0

I'm trying to clone GitHub repo with below docker file after installing java,maven

FROM openjdk:8-jdk-alpine
LABEL WebAutomation Test <waaanjula@gmail.com>
RUN apk add --no-cache curl tar bash procps

# Downloading and installing Maven
# 1- Define a constant with the version of maven you want to install
ARG MAVEN_VERSION=3.8.1

# 3- Define the SHA key to validate the maven download
ARG SHA=0ec48eb515d93f8515d4abe465570dfded6fa13a3ceb9aab8031428442d9912ec20f066b2afbf56964ffe1ceb56f80321b50db73cf77a0e2445ad0211fb8e38d

# 4- Define the URL where maven can be downloaded from
ARG BASE_URL=https://apache.osuosl.org/maven/maven-3/${MAVEN_VERSION}/binaries

#5- Create the directories, download maven, validate the download, install it, remove downloaded file and set links
RUN mkdir -p /usr/share/maven /usr/share/maven/ref \
  && echo "Downlaoding maven" \
  && curl -fsSL -o /tmp/apache-maven.tar.gz ${BASE_URL}/apache-maven-${MAVEN_VERSION}-bin.tar.gz \
  \
  && echo "Checking download hash" \
  && echo "${SHA}  /tmp/apache-maven.tar.gz" | sha512sum -c - \
  \
  && echo "Unziping maven" \
  && tar -xzf /tmp/apache-maven.tar.gz -C /usr/share/maven --strip-components=1 \
  \
  && echo "Cleaning and setting links" \
  && rm -f /tmp/apache-maven.tar.gz \
  && ln -s /usr/share/maven/bin/mvn /usr/bin/mvn

# 6- Define environmental variables required by Maven, like Maven_Home directory and where the maven repo is located
ENV MAVEN_HOME /usr/share/maven
ENV MAVEN_CONFIG "$USER_HOME_DIR/.m2"

# # Install dependencies required to git clone.
RUN apk update && \
    apk add --update git && \
    apk add --update openssh

# 1. Create the SSH directory.
# 2. Populate the private key file.
# 3. Set the required permissions.
# 4. Add github to our list of known hosts for ssh.
RUN mkdir -p /root/.ssh/ 
ADD id_rsa /root/.ssh/id_rsa 
ADD id_rsa.pub /root/.ssh/id_rsa.pub

RUN chmod -R 700 /root/.ssh/ && \
    touch ~/.ssh/known_hosts && \
    ssh-keyscan -t rsa github.com >> /root/.ssh/known_hosts
    
RUN mkdir /usr/AutomationProject/ && \
    chmod -R 600 /usr/AutomationProject/  

# # Clone a repository (MatificWebAutomation project)
RUN git clone git@github.com:anjulaw/Selenium_Keyword_driven_Example.git /usr/AutomationProject

CMD [""]

and I'm getting below error

"git@github.com: Permission denied (publickey). fatal: Could not read from remote repository. Please make sure you have the correct access rights and the repository exists."

This is my first time using dockerfiles, but from what I have read (and taken from working configs) I cannot see why this doesn't work.

My id_rsa is in the same folder as my dockerfile and is a copy of my local key which can clone this repo no problem.

Anjula Weerasooriya
  • 1
  • 1
  • I'm pretty sure your ssh key needs 600 permissions to work. I recommend running the container interactively without the git clone directive and troubleshoot from there – im_baby Apr 21 '21 at 19:30
  • Remember that anyone who has the image can `docker run the-image cat /root/.ssh/id_rsa` and get the private key back out. I'd strongly recommend running the `git clone` operation outside the Dockerfile (and maybe even including the Dockerfile in the repository). – David Maze Apr 21 '21 at 22:01
  • When cloning the git project it asking 'passphrase' Key, Is there any way to skip this or pass the key – Anjula Weerasooriya Apr 22 '21 at 05:21
  • Don't copy your keys into a `docker` image. [Enable `buildkit` and use your `ssh-agent` during the build](https://stackoverflow.com/a/64036342/1423507). – masseyb Apr 22 '21 at 14:44

1 Answers1

0

You need to create a folder with keys in the local project folder, transfer there the generated keys that are already installed in the remote repository.

# SSH Keys
ADD .ssh/id_rsa /root/.ssh/id_rsa
ADD .ssh/id_rsa.pub /root/.ssh/id_rsa.pub

RUN chmod 600 /root/.ssh/id_rsa &&\
    chmod 600 /root/.ssh/id_rsa.pub

It turns out that after each build, the key will be generated, which means that after each build of this Dockerfile, you will have to reconfigure the keys on the remote repository

svishnevskii
  • 5
  • 2