如何使用Dockerfile中的私钥访问GIT仓库
我正在尝试在我的Docker容器中添加一个私钥,该私钥可以访问我的私人git存储库。 testing_git文件位于包含Dockerfile的文件夹中。 我试图做一个容器,可以拉动git代码。
这是我的Dockerfile:
FROM ubuntu:14.04.1 WORKDIR ~/.ssh RUN apt-get -y install ssh WORKDIR /var/www/html Run apt-get -y install git RUN mkdir ~/.ssh ADD id_rsa /home/id_rsa RUN cat /home/id_rsa && mv /home/id_rsa ~/.ssh/id_rsa && chmod 600 ~/.ssh/id_rsa && eval "$(ssh-agent -s)" && ssh-add ~/.ssh/id_rsa && ssh-add -l && ssh-add -L && echo "Host github.com\n\tIdentityFile ~/.ssh/id_rsa" >> /root/.ssh/config && git clone git@github.com:amitbadheka/Learning-Rails 输出:
Step 9 : RUN mkdir ~/.ssh ---> Using cache ---> 38f2824f41d6 Step 10 : ADD id_rsa /home/id_rsa ---> Using cache ---> afae372c6a40 Step 11 : RUN cat /home/id_rsa && mv /home/id_rsa ~/.ssh/id_rsa && chmod 600 ~/.ssh/id_rsa && eval "$(ssh-agent -s)" && ssh-add ~/.ssh/id_rsa && ssh-add -l && ssh-add -L && echo "Host github.com\n\tIdentityFile ~/.ssh/id_rsa" >> /root/.ssh/config && git clone git@github.com:amitbadheka/Learning-Rails.git ---> Running in edd6778a0ae6 -----BEGIN RSA PRIVATE KEY----- MY PRIVATE KEY -----END RSA PRIVATE KEY----- Agent pid 12 Identity added: /root/.ssh/id_rsa (/root/.ssh/id_rsa) 2048 69:41:88:d2:5f:22:fa:63:92:2b:f9:b8:a4:1e:3c:24 /root/.ssh/id_rsa (RSA) ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrfPuszAriGJxGd16TVeWBvCt8lj88OlJ0fz5LYd2voWDUDnEmPDpvQUDZKQI+MlFfhPS+KN239XsL4X1+vdyj8xXzcBeUB+DUYW2bxZd0kLsmOPeJ0Htoat12fdjzIC/m+H+j6SkAwL+WrV/vH+tbjNZVrl+zcMvBsZipyrKHmJiwko/cqACRYGRXAAUahnVTfhQGXArqn3ioxNN5r6ZDPdv+xGZY4V9fTbHbDooEHaOz/EFu6xwoBFC2SBID3aKEQgS6C07/iRt1fJ8c8TPPvJt6vLJQ/h5LLsN2WRxDG+V5fCGqWKDdJWoyM+fOuCNOH1XTDka8d+2ZN2v+U1KX /root/.ssh/id_rsa Cloning into 'Learning-Rails'... **Host key verification failed.** **fatal: Could not read from remote repository.** Please make sure you have the correct access rights and the repository exists. 2014/12/15 18:20:47 The command [/bin/sh -c cat /home/id_rsa && mv /home/id_rsa ~/.ssh/id_rsa && chmod 600 ~/.ssh/id_rsa && eval "$(ssh-agent -s)" && ssh-add ~/.ssh/id_rsa && ssh-add -l && ssh-add -L && echo "Host github.com\n\tIdentityFile ~/.ssh/id_rsa" >> /root/.ssh/config && git clone git@github.com:amitbadheka/Learning-Rails.git] returned a non-zero code: 128
所以当我使用相同的密钥,我可以访问我的回购。
谁能告诉我我失踪了什么?
错误消息Host key verification failed. 不是抱怨你的私钥,而是github.com的主机密钥。 你可以这样做来添加github主机密钥:
ssh-keyscan -t rsa github.com > ~/.ssh/known_hosts
也许你有你的理由,但总的来说,将git repo复制到映像中并不是在容器中运行代码的首选方式。 相反,把一个Dockerfile放在你的repo的根目录下,然后在Dockerfile中使用ADD命令将你的源代码包含在容器中。
正如你现在写的那样,你的私钥是Docker映像的一部分。 任何与您分享图片的人都将拥有您的私钥。