Dockerfile for cloning private git repo

RUN ssh-keyscan github.com >> ~/.ssh/known_hosts

The keyscan works great since it accepts the host. The following complete answer worked:

RUN mkdir -p /root/.ssh
RUN cp /var/my-app/id_rsa /root/.ssh/id_rsa
RUN chmod 600 /root/.ssh/id_rsa
RUN ssh-keyscan github.com >> /root/.ssh/known_hosts

Also as mentioned:

RUN ssh -v [email protected]

^ Great way to debug the flow. That's how I realized I needed the keyscan >> known_hosts

What's the output of the build process?

Random guess: try to chmod 600 the private key.

If it still doesn't work, try to RUN ssh -v [email protected] (after adding the key); the output should explain what's happening.

(Will probably not fit your needs)

There is another approach: https://stackoverflow.com/a/29464430/990356

Go to Settings > Personal access tokens and generate a personal access token with repo scope enabled. Now you can do git clone https://[email protected]/user-or-org/repo

Pros:

very simple approach
token can be easily revoked

Cons:

if someone has access to the Dockerfile he has access to the token

To fix this, you can use an environment variable to store the token

Dockerfile for cloning private git repo

Tags:

Docker

Ssh

Related

Recent Posts