使用主机SSH密钥在DockerFile中访问私有Git存储库
我是Docker的新手,可以尝试在容器中构建和运行Angular Web应用。
I am new to Docker and having a go at getting my Angular web app to build and run in a container.
我在根目录下有一个非常基本的Dockerfile这样的项目:
I have a very basic Dockerfile at the root of the project like so:
# Create the image based on the official Node 10.13.0 image from Dockerhub
FROM node:10.13.0 as node
# Copy dependency definitions
COPY package.json .
# Install dependencies using npm
RUN npm install
# TODO - copy rest of app and run angular-cli build commands to serve up the app
对它运行构建命令后,我遇到以下错误:
And upon running a build command against it I am hitting the following error:
通过查找此错误,我意识到我尚未提供任何主机
I realise from looking up this error, that I haven't yet supplied any host key details from my host machine so these can be used for accessing private repo's.
我在这里遇到了一些有关提供我的主机密钥详细信息的方法的旧答案,例如这,但是我没有走得更远,仍然遇到相同的错误。
I came across some old answers here on approaches to supplying my host key details such as this one, but I didn't get much further, still getting the same error.
我能够通过在dockerfile中回显这些主机密钥并查看详细信息来确认我正确地引用了主机密钥
I was able to confirm I was referencing my host key correctly by echoing these out in my dockerfile and seeing the details in my terminal.
无论如何,我不确定这样做的正确或官方方式。
Anyway, I am unsure what the correct or official way is of doing this.
我正在docker 2.0.0.0-maxc78和macOS High sierra上运行
I am running Docker 2.0.0.0-maxc78 and on macOS High sierra
有人可以向我指出正确的方法吗?
Can anyone please point me in the right direction as to what the correct approach is here please?
谢谢!
这种情况将从近期受益 docker build secret
。
This kind of scenario would benefit from the recent docker build secret
.
docker build --secret id=mysite.key,src=path/to/mysite.key .
在Dockerfile中使用的方式为:
That is used in your Dockerfile as:
# syntax=docker/dockerfile:1.0.0-experimental
FROM alpine
RUN --mount=type=secret,id=mysite.key command-to-run
使用 在Docker 18.09中构建机密和SSH转发(您的Docker 2.0.0应该支持它)
See more with "Build secrets and SSH forwarding in Docker 18.09" (your docker 2.0.0 should support it)
在您的情况下,您的Dockerfile应该包括:
In your case, your Dockerfile should include:
RUN --mount=type=ssh git clone git@github.com:myorg/myproject.git myproject
在docker客户端上,您需要使用
-ssh $ c $来定义允许对此版本进行SSH转发c>标志。
docker build --ssh default .
该标志接受一个键值对,用于定义本地SSH代理套接字或私钥的位置。
The flag accepts a key-value pair defining the location for the local SSH agent socket or the private keys.