英文:
Dockerhub automated builds with multiple private repos
问题
在自动化的DockerHub构建过程中,有没有办法连接到多个私有的Git仓库?我们正在构建Golang应用程序,并且需要在构建过程中使用"go get"命令获取其他私有仓库的代码,但目前它们失败了,因为Docker无法连接到这些私有仓库,只能连接到目标私有仓库。
主要的仓库没有问题,因为部署密钥已经通过DockerHub安装,但是后续的私有仓库导入失败了。
我能想到的一个解决方法是,在本地构建镜像,将其"docker push"到DockerHub,然后在部署端拉取镜像,但这违背了使用DockerHub和自动化构建系统的初衷。另一个方法是将SSH密钥嵌入基础镜像中,但这不是一个好主意。
有没有人有一个解决方案,不需要将SSH密钥嵌入镜像或者在本地构建的方法?
非常感谢。
英文:
Is there a way to connect to multiple private git repos during an automated dockerhub build? We are building golang apps and need to 'go get' other private repos as part of our build and at the moment they fail as docker can't connect to them, only the target private repo.
The main repo is fine as the deploy key is installed via Dockerhub, but any subsequent private repo imports fail.
One way around this I can see, is to build the image locally, "docker push" it to dockerhub and then pull it down on the deploy side which defeats the purpose of dockerhub and the automated build system. The other is to bake ssh keys into the base image which is not a great idea.
Does anyone have a solution to this that doesn't involve baking ssh keys into images or building locally?
Many thanks.
答案1
得分: 1
单个ssh密钥
如果你只有一个ssh密钥
,那么将其添加到Docker容器中的root
ssh路径(/root/.ssh/id_rsa
)应该足以成功拉取你的仓库。根据你的私有仓库所在的位置,你可能需要添加一些其他配置到.ssh
文件夹中。
多个ssh密钥
如果你有不同的ssh密钥
,我建议你为所有的仓库创建一个个人令牌。这样你就可以轻松解决问题。在获取之前,你应该更新git
的URL:
[参考链接:https://gist.github.com/shurcooL/6927554]
git config --global url."https://${GITHUB_TOKEN}:x-oauth-basic@github.com/".insteadOf "https://github.com/";
通过这个更改,你应该能够成功构建你的Docker容器。
使用一个vendor
工具可以帮助你解决这个问题。从go1.5
开始,vendoring功能可用。我们正在使用Glide,它只存储引用(而不是整个项目)。
英文:
single ssh-key
If you have only one ssh-key
, then adding it to the root
ssh-path in the Docker container (/root/.ssh/id_rsa
) should be enough to successfully pulling your repos. Depends where your private-repos are, you should probably add some other configs to the .ssh
.
multiple ssh-keys
If you have differents ssh-keys
I suggest you to create a personal token for all your repos. So you can resolve easily the problem. You should update the git
-url before getting:
[ taken from here: https://gist.github.com/shurcooL/6927554 ]
git config --global url."https://${GITHUB_TOKEN}:x-oauth-basic@github.com/".insteadOf "https://github.com/"
With this change, you should be able to build successfully your docker-container.
Using a vendor
-tool can help you solving this. From go1.5
the vendoring feature is at disposal. We are using Glide and it stores the references only (not the wholes projects).
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论