Dockerfile 使用 ssh

william 收录于 Tools

2022-11-22 约 400 字预计阅读 1 分钟

警告

本文最后更新于 2022-11-22，文中内容可能已过时。

在 Dockerfile 使用 ssh 秘钥，可以访问相应权限的项目

Dockerfile

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18


# syntax=docker/dockerfile:experimental
FROM william-centos7-gcc9:v1.0
MAINTAINER William
LABEL Remarks="DataMgr @WuyaCapital"

# add credentials on build
RUN mkdir -p -m 0700 ~/.ssh && \
    ssh-keyscan 192.168.1.171 >> ~/.ssh/known_hosts

# ADD ./requirements.txt /app/requirements.txt
# RUN pip install -r requirements.txt

RUN --mount=type=ssh \
    mkdir -p git && cd git && \
    git clone git@192.168.1.171:lfang/wepy.git && \
    echo `ls -alh`

CMD ["/usr/sbin/init"]

这里需要注意：

在开头添加

1

# syntax=docker/dockerfile:experimental

在 RUN 命令后面添加 --mount=type=ssh ，之后是正常的 bash 命令语句

Docker 命令执行

1

DOCKER_BUILDKIT=1 docker build --ssh default -t

如果出现了以下的报错，先不要慌，可能是网络解析不通畅：

1
2
3
4
5
6


 => ERROR resolve image config for docker.io/docker/dockerfile:experimental
0.1s
------
 > resolve image config for docker.io/docker/dockerfile:experimental:
------
failed to solve with frontend dockerfile.v0: failed to solve with frontend gateway.v0: unexpected status code https://docker.mirrors.ustc.edu.cn/v2/docker/dockerfile/manifests/experimental: 403 Forbidden

Docker-compose 执行

结果查看

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17


[+] Building 277.1s (10/12)
 => [internal] load build definition from Dockerfile                                                                                                                                                                                                                                                                                                                                      0.0s
 => => transferring dockerfile: 38B                                                                                                                                                                                                                                                                                                                                                       0.0s
 => [internal] load .dockerignore                                                                                                                                                                                                                                                                                                                                                         0.0s
 => => transferring context: 2B                                                                                                                                                                                                                                                                                                                                                           0.0s
 => resolve image config for docker.io/docker/dockerfile:experimental                                                                                                                                                                                                                                                                                                                     1.6s
 => CACHED docker-image://docker.io/docker/dockerfile:experimental@sha256:600e5c62eedff338b3f7a0850beb7c05866e0ef27b2d2e8c02aa468e78496ff5                                                                                                                                                                                                                                                0.0s
 => [internal] load build definition from Dockerfile                                                                                                                                                                                                                                                                                                                                      0.0s
 => => transferring dockerfile: 38B                                                                                                                                                                                                                                                                                                                                                       0.0s
 => [internal] load metadata for docker.io/library/william-centos7-gcc9:v1.0                                                                                                                                                                                                                                                                                                              0.0s
 => [1/5] FROM docker.io/library/william-centos7-gcc9:v1.0                                                                                                                                                                                                                                                                                                                                0.0s
 => => resolve docker.io/library/william-centos7-gcc9:v1.0                                                                                                                                                                                                                                                                                                                                0.0s
 => [internal] load build context                                                                                                                                                                                                                                                                                                                                                         0.0s
 => => transferring context: 38B                                                                                                                                                                                                                                                                                                                                                          0.0s
 => [2/5] RUN mkdir -p -m 0700 ~/.ssh &&     ssh-keyscan 192.168.1.171 >> ~/.ssh/known_hosts                                                                                                                                                                                                                                                                                              0.5s
 => [3/5] ADD ./requirements.txt /app/requirements.txt                                                                                                                                                                                                                                                                                                                                    0.1s
 => [4/5] RUN pip3 install -r requirements.txt

Dockerfile 使用 ssh

Dockerfile

Docker 命令执行

Docker-compose 执行

结果查看

相关内容