How to correctly throw ssh agent into a docker container?

V

Vadim2021-08-09 22:25:07

linux

Vadim, 2021-08-09 22:25:07

I'm trying to throw the ssh agent into the docker image, the cat is part of the CI / CD pipeline.

I run it in the pipeline, in Linux
echo "ssh-path=$SSH_AUTH_SOCK"

everything works ... returns the path
ssh-path=/opt/buildagent/temp/buildTmp/ssh618017239674568317sock

then I transfer it to the Docker image (my build from alpine) - below lines from Dockerfile

FROM alpine:latest
RUN apk -v add --update --no-cache bash openssh-client
RUN eval $(ssh-agent)

docker run with the following command
docker run -v $(dirname $SSH_AUTH_SOCK):$(dirname $SSH_AUTH_SOCK) --env SSH_AUTH_SOCK=$SSH_AUTH_SOCK

writes the following
/bin/sh: 1: dirname /opt/buildagent/temp/buildTmp/ssh618017239674568317sock : not found

script running in container - after running

if [ $(ps ax | grep [s]sh-agent | wc -l) -gt 0 ] ; then echo "ssh-agent is already running"; fi
ssh_path=$(dirname $SSH_AUTH_SOCK)
echo "SSH AGENT PATH INSIDE DOCKER=$ssh_path"

writes the following:

ssh-agent NOT running
Agent pid 11
SSH AGENT PATH INSIDE DOCKER=/opt/buildagent/temp/buildTmp/ssh-XXXXXXAecGBo

attempt then call a command like
git clone [email protected]:gitccountname/project_name.git

gives
error: not authorised

, while everything works fine outside the docker container

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

V

Vadim, 2021-08-11
@Viji

hello everyone, I was tormented for 2 days, but I did it - I had to throw two volumes including /.ssh with read-only
Works when it starts as a root user, I did not test it on others

export SSH_AUTH_SOCK_DIR=$(dirname $SSH_AUTH_SOCK)
export SSH_DIR=/root/.ssh/
docker run  -v $SSH_DIR:$SSH_DIR:ro -v $SSH_AUTH_SOCK_DIR:$SSH_AUTH_SOCK_DIR  --env SSH_AUTH_SOCK=$SSH_AUTH_SOCK 
--pull image:version