在Docker容器内非交互地解密gpg文件
[英]Decrypt gpg files non-interactively inside a Docker container
问题描述
I am trying to decrypt a gpg file inside a docker container. 
我正在尝试解密docker容器内的gpg文件。 Roughly speaking the Dockerfile does basic stuff: 大致来说, Dockerfile完成以下基本工作:
FROM myimage
RUN ...
...
COPY docker-entrypoint.sh /entrypoint
RUN chmod u+x /entrypoint
The docker-entrypoint.sh contains: docker-entrypoint.sh包含:
gpg --decrypt --passphrase=${PASSWORD} /path/to/encrypted/file > /path/to/unencrypted/file
...
exec "$@"
I'm doing: 我正在做:
docker build -t "myimage" .
docker run -e PASSWORD -ti myimage
And I am getting: 我得到:
gpg: directory `/root/.gnupg' created
gpg: new configuration file `/root/.gnupg/gpg.conf' created
gpg: WARNING: options in `/root/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/root/.gnupg/secring.gpg' created
gpg: keyring `/root/.gnupg/pubring.gpg' created
usage: gpg [options] --decrypt [filename]
…as an error. …作为错误。 The password environment var is being passed correctly, and that same command runs correctly on my machine. 密码环境var已正确传递,并且该命令在我的计算机上正确运行。
I have tried with gpg2 with no success. 我尝试了gpg2 ,但没有成功。
1 个解决方案
解决方案1
0 已采纳 2017-09-21 16:33:59
I just discovered the issue: 我刚刚发现了问题:
gpg --decrypt --passphrase="${PASSWORD}" \
/path/to/encrypted/file > /path/to/unencrypted/file
ie quotes should be used in order to the environment variable to be properly transformed to text. 即应该使用引号,以便将环境变量正确地转换为文本。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.