How to properly pass git ssh key to Dockerfile as an argument and reference it when doing a git clone

Question

I'm trying to modify a Dockerfile so that the container can use the most up-to-date python files when running. The problem is these python files are updated on AWS CodeCommit, therefore I have to do a git clone of the repo, which does not work due to credential issues.

My current attempt at addressing the credentials issue is by passing my SSH key ID as an ARG when building the container, and then referencing that ARG variable in the git clone ... command.

Dockerfile:

# Use Python base image from DockerHub
FROM python:2.7

ARG access_key

# Install system packages and AWS packages
RUN apt-get -y update && \
    apt-get -y install python-pip \
    git && \
    apt-get clean
RUN pip install awscli boto3 numpy

# Clone into CodeCommit repo to get most up-to-date python scripts
WORKDIR /
RUN git clone ssh://${access_key}@git-codecommit.us-west-2.amazonaws.com/v1/repos/claudia-code
COPY claudia-code/egnorm/run_norm_single.py /
COPY claudia-code/egnorm/s3_utils.py /
COPY claudia-code/egnorm/job_utils.py /

When I build the container via docker build --build-arg access_key=MY-ACCESS-KEY -t eg-norm:00.00.03 ., I get the following error message:

Cloning into 'claudia-code'...
Host key verification failed.
fatal: Could not read from remote repository.

Please make sure you have the correct access rights
and the repository exists.

How can I properly and securely establish my git credentials in the Dockerfile?

Answer 1

Additional steps required are as follows:

1- Create a file called "config"

Example below :

Host git-codecommit.*.amazonaws.com
  User APKAEIBAERJR2EXAMPLE            <<<<<< ================== The SSH key id in IAM 
  IdentityFile ~/.ssh/id_rsa     <<<<<============= The Private key name

2- Create a public key "id_rsa"

3- Add to Dockerfile

COPY id_rsa /root/.ssh/id_rsa
COPY config /root/.ssh/config
RUN chmod 600 /root/.ssh/id_rsa
RUN git clone git@github.com:<your_account>/<your_repo>.git