2

I have a python project that I am writing a dockerfile for. This project depends on another python project of mine that is hosted in a private github account of mine.

How do I go about making the dockerfile properly load in the other project as a dependency (using my requirements.txt file)?

I tried copying my private ssh key into the:

/root/.ssh

directory as part of the DockerFile, and including the clone url as part of the requirements.txt file, but this just feels wrong since my private key will be stored in one of the docker image layers.

Are there best practices for this?

xur17
  • 506
  • 1
  • 8
  • 24

2 Answers2

1

Generate a Personal access token .

You should select a scope of this token to limit access to your personal project.

You can pass a token to curl instead of user/password

curl -u <token>:x-oauth-basic
Oleg Pavliv
  • 20,462
  • 7
  • 59
  • 75
  • Does this still suffer from the OP issue of putting credentials into a presumably public Dockerfile? – Greg Apr 19 '15 at 02:10
  • 1
    @Greg Using scope you limit what can be performed with the token: it is allowed only to pull the other project. – Oleg Pavliv Apr 19 '15 at 05:37
0

Since Docker API version 1.39+ you can use a different build mode to access your local SSH private key instead of copying it to the image.

See more here: https://stackoverflow.com/a/58883743/435093

slhck
  • 36,575
  • 28
  • 148
  • 201