get install python-software-properties python g++ make git-core openssh-server -y RUN  add-apt-repository ppa:chris-lea/node.js                                    RUN  echo "deb http://archive.ubuntu.com/ubuntu precise universe" >> /etc/apt/sources.list RUN  apt-get update                                                              RUN  apt-get install nodejs -y                                                    ADD . /src                                                                        ADD ../../home/ubuntu/.ssh/id_rsa /root/.ssh/id_rsa                              RUN   cd /src; npm install                                                        EXPOSE  808:808                                                                   CMD   [ "node", "/src/app.js"] app.js runs the git commands like git pull
The SSH method works fine for Docker containers, too. That said, you can SSH into a Docker container using Docker's built-in docker exec . If you do not need an interactive shell, you can also use the docker attach command to connect the host's stdin and stdout to the running container and execute remote commands.
The answer is yes!! But using normal docker run commands, you won't be able to see or interact with the these applications. You need to connect the display with the container in order to do so.
You have to use two combinations, one after the other: ctrl+p followed by ctrl+q. You turn interactive mode to daemon mode, which keeps the container running but frees up your terminal. You can attach to it later using docker attach, if you need to interact with the container more.
It's a harder problem if you need to use SSH at build time. For example if you're using git clone, or in my case pip and npm to download from a private repository.
The solution I found is to add your keys using the --build-arg flag. Then you can use the new experimental --squash command (added 1.13) to merge the layers so that the keys are no longer available after removal. Here's my solution:
Build command
$ docker build -t example --build-arg ssh_prv_key="$(cat ~/.ssh/id_rsa)" --build-arg ssh_pub_key="$(cat ~/.ssh/id_rsa.pub)" --squash . Dockerfile
FROM python:3.6-slim  ARG ssh_prv_key ARG ssh_pub_key  RUN apt-get update && \     apt-get install -y \         git \         openssh-server \         libmysqlclient-dev  # Authorize SSH Host RUN mkdir -p /root/.ssh && \     chmod 0700 /root/.ssh && \     ssh-keyscan github.com > /root/.ssh/known_hosts  # Add the keys and set permissions RUN echo "$ssh_prv_key" > /root/.ssh/id_rsa && \     echo "$ssh_pub_key" > /root/.ssh/id_rsa.pub && \     chmod 600 /root/.ssh/id_rsa && \     chmod 600 /root/.ssh/id_rsa.pub  # Avoid cache purge by adding requirements first ADD ./requirements.txt /app/requirements.txt  WORKDIR /app/  RUN pip install -r requirements.txt  # Remove SSH keys RUN rm -rf /root/.ssh/  # Add the rest of the files ADD . .  CMD python manage.py runserver Update: If you're using Docker 1.13 and have experimental features on you can append --squash to the build command which will merge the layers, removing the SSH keys and hiding them from docker history.
Turns out when using Ubuntu, the ssh_config isn't correct. You need to add
RUN  echo "    IdentityFile ~/.ssh/id_rsa" >> /etc/ssh/ssh_config to your Dockerfile in order to get it to recognize your ssh key.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With