Dockerfile for cloning private git repo
RUN ssh-keyscan github.com >> ~/.ssh/known_hosts
The keyscan works great since it accepts the host. The following complete answer worked:
RUN mkdir -p /root/.ssh
RUN cp /var/my-app/id_rsa /root/.ssh/id_rsa
RUN chmod 600 /root/.ssh/id_rsa
RUN ssh-keyscan github.com >> /root/.ssh/known_hosts
Also as mentioned:
RUN ssh -v [email protected]
^ Great way to debug the flow. That's how I realized I needed the keyscan >> known_hosts
What's the output of the build process?
Random guess: try to chmod 600
the private key.
If it still doesn't work, try to RUN ssh -v [email protected]
(after adding the key); the output should explain what's happening.
(Will probably not fit your needs)
There is another approach: https://stackoverflow.com/a/29464430/990356
Go to Settings > Personal access tokens and generate a personal access token with repo
scope enabled.
Now you can do git clone https://[email protected]/user-or-org/repo
Pros:
- very simple approach
- token can be easily revoked
Cons:
- if someone has access to the Dockerfile he has access to the token
To fix this, you can use an environment variable to store the token