不知怎么的,我不知道如何将这个ssh密钥传递到容器的构建过程。这是.gitlab-ci.yml中的步骤:
php:
stage: build
services:
- docker:20.10.12-dind
image: docker:20.10.12
script:
# Leverage --cache-from and try to use an existing image if it exists
- echo "$DOCKER_ACCESS_KEY" | docker login --username $DOCKER_REGISTRY_USER --password-stdin
- docker login registry.gitlab.com -u ${CI_REGISTRY_USER} -p ${CI_REGISTRY_PASSWORD}
- docker pull $PHP_CACHE_TAG || true
- cat "$LARAVEL_ENV_FILE" > "$(pwd)/.env"
- DOCKER_BUILDKIT=1 docker build --cache-from $PHP_CACHE_TAG
--build-arg BUILDKIT_INLINE_CACHE=1
--build-arg SSH_PRIV_KEY="${SSH_PRIV_KEY}"
--tag $PHP_CACHE_TAG
--tag $PHP_TAG
--target=api_prod .
- docker push $PHP_TAG
- docker push $PHP_CACHE_TAG
是关于这一行:--build-arg SSH_PRIV_KEY="${SSH_PRIV_KEY}"
在Dockerfile中我这样做:echo "$SSH_PRIV_KEY" > /root/.ssh/id_rsa; (在Dockerfile的顶部定义ARG SSH_PRIV_KEY后)
之后/root/.ssh/id_rsa仍然为空。
关于我在Dockerfile中所做的更多上下文:
# Needed to be able to install custom dependencies
RUN mkdir -p /root/.ssh;
ssh-keyscan -H gitlab.com >> /root/.ssh/known_hosts;
echo "$SSH_PRIV_KEY" > /root/.ssh/id_rsa;
cat /root/.ssh/id_rsa;
chmod 600 /root/.ssh/*;
我怀疑我在gitlab-ci构建步骤中做错了什么。但我不确定。
在你的Docker文件中使用ARG SSH_PRIV_KEY
则使用
ARG SSH_PRIV_KEY
RUN mkdir -p /root/.ssh;
ssh-keyscan -H gitlab.com >> /root/.ssh/known_hosts;
echo "$SSH_PRIV_KEY" > /root/.ssh/id_rsa;
cat /root/.ssh/id_rsa;
chmod 600 /root/.ssh/*;
应该可以。