[英]Install a python package using pip from private GitHub repo when building Docker image?
################################################################################
# Ubuntu 22.10
FROM ubuntu:22.10
################################################################################
# Install packages
RUN apt-get update && apt-get install --yes --no-install-recommends \
build-essential \
gfortran \
meson \
pkg-config \
sox \
git \
cmake \
openssh-client \
python3 \
python3-pip \
python3-numpy
################################################################################
# Create a Jenkins user with proper host group id and user id
ARG UNAME=jenkins
# Get group and user ids from outside "docker build" command line
ARG GID=
ARG UID=
RUN groupadd --gid $GID $UNAME && \
useradd --gid $GID --uid $UID --home-dir /home/$UNAME --create-home $UNAME
################################################################################
# Add github.com to the list of known ssh hosts for user Jenkins
USER $UNAME
RUN mkdir /home/$UNAME/.ssh/ && \
touch /home/$UNAME/.ssh/known_hosts && \
ssh-keyscan github.com >> /home/$UNAME/.ssh/known_hosts
################################################################################
# Install myproj from myrepos:
RUN pip3 install --upgrade --user git+ssh://git@github.com/myrepos/myproj@master
################################################################################
I've created the above Dockerfile used by Jenkins automation server.我已经创建了 Jenkins 自动化服务器使用的上述 Dockerfile。 The Dockerfile contains some fiddling with SSH keys to enable
jenkins
user to access my Git repositories. Dockerfile 包含一些对 SSH 密钥的摆弄,以使
jenkins
用户能够访问我的 Z0BCC70105AD279FEB665Z1 存储库F4F4。 This enabled jenkins
to run meson
build system commands (and meson
needs access to GitHub).这使
jenkins
能够运行meson
构建系统命令(并且meson
需要访问 GitHub)。 All worked OK.一切正常。
But now I needed to install a package from my GitHub repo which I usually install like this:但现在我需要从我的 GitHub 存储库中安装 package,我通常这样安装:
pip3 install --upgrade --user git+ssh://git@github.com/myrepos/myproj@master
However, when docker is run, I get error on the last RUN line:但是,当 docker 运行时,我在最后一个 RUN 行出现错误:
git@github.com: Permission denied (publickey).
fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository exists.
How would I access the repo from Dockerfile?如何从 Dockerfile 访问存储库?
Your github repo is added to known hosts, but what about your repo key?您的 github 存储库已添加到已知主机,但是您的存储库密钥呢? How will the image you build via this Dockerfile know what that is?
您通过此 Dockerfile 构建的映像如何知道那是什么?
Hypothetically you could COPY
the key into the image so it has access and can pull from the private repo, but this isn't secure.假设您可以将密钥
COPY
到映像中,以便它可以访问并可以从私有存储库中提取,但这并不安全。 You would additionally be adding more private credentials (from your github repo) to the image if you do this.如果您这样做,您还将向图像添加更多私有凭据(来自您的 github 存储库)。
I would clone the repo locally and COPY
the required files in, or mount as a volume.我会在本地克隆 repo 并
COPY
所需的文件,或者作为卷安装。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.