git - Add private key to ssh-agent in docker file

Question

I am trying to write a docker file for angular cli project but I have an external dependency which is a private repo on BitBucket so I need to pass my ssh key. I am trying to pass ssh keys using --build-arg

Now issues is, It's not adding those keys to ssh-agent and ask for the password instead.

I am using this command to run docker build -t ng-2-docker/client --build-arg ssh_prv_key="$(cat ~/.ssh/id_rsa)" --build-arg ssh_pub_key="$(cat ~/.ssh/id_rsa)" .

and this is my docker file

ARG ssh_prv_key
ARG ssh_pub_key

# Use an official Node runtime as a parent image
FROM node:8.9.4

# Specify working directory in docker container
WORKDIR /app

# Authorize SSH Host
RUN mkdir -p /ssh/
RUN chmod 0700 /ssh

# Add the keys and set permissions
RUN echo "$ssh_prv_key" > /ssh/id_rsa && echo "$ssh_pub_key" > /ssh/id_rsa.pub && chmod 600 /ssh/id_rsa && chmod 600 /ssh/id_rsa.pub

# add bitbucket to known hosts
RUN ssh-keyscan bitbucket.org > /ssh/known_hosts

# Copy SSH key to temp folder to pull new code
# ADD ~/.ssh/id_rsa /tmp/
# RUN ssh-agent /tmp
RUN ls -la /ssh

# check if ssh agent is running or not, if not, run
RUN eval `ssh-agent -s` && ssh-add /ssh/id_rsa

# Copy local files into the containers working directory
COPY package.json /app

# Install dependencies inside container
RUN npm i

# Copy local files into the containers working directory
COPY . /app

# Execute Process
CMD ["npm", "docker:rogers:local"]

# Remove ssh key from temp
# RUN rm /tmp/id_rsa
RUN rm -rf /ssh

# expose port
EXPOSE 4200

and here is the output if I run the command mentioned above.

Answer 1

I spent several days going through the same issue. ssh-keygen -p ensured the passphrase was empty, but I needed to ssh-agent and ssh-add in my Dockerfile to be able to pull from a private repo. Several of my peers told me they were able to make it work; I would copy what they had and still be asked for a passphrase. Finally I came across this issue. After manually inputting in the rsa key line by line and seeing it succeed, I realized it was because I was building the image and passing in the key via a make target, and the Makefile was processing the newlines as whitespaces. Ultimately it was just a matter of updating how the key was being cat as an argument so that it ran as bash instead to preserve the newlines.

Here was the build command inside my Makefile:

make container:    
    docker build --rm 
    --build-arg ssh_prv_key="$$(cat ~/.ssh/id_rsa)" 
    --squash -f Dockerfile -t $(DOCKER_IMAGE) .

I will also note that I needed to include

echo "StrictHostKeyChecking no" >> /etc/ssh/ssh_config

to one of my Dockerfile RUN commands as well