[英]Using SSH agent with Docker Compose and Dockerfile
I am having issues using a private github repo in one of my NestJS apps.我在我的一个 NestJS 应用程序中使用私有 github 存储库时遇到问题。 When I create the docker image using the
docker build
command, the image is successfully created and everything works fine.当我使用
docker build
命令创建 docker 映像时,映像已成功创建并且一切正常。 However I can't use the Dockerfile with docker-compose
.但是我不能将 Dockerfile 与
docker-compose
一起使用。
Here's the part of Dockerfile
where I use the BuildKit
mount feature:这是我使用
BuildKit
安装功能的Dockerfile
的一部分:
RUN mkdir -p -m 0600 ~/.ssh && ssh-keyscan github.com >> ~/.ssh/known_hosts
RUN --mount=type=ssh npm install
When building the image with Dockerfile
alone I pass the --ssh default
argument, like this and it successfully installs the private repo:单独使用
Dockerfile
构建映像时,我传递了--ssh default
参数,如下所示,它成功安装了私有仓库:
docker build --ssh default -t CONTAINER_NAME .
Following this article , inside the docker-compose.yml
file I have included the $SSH_AUTH_SOCK
like this:在 这篇文章之后,在
docker-compose.yml
文件中,我包含了这样的$SSH_AUTH_SOCK
:
environment:
- NODE_ENV:${NODE_ENV}
- SSH_AUTH_SOCK:${SSH_AUTH_SOCK}
volumes:
- $SSH_AUTH_SOCK:${SSH_AUTH_SOCK}
However I get this error whenever I try to run docker-compose up
但是,每当我尝试运行
docker-compose up
时,我都会收到此错误
#11 44.97 npm ERR! code 128
#11 44.97 npm ERR! An unknown git error occurred
#11 44.97 npm ERR! command git --no-replace-objects ls-remote ssh://git@github.com/organization/repo.git
#11 44.97 npm ERR! git@github.com: Permission denied (publickey).
#11 44.97 npm ERR! fatal: Could not read from remote repository.
#11 44.97 npm ERR!
#11 44.97 npm ERR! Please make sure you have the correct access rights
#11 44.97 npm ERR! and the repository exists.
Any idea what I am doing wrong?知道我做错了什么吗?
Your environment
syntax is incorrect.您的
environment
语法不正确。 The environment
block can either be a list of NAME=VALUE
pairs: environment
块可以是NAME=VALUE
对的列表:
environment:
- SSH_AUTH_SOCK=${SSH_AUTH_SOCK}
Or it can be a dictionary:或者它可以是一个字典:
environment:
SSH_AUTH_SOCK: ${SSH_AUTH_SOCK}
Yours is neither of those things, so your container has no SSH_AUTH_SOCK
environment variable.你的不是这些东西,所以你的容器没有
SSH_AUTH_SOCK
环境变量。
If I use this docker-compose.yaml
file:如果我使用这个
docker-compose.yaml
文件:
version: "3"
services:
ssh:
image: fedora:35
environment:
- SSH_AUTH_SOCK=${SSH_AUTH_SOCK}
volumes:
- ${SSH_AUTH_SOCK}:${SSH_AUTH_SOCK}
command:
- sh
- -c
- |
yum -y install openssh-clients
sleep inf
I can exec
into the container (after waiting for the package installation to complete) and verify that it is able to talk to my agent:我可以执行到容器中(在等待
exec
安装完成之后)并验证它是否能够与我的代理对话:
$ docker-compose exec ssh ssh-add -l
2048 SHA256:... (RSA)
4096 SHA256:... (RSA)
Also, one unrelated comment about your volumes:
block: you're being inconsistent in how you refer to variables.另外,关于您的
volumes:
块:您在引用变量的方式上不一致。 This isn't a problem, but it hurts my brain (and inconsistencies like this can sometimes lead to weird problems in other contexts).这不是问题,但它伤害了我的大脑(像这样的不一致有时会在其他情况下导致奇怪的问题)。 You might as well just always use the
${varname}
syntax when referring to environment variables:在引用环境变量时,您不妨始终使用
${varname}
语法:
volumes:
- ${SSH_AUTH_SOCK}:${SSH_AUTH_SOCK}
They have added the ssh flag as option to the build key in compose: https://github.com/compose-spec/compose-spec/pull/234他们在 compose 中添加了 ssh 标志作为构建密钥的选项: https://github.com/compose-spec/compose-spec/pull/234
services:
sample:
build:
context: .
ssh:
- default
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.